>> The most likely issue would be that the TXT records don't fit in a 512 byte >> response packet which is a problem for some cruddy middleboxes. > > that was exactly the reason I started using 4k keys. I wanted to make sure > at least my infrastructure could handle DNS over TCP everywhere.
That's nice, but I don't see what that has to do with interoperating with the rest of the world whose DNS does what it does. > Do you think, the DKIM specification should be more detailed on this pros and > cons? No, the advice to use 2K keys will be reasonable for the forseeable future even for very infrequent rotation. R's, John _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html