> One of several problems with that Note is, again, the use of plural where > singular works better. The original text also is overly broad and, > consequentially, ambiguous. So: > > <t > hangText="NOTE:"> The use of a wildcard TXT record > that covers a queried DKIM domain name will produce a > response to a DKIM query that is unlikely to be valid > DKIM key record. This problem is not specific to DKIM > and applies to many other types of queries. Client > software that processes DNS responses needs to take > this problem into account.</t> > > But note that the final sentence is meaningless, since it provides no guidance > about what it means to "take this problem into account". And the answer isn't > obvious. For example, I have no idea what a DKIM implementer should do to > satisfy this caution.
Not only is it confusing, it's wrong. Wildcard records work just fine when the wildcard is below the _domainkey label, e.g. *.foo._domainkey.example. They work less fine in other cases. The advice is presumably that clients should be prepared to receive and ignore a TXT key record that isn't syntactically valid, but that's just good defensive programming with or without wildcards. R's, John _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
