[ietf-dkim] New Issue: Use of XPTR records in SSP
Jim Fenton <fenton@cisco.com> Tue, 17 April 2007 06:28 UTC
Return-path: <ietf-dkim-bounces@mipassoc.org>
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HdhBN-0007nL-Qy for ietf-dkim-archive@lists.ietf.org; Tue, 17 Apr 2007 02:28:53 -0400
Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HdhBL-0001dp-Pw for ietf-dkim-archive@lists.ietf.org; Tue, 17 Apr 2007 02:28:53 -0400
Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l3H6QdfU003238; Mon, 16 Apr 2007 23:26:57 -0700
Received: from sj-iport-6.cisco.com (sj-iport-6.cisco.com [171.71.176.117]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l3H6OtId002720 for <ietf-dkim@mipassoc.org>; Mon, 16 Apr 2007 23:24:58 -0700
Received: from sj-dkim-4.cisco.com ([171.71.179.196]) by sj-iport-6.cisco.com with ESMTP; 16 Apr 2007 23:24:47 -0700
X-IronPort-AV: i="4.14,417,1170662400"; d="scan'208"; a="136680355:sNHT43666983"
Received: from sj-core-1.cisco.com (sj-core-1.cisco.com [171.71.177.237]) by sj-dkim-4.cisco.com (8.12.11/8.12.11) with ESMTP id l3H6OlOn006830 for <ietf-dkim@mipassoc.org>; Mon, 16 Apr 2007 23:24:47 -0700
Received: from xbh-rtp-201.amer.cisco.com (xbh-rtp-201.cisco.com [64.102.31.12]) by sj-core-1.cisco.com (8.12.10/8.12.6) with ESMTP id l3H6OjMF027454 for <ietf-dkim@mipassoc.org>; Tue, 17 Apr 2007 06:24:47 GMT
Received: from xfe-rtp-202.amer.cisco.com ([64.102.31.21]) by xbh-rtp-201.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 17 Apr 2007 02:24:44 -0400
Received: from [10.71.2.62] ([10.86.242.136]) by xfe-rtp-202.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 17 Apr 2007 02:24:44 -0400
Message-ID: <462415FC.9000807@cisco.com>
Date: Mon, 16 Apr 2007 17:34:04 -0700
From: Jim Fenton <fenton@cisco.com>
User-Agent: Thunderbird 1.5.0.10 (Macintosh/20070221)
MIME-Version: 1.0
To: "ietf-dkim@mipassoc.org" <ietf-dkim@mipassoc.org>
X-Enigmail-Version: 0.94.3.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 17 Apr 2007 06:24:44.0612 (UTC) FILETIME=[16F9C040:01C780B9]
DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; l=1638; t=1176791087; x=1177655087; c=relaxed/simple; s=sjdkim4002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=fenton@cisco.com; z=From:=20Jim=20Fenton=20<fenton@cisco.com> |Subject:=20New=20Issue=3A=20Use=20of=20XPTR=20records=20in=20SSP |Sender:=20; bh=R7iRpWL6l5cgi6MRSlFvSSVFnTzRWDPckbBrAWcJP2g=; b=uaKavRKBTPTii+TuVux5tHFAaDlHHFo3ehTubDODHnWvXBhRhV4XXaDNZG0259r3FzH2JXWc xTIUVkS8XaGtiHHIr3QbOJze6L47QOXjwP36NwzBGCKH52ipJ3Q5Shaz;
Authentication-Results: sj-dkim-4; header.From=fenton@cisco.com; dkim=pass ( sig from cisco.com/sjdkim4002 verified; );
X-Songbird: Clean, Clean
Subject: [ietf-dkim] New Issue: Use of XPTR records in SSP
X-BeenThere: ietf-dkim@mipassoc.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF DKIM Discussion List <ietf-dkim.mipassoc.org>
List-Unsubscribe: <http://mipassoc.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@mipassoc.org?subject=unsubscribe>
List-Archive: <http://mipassoc.org/pipermail/ietf-dkim>
List-Post: <mailto:ietf-dkim@mipassoc.org>
List-Help: <mailto:ietf-dkim-request@mipassoc.org?subject=help>
List-Subscribe: <http://mipassoc.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@mipassoc.org?subject=subscribe>
Sender: ietf-dkim-bounces@mipassoc.org
Errors-To: ietf-dkim-bounces@mipassoc.org
X-SongbirdInformation: support@songbird.com for more information
X-Songbird-From: ietf-dkim-bounces@mipassoc.org
X-Spam-Score: 0.5 (/)
X-Scan-Signature: 7baded97d9887f7a0c7e8a33c2e3ea1b
This is the first of a few issues that come in trying to rationalize at least two of the SSP proposals, draft-hallambaker-dkimpolicy-00 and draft-allman-dkim-ssp. I'd like to keep the issues separate, because I think they're largely independent, so please respond in kind if at all possible. ===== Phill Hallam-Baker has proposed the publication of a new PTR-like RR type, tentatively called XPTR, in order to improve the scalability of the SSP mechanism to a large number (~1000?) of additional types of policy in the future. To look up the signing policy of example.com, the sequence would be: 1. Query for XPTR record for example.com. If result is an NXDOMAIN error, the domain does not exist. If result is a NODATA error, either the policy or the domain does not exist. 2. Query for [RRtype TBD; separate issue] record for _dkimpolicy.{result of XPTR query}; policy record is stored at that location. Argument Pro: Supports a potentially very large number of policies, as might be needed for WS-* (for example) in the future. Permits a central point of control and modification for policies relating to different classes of nodes in the domain. Argument Con: Requires an additional lookup per query; other types of policy are out of scope for the WG. My personal opinion is along the lines of "Argument Con", that it is not up to the DKIM Working Group to define a fully general policy mechanism. There may be good arguments for IETF to charter some work in this area, but that's a much larger question than this WG and undoubtedly a much more time-consuming one as well. -Jim _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
- [ietf-dkim] New Issue: Use of XPTR records in SSP Jim Fenton
- Re: [ietf-dkim] New Issue: Use of XPTR records in… Scott Kitterman
- Re: [ietf-dkim] New Issue: Use of XPTR records in… Douglas Otis
- [ietf-dkim] Re: New Issue: Use of XPTR records in… Frank Ellermann
- Re: [ietf-dkim] New Issue: Use of XPTR records in… Jim Fenton
- Re: [ietf-dkim] Re: New Issue: Use of XPTR record… Jim Fenton
- Re: [ietf-dkim] New Issue: Use of XPTR records in… Jim Fenton
- Re: [ietf-dkim] New Issue: Use of XPTR records in… Scott Kitterman
- Re: [ietf-dkim] New Issue: Use of XPTR records in… Scott Kitterman
- Fwd: [ietf-dkim] New Issue: Use of XPTR records i… Steve Atkins
- Re: [ietf-dkim] New Issue: Use of XPTR records in… Douglas Otis
- [ietf-dkim] Re: New Issue: Use of XPTR records in… Frank Ellermann
- Re: [ietf-dkim] Re: New Issue: Use of XPTR record… Douglas Otis
- Re: [ietf-dkim] Re: New Issue: Use of XPTR record… Scott Kitterman
- Re: [ietf-dkim] Re: New Issue: Use of XPTR record… Douglas Otis
- RE: [ietf-dkim] New Issue: Use of XPTR records in… Hallam-Baker, Phillip
- RE: [ietf-dkim] New Issue: Use of XPTR records in… Hallam-Baker, Phillip
- RE: [ietf-dkim] Re: New Issue: Use of XPTR record… Hallam-Baker, Phillip
- Re: [ietf-dkim] Upper LeveL Domain Douglas Otis
- Re: [ietf-dkim] New Issue: Use of XPTR records in… Scott Kitterman
- [ietf-dkim] Re: New Issue: Use of XPTR records in… Frank Ellermann