[ietf-dkim] Delegated signatures in real life
ietf-dkim at kitterman.com
Wed Aug 30 04:46:00 PDT 2006
On Wed, 30 Aug 2006 00:38:30 +0100 Stephen Farrell
<stephen.farrell at cs.tcd.ie> wrote:
>Does anyone have a real example of such an outfit and their specific
>requirements? Not doubting they exist, but it'd be nice to see as
>realistic an example as John posted.
I think it's difficult to respond to this the way John did. I think my
last note to him about providers not supporting NS delegation is a partial
answer to your question.
In addition, I would also note that it is extremely easy in a group like
this to lose track of how non-technical many domain owners are today. I've
helped several hundred people with getting SPF records published and with
SPF related e-mail issues over the last two years (JFTR, only a handful
were related to the forwarding 'problem' so feared in more technical
circles) and so I think I have a reasonable experience base to understand
this class of user.
Starting from my sending a message that says something like:
'You need to publish a TXT record in you public DNS for example.com that
says 'foo'. You will need to ask your DNS provider how to do this with
their system or to do that for you."
The most common follow-up questions I get are:
"My provider says they don't support that. What do I do now?"
"What is DNS?"
"How do I do that" - these run their own, but can't figure it out.
Because of the first one, I now just figure it out with Dig and tell them
assuming they won't know. No one has ever complained about this.
The second one led to me maintaining http://www.kitterman.com/spf/txt.html.
The third one is (with one exception that was Mac OS 9) always windows DNS
so I have a canned response.
That's exemplary of what we are up against in the user base for small
More information about the ietf-dkim