aboutsummaryrefslogtreecommitdiff
path: root/doc/design.md
diff options
context:
space:
mode:
Diffstat (limited to 'doc/design.md')
-rw-r--r--doc/design.md8
1 files changed, 7 insertions, 1 deletions
diff --git a/doc/design.md b/doc/design.md
index 439f8c5..85e0ea3 100644
--- a/doc/design.md
+++ b/doc/design.md
@@ -347,7 +347,13 @@ A signer's domain hint is not part of the logged leaf because key management is
more complex than that. A separate project should focus on transparent key
management. Our work is about transparent _key-usage_.
-We are considering if additional anti-spam mechanisms should be supported.
+A signer's domain hint must have the left-most label set to `_sigsum_v0` to
+reduce the space of valid DNS TXT RRs that the log needs to permit queries for.
+See further details in the
+ [proposal](https://git.sigsum.org/sigsum/tree/doc/proposals/2022-01-domain-hint)
+that added this criteria.
+
+We are considering if additional anti-spam mechanisms should be supported in v1.
#### 4.3 - What is the point of having a shard hint?
Unlike TLS certificates which already have validity ranges, a checksum does not