On 6 February 2014 21:02, Viktor Dukhovni <[email protected]> wrote:
> I am not strongly advocating for this, more thinking out loud, in
> case the issue resonates with the group.
I saw it mentioned, but when I ran into a similar situation, I got
hung up with the normalization/canonicalization process.
Capitalization ('Mark' vs 'mark') and in other languages and Suffixes
([email protected] vs [email protected] and other configurable
characters) being the foremost.
No hashing allows a server to go to lengths to set up a DNS response
that matches their implementation (e.g. perhaps my suffix character is
'G') - hashing either takes that ability away from servers or creates
a way-too-complicated algorithm with unacceptable back-and-forth 'What
is your suffix character' queries.
I lean away from hashing, in favor of robust anti-spam solutions that
take into account things like sender DKIM and SMIME. That said, I also
recognize the value in trying not to decrease security (actual or
perceived) from what is actually deployed milter software.
-tom
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
