According to my DNS admin
"Why are you putting all that crap in DNS? The MTA can do that!! Or use
a web page!"
Just passing along a reaction I got.
Thanks,
Bill Oxley
Messaging Engineer
Cox Communications, Inc.
Alpharetta GA
404-847-6397
[EMAIL PROTECTED]
-Original Message-
From:
On Fri, 28 Jul 2006, Stephen Farrell wrote:
Folks,
We all (or almost all) seem to be assuming that the DNS is the
place to put SSP stuff.
DNS is not the right place to put public keys either - its been
shown here many that it makes DNS systems vulnerable to attack when
you put such large rec
> We all (or almost all) seem to be assuming that the DNS is the
> place to put SSP stuff.
>
> I just wanted to raise the question to see if that's a requirement
> or just a near-accidental part of the current design proposals.
I suppose that since the rest of DKIM is in DNS it seems logical to p
[EMAIL PROTECTED] wrote:
> According to my DNS admin
> "Why are you putting all that crap in DNS? The MTA can do that!! Or use
> a web page!"
The 'stuff' is to be queried, so the mechanism that must be used is a query
service.
1. An MTA does not provide a query service, so I do not understand
>So is using the DNS in fact necessary? If it is, we may need text
>that explicitly says why at some stage.
I think we're all presuming that if a receipient uses SSP, it'll be
doing a query per message to fetch the SSP info for that message. If
we expect the query to be small enough that the quer
Stephen Farrell wrote:
>
> Folks,
>
> We all (or almost all) seem to be assuming that the DNS is the
> place to put SSP stuff.
>
> I just wanted to raise the question to see if that's a requirement
> or just a near-accidental part of the current design proposals.
Let me suggest that it will b
> [mailto:[EMAIL PROTECTED] On Behalf Of John Levine
> I'm hoping that we can constrain the SSP info to a modest
> number of bits, so DNS is is. If SSP bloats up to the point
> where it doesn't fit in 512, then it's http.
I think that if we follow the approach that the policy record specifies
> Sent: Friday, July 28, 2006 4:22 PM
> To: 'John Levine'; ietf-dkim@mipassoc.org
> Subject: RE: [ietf-dkim] Requirements on where/how SSP stuff
> is published...
>
>
> > [mailto:[EMAIL PROTECTED] On Behalf Of John Levine
>
> > I'm hoping that we
Stephen Farrell wrote:
>
> Folks,
>
> We all (or almost all) seem to be assuming that the DNS is the
> place to put SSP stuff.
>
> I just wanted to raise the question to see if that's a requirement
> or just a near-accidental part of the current design proposals.
>
> So is using the DNS in fact nec
Jim Fenton wrote:
> Stephen Farrell wrote:
> I'll throw out a few generic requirements:
Jim, these all look pretty reasonable, but they are all about the mechanism
rather than being about sender signing practices, per se.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_
- Original Message -
From: "Dave Crocker" <[EMAIL PROTECTED]>
To: "Jim Fenton" <[EMAIL PROTECTED]>
>> Jim Fenton wrote:
>> I'll throw out a few generic requirements:
>
> Jim, these all look pretty reasonable, but they are all about
> the mechanism rather than being about sender signing p
Dave Crocker wrote:
> Jim Fenton wrote:
>
>> Stephen Farrell wrote:
>> I'll throw out a few generic requirements:
>>
>
> Jim, these all look pretty reasonable, but they are all about the mechanism
> rather than being about sender signing practices, per se.
>
Sure. I was responding to St
On Sat, 2006-07-29 at 23:26 -0400, Hector Santos wrote:
> - Definition should expose the following DKIM signer attributes:
>
> - List of allowable 3PS signers
The term third-party signer should not be used to avoid confusion with
designated signing domains and non-designated domains. The lis
- Original Message -
From: "Douglas Otis" <[EMAIL PROTECTED]>
> It makes little sense to indicate "sometimes expected." How
> would that be useful?
First, lets keep in mind that "sometimes" or the neutral policy is currently
the DKIM-BASE default behavior. It is also the default policy
Dave Crocker wrote:
Stephen Farrell wrote:
Folks,
We all (or almost all) seem to be assuming that the DNS is the
place to put SSP stuff.
I just wanted to raise the question to see if that's a requirement
or just a near-accidental part of the current design proposals.
Let me suggest
Dave Crocker wrote:
Jim Fenton wrote:
Stephen Farrell wrote:
I'll throw out a few generic requirements:
Jim, these all look pretty reasonable, but they are all about the mechanism
rather than being about sender signing practices, per se.
True, but we do need to get both discovery
16 matches
Mail list logo
