Steve Atkins wrote:
> On Jun 16, 2009, at 2:35 PM, Michael Thomas wrote:
>>
>> 1) People saying that d= is THE IDENTIFIER are overloading the
>> value: d= a routing
>> label to a particular DNS subtree. Whether it has anything to do
>> with THE
>> IDENTIFIER is purely coincidental. The assumption that these two
>> functions are
>> identical is bogus. i= was supposed to be this stable value
>> detached from the
>> mechanical DNS routing function.
>
> Are you confusing the d= value and the DNS node (including selectors and
> suchlike) that the public key lives at?
No. d= is just the locater to that node.
> The d= value has been the persistent identifier for the signer since
> day one,
> while the i= value is a more specific value that the signer can
> optionally use.
No, it's the other way around. i= *always* has a value, even if it's
not present; it's not "optional" in the way you're using the word.
> Given that the RHS of i= is either identical or a subdomain of d= it's
> nonsensical
> to consider i= more stable than d=, as i= must change if d= does.
I never said anything about "stability". I said that the two aren't
same. i= can be something like mojave.skunkworks.megacorp.com where
d= is just megacorp.com, because it's impossible at megacorp.com to
implement DNS subdomains. This isn't about stability, it's about having
identifiers that match the *mail identity* infrastructure that you'd
like to implement. That shouldn't be constrained by the accident of
routing to the selectors of whatever DNS infrastructure megacorp.com
is stuck with.
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
