[ietf-dkim] Consensus check: Domain Existence Check
Steve Atkins
steve at blighty.com
Thu May 29 07:48:14 PDT 2008
On May 29, 2008, at 2:45 AM, Stephen Farrell wrote:
>
> There has been considerable debate in the past few weeks regarding the
> need for a check for domain existence in ADSP.
>
> I think we've had sufficient time for debating this, let's decide.
> Please respond to this by Friday June 6th.
>
> The text in question (from section 4.2.2 of draft-ietf-dkim-ssp-03)
> is as follows:
>
> 2. _Verify Domain Exists._ The host MUST perform a DNS query for a
> record corresponding to the Author Domain (with no prefix). The
> type of the query can be of any type, since this step is only to
> determine if the domain itself exists in DNS. This query MAY be
> done in parallel with the query made in step 2. If the result
> of
> this query is an "NXDOMAIN" error, the algorithm MUST terminate
> with an appropriate error.
>
> NON-NORMATIVE DISCUSSION: Any resource record type could be
> used for this query since the existence of a resource record
> of any type will prevent an "NXDOMAIN" error. MX is a
> reasonable choice for this purpose is because this record
> type
> is thought to be the most common for likely domains, and will
> therefore result in a result which can be more readily cached
> than a negative result.
>
> There are three options that have been actively discussed:
Modify.
(I might be talked into "keep", but "remove" would be a complete
non-starter.)
Cheers,
Steve
More information about the ietf-dkim
mailing list