On Apr 30, 2008, at 3:01 PM, Arvel Hathcock wrote: >>> This is where we are at present on the NXDOMAIN issue I believe >>> but others might have a different view. >> >> That's my impression, as well. >> >> What's the path towards settling this? > > I propose that the side advocating maintaining the NXDOMAIN check as > an actual algorithmic step agree to remove this from the algorithm > description in favor of placement somewhere else.
NXDOMAIN would remain a problem regardless where in the specification it is placed. : ( > I propose that the side advocating removal of the NXDOMAIN check > agree to language which makes this step AT LEAST a SHOULD and > preferably a MUST. How about: Recipients SHOULD check for the existence of SMTP discovery records, to confirm absence of ADSP. ADSP MUST provide recipient value from their checks. > This is a completely reasonable and sensible way to close the issue > IMO. > > We are down to the bare-bones of what many of us are able to accept > with regard to further fundamental changes. ADSP should declare protection for messages publicly exchanged over SMTP, instead of all public exchange protocols that might employ DKIM at some point in the future. The specification has failed to trim itself in a few important areas. ADSP should be limited to positive existence checks, and specific public exchange transports. -Doug _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html