[ietf-dkim] Consensus check: Domain Existence Check

Thu May 29 09:03:17 PDT 2008

modify (though I only slightly prefer that to keep)

> Date: Thu, 29 May 2008 10:45:22 +0100> From: stephen.farrell at cs.tcd.ie> To: ietf-dkim at mipassoc.org> Subject: [ietf-dkim] Consensus check: Domain Existence Check> > > There has been considerable debate in the past few weeks regarding the> need for a check for domain existence in ADSP.> > I think we've had sufficient time for debating this, let's decide.> Please respond to this by Friday June 6th.> > The text in question (from section 4.2.2 of draft-ietf-dkim-ssp-03)> is as follows:> > 2. _Verify Domain Exists._ The host MUST perform a DNS query for a> record corresponding to the Author Domain (with no prefix). The> type of the query can be of any type, since this step is only to> determine if the domain itself exists in DNS. This query MAY be> done in parallel with the query made in step 2. If the result of> this query is an "NXDOMAIN" error, the algorithm MUST terminate> with an appropriate error.> > NON-NORMATIVE DISCUSSION: Any resource record type could be> used for this query since the existence of a resource record> of any type will prevent an "NXDOMAIN" error. MX is a> reasonable choice for this purpose is because this record type> is thought to be the most common for likely domains, and will> therefore result in a result which can be more readily cached> than a negative result.> > There are three options that have been actively discussed:> > a. Keep. Retain the current text as-is.> > b. Modify, i.e. keep, but with a different set of records. It was> suggested that the current NXDOMAIN is incorrect, and that MX, A, and> AAAA records for the domain should be queried, with the existence of> any of these records indicating a domain that is potentially used for> email. If we have consensus for this option, then we may well need a> subsequent poll to decide the details.> > c. Remove. Remove the text as being out of scope for the ADSP> specification. Some text may need to be added pointing out the need for> a domain existence check elsewhere. If the consensus is for removal,> then we should consider what, if anything, the specification should> refer to for performing the domain existence check.> > Please just answer "keep", "modify", or "remove" in this thread, and use> a different subject line for any discussion.> > Thanks,> Stephen.> > > > > _______________________________________________> NOTE WELL: This list operates according to > http://mipassoc.org/dkim/ietf-list-rules.html
_________________________________________________________________
Keep your kids safer online with Windows Live Family Safety.
http://www.windowslive.com/family_safety/overview.html?ocid=TXT_TAGLM_WL_Refresh_family_safety_052008
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mipassoc.org/pipermail/ietf-dkim/attachments/20080529/937e7c17/attachment.html