On Thu, Mar 30, 2006 at 10:09:24AM -0800, Jim Fenton allegedly wrote: > There's a different situation for key records and > policy/practice/(petunia?) records. The choice of whether to use a new > RR or a TXT key record should be retrieved is something that can be > represented in the signature (the query type, q=, tag has been suggested > which makes sense).
As a practical matter, I don't see how this can actually work to eliminate the DKK then TXT sequence because you don't know the capabilities of the verifiers. Can they fetch DKK? No one knows. During transition, signers will be significantly at risk of not being verifiable if they just use q=dkk. Hence, most, if not all signers will likely use q=dkk,txt (or whatever the syntax is) to explicity tell the verifiers to try both, which in turn means the signer has to maintain both. The net result is that signers will all be saying try DKK and fall back to TXT. The only true advantage to being explicit with q= is that it lets TXT-only sites optimize away the failed DKK lookup, but it adds no value to signers supporting DKK. Mark. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html