Re: [BEHAVE] RFC6147 and RFC7208 interoperability issues

Dan Wing <danwing@gmail.com> Mon, 07 February 2022 19:37 UTC

Return-Path: <danwing@gmail.com>
X-Original-To: behave@ietfa.amsl.com
Delivered-To: behave@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 179793A0115 for <behave@ietfa.amsl.com>; Mon, 7 Feb 2022 11:37:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.855
X-Spam-Level:
X-Spam-Status: No, score=-0.855 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NORMAL_HTTP_TO_IP=0.001, NUMERIC_HTTP_ADDR=1.242, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wWABSxiuLXwi for <behave@ietfa.amsl.com>; Mon, 7 Feb 2022 11:37:41 -0800 (PST)
Received: from mail-pf1-x42c.google.com (mail-pf1-x42c.google.com [IPv6:2607:f8b0:4864:20::42c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E08953A011F for <behave@ietf.org>; Mon, 7 Feb 2022 11:37:38 -0800 (PST)
Received: by mail-pf1-x42c.google.com with SMTP id g8so4897500pfq.9 for <behave@ietf.org>; Mon, 07 Feb 2022 11:37:38 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=4PBjvhbrOWbDFJeiadGO7XDfCbyak2LLaHcXkFgGYHg=; b=Axs1yf0g9wpVdgBUFQ+hlRk6xg75JZc4oOwAzLtYsCu5VJBJkCJs2tcw93EvRIVwmC yDjCrqUOkyhDbNBtK6QNud5UW+VQZg/1HS8EO76VI9Twj0Wuav6ZRwT3DnC9lEw74aOd MuY25ZaZdI4thvExawwom+PhzcdY/HQQBkVG9o3XKuIgp2fYK+tz7eC6fgd9QgimschT ZNGofL/Dt+ZBiS8KM//fGIFSQvKoxSmQw/4bxJzFkh081qOoNd0zTBQNQUTGxGbpENsF nSmVN8e1p6puJ/0qYK/MqDTiBLkgG77wxgkFBVB0xp/zcOLZ57ohK/1IDwl2OtVulrOC 6ecg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=4PBjvhbrOWbDFJeiadGO7XDfCbyak2LLaHcXkFgGYHg=; b=6NVAKyBvnlAOOEPWhQPCOgxaqkBT9TzgussvfTvD80AzUkcQDRgkHt5A2FHhH+AYyd uLe87Y2r+OWrMIdLuvo8E3m9kev1ifyOt1CUq4Ba4gFj6F9edtc8/61cZsoMMePeaq+m fV8b1i4keAKI1gQGVBuOmOmEQDyWbW5G1BIvwf21mST+ZARkK5viICRpNQvxVTimyrsj O2jQDVKvmZGdEunWEJoDc12k1t9K4ajnvgN5OsjRdAmoQpGvaThNhgGe8V7d2/1Hs8AV nWfuT+/WFEEvaeJskM4FLx6ZjqQAllUkV8lM2XgY2lWGbvBDgWC0kjpKCCU0d/VnvNKs b4Vw==
X-Gm-Message-State: AOAM531Sl+VjXx/QUHuy9prEEgRvfrHtXA3cj4A0QdkDP6eqLrPz/5/M JI1evSND2xnhZjgNd34Dbt+T4rtlluc=
X-Google-Smtp-Source: ABdhPJxDlrZJFbRN4w2BNqzSWQBCK7aomKeoIX98/thK1Sb+hXVaOw7GCt5a0hinxqLpsHR6m/f3gw==
X-Received: by 2002:a63:fa41:: with SMTP id g1mr759072pgk.224.1644262657381; Mon, 07 Feb 2022 11:37:37 -0800 (PST)
Received: from smtpclient.apple (47-208-218-46.trckcmtc01.res.dyn.suddenlink.net. [47.208.218.46]) by smtp.gmail.com with ESMTPSA id i10sm9329087pgm.30.2022.02.07.11.37.36 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 07 Feb 2022 11:37:36 -0800 (PST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 15.0 \(3693.60.0.1.1\))
From: Dan Wing <danwing@gmail.com>
In-Reply-To: <7e53925e-46b0-29e4-6deb-47bcf389ff97@posteo.de>
Date: Mon, 07 Feb 2022 11:37:34 -0800
Cc: behave@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <DC6F8DB5-4D01-466F-A042-1769E5FBB677@gmail.com>
References: <077D662F-5E6D-44F5-8DD3-B58D8B535C5D@network-heretics.com> <B6D6B4CC-AC1F-459C-952A-E9493E00FDB3@huitema.net> <7e53925e-46b0-29e4-6deb-47bcf389ff97@posteo.de>
To: Klaus Frank <klaus.frank@posteo.de>, drc@virtualized.org
X-Mailer: Apple Mail (2.3693.60.0.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/behave/VmVLJSeWzlixYHNrHdzCdr53N3w>
Subject: Re: [BEHAVE] RFC6147 and RFC7208 interoperability issues
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/behave/>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Feb 2022 19:37:46 -0000

Klaus, David,

I just grabbed an email in this thread to propose a different idea:

Could the SPF problem dissipate if SPF records only contained DNS names and deprecate IP addresses?  Consider we had (and still have) the same issue with IPv4 addresses in URLs (https://datatracker.ietf.org/doc/html/rfc6586#section-6.1, e.g., http://1.2.3.4) which break with DNS64/NAT64 because 1.2.3.4 is not a valid IPv6 address.  The solution there was (and still is) push those deployments to use DNS names rather than IP addresses.  Of course nobody wants to spend their career chasing down websites using IPv4 address literals, which is what begat 464XLAT.

I don't have a list of top NNN mail servers, but I see both address literals (e.g., comcast.com, microsoft.com) and domain names (e.g., gmail.com which does SPF redirect to _spf.google.com which has only domain names).

-d