On Thu, 11 Oct 2007, Dan Mahoney, System Admin wrote:
> And you just know there are people out there who are running old
> verifiers. I had figured now that there was an official rfc and such,
> that we'd stop doing the "this week's draft" dance.
The DKIM RFC doesn't contain anything about sender signing practises (SSP)
except perhaps a reference that we need something like it. That was
deliberately separated from DKIM itself because it was too contentious,
and insisting on including it all at once would mean DKIM would not be an
RFC yet.
So it's not the DKIM RFC that's changing (RFCs don't change, they get
replaced), it's the DKIM SSP draft which is going through revisions as a
result of discussion within the DKIM working group at IETF on its way to
becoming an RFC. In fact I just less than an hour ago e-mailed a proposed
amendment to the SSP draft that came out last month.
dkim-milter for a while was using the SSP defined by DomainKeys only
because there wasn't anything else, not because it was necessarily the
right or permanent thing to do.
> Is there an "official site" for the DKIM spec? An "official" mailing
> list, such that one can be made aware of any changes which affect the
> spec? (besides this one, which of course, is just about the milter). Or
> are we expected to pore over and diff draft after draft to find out what's
> now deprecated?
There are several lists based here:
http://mipassoc.org/mailman/listinfo
A few of them are closed to developers and interoperators only, but
ietf-dkim is quite public and that's where the working group discussions
take place (other than at the IETF conferences, the next of which will be
in December). Be warned though that it gets pretty esoteric and sometimes
mired in IETF policy and procedure rather than technical substance; if all
you want is updates to the draft, you might want to consider just the
announce list or the digest version of that list.
Also, I try to publish new versions of dkim-milter on the heels of any new
draft with substantive technical changes. You could probably consider any
dkim-milter release to be worth a look at the drafts to see if they've
changed.
I would also counsel that drafts are just that. They should be considered
experimental, subject to change, etc. They are meant to convey a
specification but with nothing more serious than "Hey, what do you think
of this?" or "Let's all try this and see how it works" in terms of its
status or weight. Relying on drafts, especially young ones, for
particularly mission-critical operations isn't an entirely safe thing to
do.
I updated the Authentication-Results: draft some time ago and in fact none
of the sender authentication filters I maintain on SourceForge are 100%
compliant with it yet. (This will be fixed at least for dkim-milter in
2.4.0.)
> Hell, dkim.org (which one would assume to be a logical place to look as
> any) says that draft-allman-dkim-ssp is "Recommended for immediate use"
> (and it expired a year and a half ago).
Yes, that site is quite outdated. I was approached by the people
maintaining it recently about possibly taking over some of its maintenance
but that transition hasn't happened yet.
> Now, when searching for obscure DKIM flags, like trying to search RFC's
> for "o=" or, worse, google, there's no real place to turn (at least that
> I've found).
The latest specification documents from the DKIM working group are
collected at www.ietf.org. You can find them all at
https://datatracker.ietf.org/drafts/ by searching by the name of the
working group ("dkim"). Anything called "draft-ietf-dkim-*" is an
official draft from the working group.
Authentication-Results is defined in a draft not covered by the working
group (yet) so you'll instead find that under
https://datatracker.ietf.org/drafts/draft-kucherawy-sender-auth-header/.
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
dkim-milter-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
