[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] Re: 3. Problems with domain keys and with message-body-authenticator

To: asrg at ietf.org
Subject: Re: [Asrg] Re: 3. Problems with domain keys and with message-body-authenticator
From: der Mouse <mouse at Rodents.Montreal.QC.CA>
Date: Sat, 29 May 2004 04:17:34 -0400 (EDT)
In-reply-to: <20040529075826.GA26199@teal.hjp.at>
List-archive: <http://www1.ietf.org/pipermail/asrg>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
References: <20040528070618.39044.qmail@web51310.mail.yahoo.com> <Pine.LNX.4.44.0405280914310.18815-100000@cwhois1.completewhois.com> <20040529075826.GA26199@teal.hjp.at>
Sender: asrg-bounces at ietf.org

>>> TTL won't have to be kept low, as the RRs aren't updated once
>>> published,
>> That is not correct, the zone itself needs to be updated with
>> every message that passed through.  This requires very very low TTL
> Why?  The TTL of existing records has nothing to do with the rate at
> which new records can be added.

Strictly, this is true.  The MINTTL in the SOA needs to be low, to
limit the lifetime of negative cache entries, but there is no reason
why records have to use that TTL - it's just a handy shorthand.

But if you have secondaries, you want the refresh value to be low, and
that is almost a TTL - certainly, making it low raises many of the same
performance issues that using low TTLs does.

Also, it occurs to me that if you send a lot of mail, your SOA serial
number will wrap fairly soon.

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse at rodents.montreal.qc.ca
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

Follow-Ups:
- Re: [Asrg] Re: 3. Problems with domain keys and with message-body-authenticator
  - From: Everton da Silva Marques

References:
- [Asrg] Re: 3. Problems with domain keys and with message-body-authenticator
  - From: Everton da Silva Marques
- Re: [Asrg] Re: 3. Problems with domain keys and with message-body-authenticator
  - From: William Leibzon
- Re: [Asrg] Re: 3. Problems with domain keys and with message-body-authenticator
  - From: Peter J. Holzer

Prev by Date: Re: [Asrg] Re: 3. Problems with domain keys and with message-body-authenticator
Next by Date: Re: [Asrg] draft-irtf-asrg-bcp-blacklists-00
Previous by thread: Re: [Asrg] Re: 3. Problems with domain keys and with message-body-authenticator
Next by thread: Re: [Asrg] Re: 3. Problems with domain keys and with message-body-authenticator
Index(es):
- Date
- Thread