Michael Thomas wrote: > For larger business and maybe ISP's even, our anecdotal experience at > Cisco is > that our messaging and DNS folks don't have mich to do with one > another (changing > mx records is not a ordinary event). Thus to achieve key rollover, > you'd need > to create linkages between the groups and their software that didn't > exist before. > Which is to say, a very slow process for the motivated, and a > non-process for > the unmotivated. Maybe SPF has helped here, but I doubt it. This is true, but that's part of the benefit of putting the keys in the _domainkey subdomain: it makes it possible, at least, for the messaging folks to bug the DNS folks once for an NS delegation and then manage the rest themselves. Assuming the DNS folks will actually give them the NS delegation, of course. And our anecdotal experience at Cisco is that they will.
-Jim _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
