[ietf-dkim] Fwd: Re: New Issue: protecting a domain name vs.protecting a domain tree
John Levine
johnl at iecc.com
Fri Apr 11 10:09:29 PDT 2008
>This is one of the reasons that I raised the question of whether it
>is possible to find the "base" domain (not TLD) that the organization
>controls.
You can't. There's nothing in the DNS that lets you determine what
organization is responsible for what entries. Some people claim you
can do it from zone boundaries but for a variety of reasons they are
mistaken.
> If this is not possible to do then I don't know that non-existent
> sub-domains can be protected by DKIM/ADSP.
Right. Hence my suggestion that we not try, and just remind people
that non-existent domains are an issue they can already deal with if
they want to.
R's,
John
More information about the ietf-dkim
mailing list