[ietf-dkim] protecting domains that don't exist
Dave Crocker
dhc at dcrocker.net
Mon Apr 14 13:02:25 PDT 2008
Sorry for being confused, but I now can't tell whether the focus is on an
NXDomain for the _adsp.<domain> string that is queried for ADSP, or the <domain>
name to which it is associated.
These are separate queries.
d/
Wietse Venema wrote:
> Frank Ellermann:
>> <robert at barclayfamily.com> wrote:
>>
>>> Would it be better if "error" were a specifically defined
>>> result in addition to "unknown" / "all" / "discardable"?
>> The fourth bullet in chapter 3.2 "ASP results" offers "the
>> domain does not exist" after "unknown"/"all"/"discardable".
>>
>> I-D.kucherawy-sender-auth-header chapter 2.4.2 "ASP results"
>> lists this as "nxdomain". IMHO good enough, or do you have
>> something else in mind ? Let's s/ASP/ADSP/g + WGLC, s.v.p.
>
> Sounds reasonable. I expect many will implement NXDOMAIN as a
> fourth ADSP lookup result in some way or another.
>
> This explains more easily than my earlier claim (an NXDOMAIN result
> cannot correspond with one of "unknown" / "all" / "discardable").
>
> Wietse
> _______________________________________________
> NOTE WELL: This list operates according to
> http://mipassoc.org/dkim/ietf-list-rules.html
>
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
More information about the ietf-dkim
mailing list