[ietf-dkim] Jim's issues - one more try
fenton at cisco.com
Mon Jun 11 22:07:45 PDT 2007
Just for the record:
Stephen Farrell wrote:
> (1) Use of XPTR records for SSP. The idea here is to create a more
> general policy mechanism that can be used by WS-* and such. There
> were about 20 messages discussing this from 5 people. I'm not reading
> a clear consensus on this.
> Issue#1: +1 - include use of XPTR as part of ssp-00
> Issue#1: -1 - exclude use of XPTR from ssp-00
Rationale: XPTR is mostly for making the SSP mechanism more extensible
for expressing other sorts of policy. It requires an additional lookup,
the other things it deals with are outside the scope of DKIM, and this
issue of general policy and extensibility is better dealt with by the
DNSEXT working group.
> (2) SSP record type (TXT vs. something new). Only 4 messages in
> discussion, mostly saying "if you support TXT, don't bother with
> anything else." Again, no clear consensus.
> Issue#2: +1 - Define how to use a TXT RR for SSP policies (with or
> without something else)
> Issue#2: -1 - Don't use TXT at all, only use new RRs for SSP
Rationale: I think that using a new RR is the right thing to do, but I
don't know all of the deployment issues.
> (3) Upward query vs. wildcard publication. 27 messages in discussion
> from 15 people. Most of the discussion was a rehash of the idea of
> associating semantics with DNS zone-cuts, which we had already
> discussed and rejected. I have also been trying to get an opinion
> from DNSOP on the idea of a one-level upward search (which I think
> solves 90% of the problem), but haven't gotten any response.
> Issue#3: +1 - Define an upward query based approach to finding SSP
> Issue#3: -1 - Define a wildcard based approach to finding SSP
Rationale: Required to support TXT RR (what I think is what we'll end
up with). Even with a new RR, it avoids the need to publish an
additional new-RR record to go with every other label in the zone to
deal with the characteristics of DNS wildcarding.
More information about the ietf-dkim