Re: tree walking (was - Re: [ietf-dkim] user level ssp)
Jim Fenton <fenton@cisco.com> Thu, 07 September 2006 16:23 UTC
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GLMeb-0004Xm-Qg for ietf-dkim-archive@lists.ietf.org; Thu, 07 Sep 2006 12:23:01 -0400
Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GLMea-00020k-Cu for ietf-dkim-archive@lists.ietf.org; Thu, 07 Sep 2006 12:23:01 -0400
Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id k87GIc82008031; Thu, 7 Sep 2006 09:18:38 -0700
Received: from sj-iport-5.cisco.com (sj-iport-5.cisco.com [171.68.10.87]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id k87GIK0j007983 for <ietf-dkim@mipassoc.org>; Thu, 7 Sep 2006 09:18:20 -0700
Received: from sj-dkim-6.cisco.com ([171.68.10.81]) by sj-iport-5.cisco.com with ESMTP; 07 Sep 2006 09:17:59 -0700
X-IronPort-AV: i="4.08,226,1154934000"; d="scan'208"; a="318645482:sNHT33264228"
Received: from sj-core-3.cisco.com (sj-core-3.cisco.com [171.68.223.137]) by sj-dkim-6.cisco.com (8.12.11.20060308/8.12.11) with ESMTP id k87GHwhW012171; Thu, 7 Sep 2006 09:17:58 -0700
Received: from imail.cisco.com (sjc12-sbr-sw3-3f5.cisco.com [172.19.96.182]) by sj-core-3.cisco.com (8.12.10/8.12.6) with ESMTP id k87GHww7019427; Thu, 7 Sep 2006 09:17:58 -0700 (PDT)
Received: from [10.32.251.7] ([10.32.251.7]) by imail.cisco.com (8.12.11/8.12.10) with ESMTP id k87G8Tpi025696; Thu, 7 Sep 2006 09:08:29 -0700
Message-ID: <45004635.5080803@cisco.com>
Date: Thu, 07 Sep 2006 09:17:57 -0700
From: Jim Fenton <fenton@cisco.com>
User-Agent: Thunderbird 1.5.0.5 (Windows/20060719)
MIME-Version: 1.0
To: "Hallam-Baker, Phillip" <pbaker@verisign.com>
Subject: Re: tree walking (was - Re: [ietf-dkim] user level ssp)
References: <198A730C2044DE4A96749D13E167AD37D3F69B@MOU1WNEXMB04.vcorp.ad.vrsn.com>
In-Reply-To: <198A730C2044DE4A96749D13E167AD37D3F69B@MOU1WNEXMB04.vcorp.ad.vrsn.com>
X-Enigmail-Version: 0.93.2.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Authentication-Results: sj-dkim-6.cisco.com; header.From=fenton@cisco.com; dkim=pass ( sig from cisco.com verified; );
DKIM-Signature: a=rsa-sha1; q=dns; l=1601; t=1157645878; x=1158509878; c=relaxed/simple; s=sjdkim6002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=fenton@cisco.com; z=From:Jim=20Fenton=20<fenton@cisco.com> |Subject:Re=3A=20tree=20walking=20(was=20-=20Re=3A=20[ietf-dkim]=20user=20level=2 0ssp); X=v=3Dcisco.com=3B=20h=3Dm85C1chOLmZoPZqwzWc4DJ5o9+U=3D; b=p78hSOw7+VtJll6tJGHYkYLyml06d4Syz6f//DCSaDT9aZdB7UDcd1Cpw257UAj2lwmsKTxi KAEriqEnsgWLyXv7VqHsOjjp76lNDLLfYgYHp39f73retwX/73SzS74r;
X-Songbird: Clean, Clean
Cc: IETF-DKIM <ietf-dkim@mipassoc.org>
X-BeenThere: ietf-dkim@mipassoc.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF DKIM Discussion List <ietf-dkim.mipassoc.org>
List-Unsubscribe: <http://mipassoc.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@mipassoc.org?subject=unsubscribe>
List-Archive: <http://mipassoc.org/pipermail/ietf-dkim>
List-Post: <mailto:ietf-dkim@mipassoc.org>
List-Help: <mailto:ietf-dkim-request@mipassoc.org?subject=help>
List-Subscribe: <http://mipassoc.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@mipassoc.org?subject=subscribe>
Sender: ietf-dkim-bounces@mipassoc.org
Errors-To: ietf-dkim-bounces@mipassoc.org
X-SongbirdInformation: support@songbird.com for more information
X-Songbird-From: ietf-dkim-bounces@mipassoc.org
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 9466e0365fc95844abaf7c3f15a05c7d
Hallam-Baker, Phillip wrote: > The tree walking is definitely a liability to be discarded. > > Once tree walking is discarded however we have made an incompatible change and we should therefore address the other issues. In particular the use of punctuation syntax which is needlessly opaque and error-prone. > I, for one, am not concerned with compatibility of changes for SSP because I don't know of any significant deployed base for signing policy in DomainKeys. draft-allman-dkim-ssp-02 has already gotten rid of the punctuation syntax. Let me know what you think. > Even with a custom RR it will be necessary to have a macro processor to generate wildcard records for existing nodes. > The limited (1-level) upward search in draft-allman-dkim-ssp-02 is an attempt to relieve the need to publish SSP records to accompany all (for example) A records in a domain. I don't particularly like having to search up even one level, but this seemed like a reasonable tradeoff to me. > Use of custom RRs will not work with the Windows 2003 DNS server at an acceptable level. The server can be coaxed to emit the data but it is not possible to enter it using the standard administration interface and the server does not save the custom RR data. > That's one data point; I don't know what the deployment share of various DNS servers is but hopefully that information is available somewhere. We also need to consider the consequences of not being able to publish SSP records; it doesn't prevent DKIM deployment, but provides a little less information to verifiers. -Jim _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
- RE: tree walking (was - Re: [ietf-dkim] user leve… Hallam-Baker, Phillip
- RE: tree walking (was - Re: [ietf-dkim] user leve… Bill.Oxley
- Re: tree walking (was - Re: [ietf-dkim] user leve… Jim Fenton