Thanks, Stephen. I had a good vacation, and I'm back. I have seen a few comments on the list, in particular Phillip's comment about the downgrade attack that we need to discuss more. If any of you are holding onto comments, please go ahead.
I'm particularly interested in reactions to the algorithm given in section 4.4. This is another attempt to strike the right balance between security (the SHOULD for subdomain coverage in SSP requirements section 5.1 #4), ease of deployment (trying to avoid doubling the size of zones with extra SSP records), and avoiding creation of unacceptable loads on DNS, and root and TLD name servers in particular. Speak up if there are any uncovered holes in this algorithm, or where I haven't achieved these goals. -Jim Stephen Farrell wrote: > > Couple of quick notes on that: > > 1. Thanks to Jim for getting it out before his vacation. > > 2. Since he's on vacation we might have to wait if we've > "why'd you do that..." questions, though other authors > are about. > > 3. Remember that this is a -00 I-D so don't treat it as > if its written in store. OTOH, concrete alternatives are > much better than just criticising - we have after all > been chatting about this for ages already. > > S. > _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
