[ietf-dkim] Delegated signatures in real life
Scott Kitterman
ietf-dkim at kitterman.com
Wed Aug 30 04:18:00 PDT 2006
On Tue, 29 Aug 2006 18:17:51 -0400 (EDT) John L <johnl at iecc.com> wrote:
>Senders already use NS delegation to let third parties put on first party
>DK signatures. It works. It's popular. There is no need to invent
>another way to solve this solved problem.
For small domain owners with outsourced DNS this isn't necessarily going to
be available. So it depends on how broadly you care to have DKIM
available/deployable.
I don't have broad statistics for this, but based on the providers I use
that provide DNS services:
Two registrars: neither support
One dedicated DNS provider: Does not support
One domain host: Does support
Based on my limited sampling, I'm not optimistic the NS delegation is THE
answer. This doesn't point to any particular DNS or policy approach as an
alternative. I do think it exemplifies that SOME alternative is needed.
Scott K
More information about the ietf-dkim
mailing list