On Oct 15, 2010, at 10:58 AM, Barry Leiba wrote: > On Fri, Oct 15, 2010 at 1:27 PM, Hector Santos <hsan...@isdg.net> wrote: >> Murray S. Kucherawy wrote: >> >>>> I appreciate the desire to put more information in there to help, but >>>> we really can't be writing a tutorial on managing DNS records. >>> >>> +1. However, I'd be fine with adding some informative guidance to DKIM >>> implementers reflecting current experience, something like: "The use of >>> wildcard TXT records in the DNS often result in something coming back >>> from a query that isn't a valid DKIM key record (and ADSP will encounter >>> the same thing). Verifiers should expect this to occur and plan >>> accordingly." >> >> Thank you Murray. Something small and sweet will be useful, and your >> text is good enough. > > Good; we have a start. Will others please indicate support (or not) > for adding this or similar text ?
I'm not sure whether wildcard records is relevant to the spec - that's more of a "development, deployment and operations" issue, I think. As a verifier implementor I'm not that interested in why someone is publishing bogus key records as I am in what I should do about them (fail if any are invalid, fail if there are multiple, check all of them and pass if any are valid...) - what's an appropriate response from the verifier in the case that the TXT records returned are unexpected. So the existing wording is harmless, and I'd support adding it, but something a little bit more prescriptive might be better. Cheers, Steve _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html