On Tue, Feb 10, 2009 at 12:23:02PM -0500, Hector Santos wrote:
> Jeff Macdonald wrote:
>>
>> d=good.rep.example.net or
>> d=bad.rep.example.net
>>
>> do not assume that those identifiers mean "good" and "bad". Good and
>> bad could be the names of two different companies. A signer could sign
>> like this instead:
>>
>> d=53302.rep.example.net or
>> d=9999.rep.example.net
>>
>> and this would enforce to the verifier that no meaning should be placed
>> on what d= contains.
>>
>> d= is just an identfier that is used to look up the public key
>
>
> Jeff,
>
> It a DNS DOMAIN and a DNS DOMAIN is a well defined entity. And this d=
> DNS DOMAIN must match the 2822 (DNS) Domain.
yes, in my examples, {good,bad}.rep.example.net are valid DNS domains.
> It is well forth, bloody, scared specific 1st PARTY only signing
> requirement.
I don't understand what you are saying here. d= can have domains that
are considered by some to be 3rd party too.
> It does not lack clarity. It is not obtuse, it is not "hard to
> understand or explain," nor is it unintelligible, and it is certainly
> not opaque.
I think we all agree that d= is a domain. The spirit of using the word
opaque was to mean "don't read into what that domain may represent".
--
Jeff Macdonald
jmacdon...@e-dialog.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
