On January 23, 2017 10:52:06 AM EST, John Levine <jo...@taugh.com> wrote: >>As I recall there are issues using keys bigger than 1024 bits because >>construction and/or correct interpretation of TXT records that contain >keys >>of that size or bigger has been problematic due to DNS provisioning >>software that does the former wrong and DKIM verifiers that do the >latter >>wrong. > >I entirely believe that the provisioning crudware gets it wrong, but I >haven't heard of verifiers that don't handle multiple TXT strings. > >Are you thinking of any specific ones?
In the context of SPF, this has been an occasional problem. Despite RFC 7208 (and RFC 4408 and I think all the non-IETF specs that came before) specifically specifying that multiple TXT strings should be concatenated, I've seen cases where some implementation insisted a space be added between the strings. It's been awhile since I've seen this, so it may not be a problem anymore. There is no obviously correct thing that someone won't screw up. It's probably better to specify how to put multiple strings together. RFC 7208 has words that can probably be reused without modification. Scott K _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
