At 14:15 28-02-2008, Murray S. Kucherawy wrote:
>On Thu, 28 Feb 2008, Florian Sager wrote:
> > Thanks for this reminder, I forgot about this draft: maybe section 4.1
> > can be extended by s.th. like "a Reports are requested for passed
> > signatures inside mails with suspicious content". The same
John Levine wrote:
> [ resent with reasonable MIME headers ]
>
> This note seems relevant to DKIM. This draft says, predictably, that
> the way you add new data types to the DNS is with a new RR type, and
> all other approaches are ill-advised.
>
> It also says that DNS tree climbing is always bad
>> It also says that DNS tree climbing is always bad. We might want to
>> reconsider whether the small amount of tree climbing specified in -03
>> is worth the hassle it will doubtless cause on the route from final
>> draft to RFC.
> After implementing this, I can say that it seems to be mostly w
John Levine wrote:
>
> The question is whether that small amount of coverage is worth the
> pushback we will certainly get from the IAB when they see the tree
> crawling in our draft. If bad guys know that foo.cisco.com is covered,
> why won't they just use foo.bar.cisco.com instead?
>
Grea
John Levine wrote:
> I believe that it works to the extent that it covers immediate subdomains
> of the domain for which you're publishing an SSP/ASP record.
>
> The question is whether that small amount of coverage is worth the
> pushback we will certainly get from the IAB when they see the t
John Levine wrote:
> This note seems relevant to DKIM. This draft says, predictably, that
> the way you add new data types to the DNS is with a new RR type, and
> all other approaches are ill-advised.
>
> It also says that DNS tree climbing is always bad. We might want to
> reconsider whether the