[apps-discuss] APPSDIR review of draft-ietf-spfbis-4408bis-14.txt

Cyrus Daboo <cyrus@daboo.name> Mon, 29 April 2013 13:50 UTC

Return-Path: <cyrus@daboo.name>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 800FD21F9DB1; Mon, 29 Apr 2013 06:50:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.203
X-Spam-Status: No, score=-101.203 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MIME_QP_LONG_LINE=1.396, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id KwR5+EgYjx8h; Mon, 29 Apr 2013 06:50:25 -0700 (PDT)
Received: from daboo.name (daboo.name []) by ietfa.amsl.com (Postfix) with ESMTP id 5AF8121F9DAE; Mon, 29 Apr 2013 06:50:25 -0700 (PDT)
Received: from localhost (localhost []) by daboo.name (Postfix) with ESMTP id 3F7B1425132D; Mon, 29 Apr 2013 09:50:17 -0400 (EDT)
X-Virus-Scanned: amavisd-new at example.com
Received: from daboo.name ([]) by localhost (daboo.name []) (amavisd-new, port 10024) with ESMTP id nH1O-SW8EcRj; Mon, 29 Apr 2013 09:50:16 -0400 (EDT)
Received: from [] (unknown []) by daboo.name (Postfix) with ESMTPSA id 1638A4251323; Mon, 29 Apr 2013 09:50:14 -0400 (EDT)
Date: Mon, 29 Apr 2013 09:50:15 -0400
From: Cyrus Daboo <cyrus@daboo.name>
To: apps-discuss@ietf.org, draft-ietf-spfbis-4408bis.all@tools.ietf.org
Message-ID: <9E5D5870D2E1345B7ABA6971@cyrus.local>
X-Mailer: Mulberry/4.1.0a3 (Mac OS X)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline; size="2701"
Cc: iesg@ietf.org
Subject: [apps-discuss] APPSDIR review of draft-ietf-spfbis-4408bis-14.txt
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Apr 2013 13:50:26 -0000


I have been selected as the Applications Area Directorate reviewer for this 
draft (for background on appsdir, please see 

Please resolve these comments along with any other Last Call comments you 
may receive. Please wait for direction from your document shepherd or AD 
before posting a new version of the draft.

Document: draft-ietf-spfbis-4408bis-14.txt
Title: Sender Policy Framework (SPF) for Authorizing Use of Domains in 
Email, Version 1
Reviewer: Cyrus Daboo
Review Date: 2013-04-29

Summary: This draft is almost ready for publication as an RFC, subject to 
some minor issues that should be resolved.

Overview: This document is an update to RFC4408 that seeks to upgrade the 
specification from experimental status, clarifying a number of issues in 
the original specification, providing in depth detail of actual deployment 
experience, and documenting various extensions now in common use. The new 
draft achieves these aims and provides a good reference for implementors.

Major Issues: None

Minor Issues:

	Section 4.6.1 ABNF terms "A / MX / PTR / IP4 / IP6" are upper case but 
terminal terms are lower case in Section 5 (but uppercase in Appendix A). 
Looks like these need fixing in Section 5.

	Section 6.2 Paragraph 6 There is a reference to Section 2.6.4 but that 
section does not contain anything relevant. Either remove the reference or 
point to a relevant section.

	Section 7.1 Paragraph 2 States "subject to LDH rule" - that needs a 
reference to RFC3696 Section 2 (reference was in RFC 4408).

Section 11.3 Why no mention of DNSSEC as a way to alleviate this issue? Has 
anyone been using DNSSEC with SPF? If not, why not?


	Section 2.4 (argument list) and Section 4.1 appear to duplicate similar 
information - consider removing the list of args in Section 2.4 and add a 
reference to $4.1.
	Section 2.5 Paragraph 2 First part of sentence hard to read - break it up 
with commas.
	Section 2.6 and Section 8 appear to duplicate a lot of similar 
information. Please consider trimming down Section 2.6 and have it refer to 
Section 8 for full details.
	Section 3.5 Paragraph 1 Has the word "discouraged". Shouldn't this use a 
2119 term, e.g.: "NOT RECOMMENDED"?
	Section 6.1 Paragraph 1 Remove second sentence - pretty much the same as 
the first one.
	Section 6.2 Paragraph 4 Put exp in double-quotes.
	Section 10 Paragraph 1 SHOULD - in this context it is not really 
appropriate to use a 2119 term. Please rephrase.
	Various places: permerror is sometimes used without double-quotes around 
it - I think all uses should have double-quotes.

Cyrus Daboo