Barry Leiba wrote:
> On Thu, Oct 14, 2010 at 12:45 AM, SM <s...@resistor.net> wrote:
>> At 17:31 13-10-10, Hector Santos wrote:
>>> My proposal to add more informative notes to help minimize this for
>>> the systems with the lack of DNS admin expertise on board. In
>>> particular for those with currently one existing need for a TXT record
>>> and that is SPF and incorrectly believe since its a TXT record, adding
>>> the DKIM public key data to it will work.
>> There is an assumption that people managing DNS zones will have a
>> basic understanding of DNS. �I don't think that the DKIM
>> specification should get into badly designed GUIs.
>
> I agree, more generally, that the DKIM spec can't tell people the
> right way to manage their DNS records. DKIM already separates its TXT
> records with the "_domainkey" identifier, as SPF does with _spf. If,
> given that separation, people still merge the TXT records and whatnot,
> that problem's well beyond the scope of our work to fix.
>
> I appreciate the desire to put more information in there to help, but
> we really can't be writing a tutorial on managing DNS records.
I missed your statement above:
....... as SPF does with _spf.
SPF is a no prefix lookup.
This is why it became a conflict because its possible domains are
using wildcards and in at least in one case discovered today, Network
Solutions does not allow you to add a TXT record without a sub-domain.
You have to get around it with an asterisk (*) and it shows it as
"All Others".
Maybe related, but I have not checked, does 4871 talk about parsing
multiple records looking for the "v=DKIM1" string?
If not, then this is needs to be written about because if we don't
want to see anything about wildcard SPF records, then we have
implementations that will need to change their wares to only parse the
v=DKIM1 string.
--
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
