[mail-vet-discuss] DKIM dependency
Michael Thomas
mike at mtcc.com
Wed Oct 8 15:32:39 PDT 2008
Dave CROCKER wrote:
>
> Tony Hansen wrote:
>> It has the side effect of tying A-R more closely to DKIM, which can be
>> considered a good or bad thing.
>
>
> Good point.
>
> Folks should be explicit about making and documenting this choice:
>
> Is the information being provided about DKIM or about a validated domain
> name?
>
> These are not the same. The latter is generic and flexible. The former is,
> well... tied to a specific mechanism.
>
> As spiffy as that mechanism is, it is generally a good idea to avoid linkages
> that aren't necessary.
As currently written, the ar draft isn't about "validating the domain
name". It's about conveying the results of individual protocols'
authentication juicy bits, which may involve domain names but may
not. For example, the smtp-auth part of the ar draft isn't _just_ about
domain name part of the 822 address; it's making an even stronger
statement. IIRC, there's a IP address validation part which doesn't
have anything at all to do with domain name.
In general, I'm very skeptical about broad, overarching kinds of designs
which try too hard to "unify" concepts across multiple designs which
didn't have a concept of anything overarching in their design.
AR could be useful if it sticks to conveying the interesting protocol
bits downstream. Trying to abstract beyond that is at the very least
chucking interesting protocol particulars and at worst is a trip down a
navel gazing rat hole.
Mike
More information about the mail-vet-discuss
mailing list