On Fri, 13 Mar 2015, John Levine wrote:
future RRs that use hashed mailboxes to use the same name?<hash>._mailbox.domain
I expect we will end up with conventional kludges to deal with the reality that systems treat mailbox names as case independent, e.g., publish the hash of the name as normally capitalized, but also publish a CNAME at the hash of the name with everything in lower case. (This doesn't work very well for non-ASCII names. It's a kludge, but like all kludges, it'll work better in practice than in theory.) With one name, we only need to do one kludge per mailbox, rather than the product of the number of mailboxes and the number of RR types.
I can see how two different sysadmins administer the _openpgpkey and the _smimecert zones possibly even running on different nameservers. Like the smime one on Microsoft and the openpgp one on Linux.
PS: The payment record draft that showed up a few days ago uses _pmta, but again, same mailbox, should be at the same name.
If we really want a "user" to have their own private "space" inside the DNS, we should really give the user their own zone so they are the only ones signing for it. So then <hash>._mailbox.domain should have an NS record. That might be a good idea, but very much out of scope here. Paul ps.Don't tell me you want to start running ANY queries against <hash>._mailbox.domain :) _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
