IETF Logo Mail Archive

Re: [BEHAVE] RFC6147 and RFC7208 interoperability issues

David Conrad <drc@virtualized.org> Mon, 07 February 2022 18:38 UTC

Return-Path: <drc@virtualized.org>
X-Original-To: behave@ietfa.amsl.com
Delivered-To: behave@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B02FC3A13B1 for <behave@ietfa.amsl.com>; Mon, 7 Feb 2022 10:38:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=virtualized-org.20210112.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bfA0z8qQyeFx for <behave@ietfa.amsl.com>; Mon, 7 Feb 2022 10:38:00 -0800 (PST)
Received: from mail-pf1-x42c.google.com (mail-pf1-x42c.google.com [IPv6:2607:f8b0:4864:20::42c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EBB223A1307 for <behave@ietf.org>; Mon, 7 Feb 2022 10:37:31 -0800 (PST)
Received: by mail-pf1-x42c.google.com with SMTP id g8so4625463pfq.9 for <behave@ietf.org>; Mon, 07 Feb 2022 10:37:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=virtualized-org.20210112.gappssmtp.com; s=20210112; h=mime-version:subject:from:in-reply-to:date:cc:message-id:references :to; bh=t/L9Jl0etS2OitdjRmMLhG9PcC+oK3JYGMtpBGc8Ksk=; b=czGohrzI4OwB0HKyyPIGy/2MW4ak5xftaOEsW30zk0YQusjWSZ2y31l/t5jTN8mqzY CYEiZJLrbCAA+2d9SINa2DNl5yXSN4fjqJ326i9H+O1oCxJLP3M6e1Gzl9bb3EA0m46y sT3qdqEzQ/mufb1jpLS6091thX1+68dCl44uiP+5XCPFNPaaaPxGGCi0K1RIAlW78odD BcxkcO3ablrVdW+hFFhBEna0R5FomnPCn+Uvapkm6JJz+nfYmDIetn8CTu0A3ET4wjd5 KFPfWzwKxZd5J6Oi3yFTH0J1v5DK2ckdEHkRqIgy/oE3O7df7QX11B+xyYhAaJuXb+Fe FSqQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :message-id:references:to; bh=t/L9Jl0etS2OitdjRmMLhG9PcC+oK3JYGMtpBGc8Ksk=; b=Gj9iitUd5HJDfdyA+Ioup62tVYO2ZanxMyeYLD5TJpr7D1H/uTROFGSdje/ZrI02M9 vjPtyjCrTYnkh1GFxf/H5ChsLTxpNyKaLzSj2ZJG5nH8G2Lb+DruzRD4mQcyajafEOp8 iAI4rX457xJuXCbRJU2N2QbY7bvZoFp6Fm5ZHvhJ4ZpkTTQJYjGyLvjtQLMKcD2bUp04 bLdklWxdOVotzjnYvJh27FffPynd+xUFp58zMirHZj53+tp0lBbjqbQTbTnI1IM77BRz 684pd0cdiFI9xZuYarFqipsHp6i0SkDj7rHq3Pn/nSxAp0V7ycRdKmid6CMrkDAnbycv MjSw==
X-Gm-Message-State: AOAM531ER3ioLZrIjNR7zg9b/7VsBJkDixO9kwkaC/timOaL/cWlk9Em MmA0AWS/5QzbrNbVBTuHepvrebt9nOSYgw==
X-Google-Smtp-Source: ABdhPJyaqkFxmZVJ/2P1lyJsVJjQLPnl6ssBwaSiQ0ixLOHKlnmxrsK4+6S4shtZlEjADg3+Y3LnMQ==
X-Received: by 2002:a05:6a00:170e:: with SMTP id h14mr712930pfc.80.1644259050597; Mon, 07 Feb 2022 10:37:30 -0800 (PST)
Received: from smtpclient.apple ([2600:1700:5135:f1f:20d0:37cd:1295:a823]) by smtp.gmail.com with ESMTPSA id f3sm13070544pfe.43.2022.02.07.10.37.29 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 07 Feb 2022 10:37:29 -0800 (PST)
Content-Type: multipart/signed; boundary="Apple-Mail=_E2B5FA94-BDFB-4F8C-9A6D-7A54FC616EE9"; protocol="application/pgp-signature"; micalg="pgp-sha256"
Mime-Version: 1.0 (Mac OS X Mail 15.0 \(3693.60.0.1.1\))
From: David Conrad <drc@virtualized.org>
In-Reply-To: <B7DFC369-E7B7-4171-9C85-F75986B5AEF6@gmail.com>
Date: Mon, 07 Feb 2022 10:37:28 -0800
Cc: Klaus Frank <klaus.frank@posteo.de>, behave@ietf.org
Message-Id: <22B55BB2-3854-4152-BBD5-900B169B9173@virtualized.org>
References: <45e423cc-4095-cca2-bf8c-aa15e977b19c@posteo.de> <ff858dee-a21a-a50d-72a5-da7915ac2de4@network-heretics.com> <71b5cdb0-78af-0f77-debc-84e178fe5e3a@posteo.de> <7a008cc2-e8a3-f91d-c782-96866c36a9db@network-heretics.com> <ee760818-a3c4-3755-6bdf-afcec6fcaaad@posteo.de> <B7DFC369-E7B7-4171-9C85-F75986B5AEF6@gmail.com>
To: Dan Wing <danwing@gmail.com>
X-Mailer: Apple Mail (2.3693.60.0.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/behave/n4PeEL8NKSBOj6ghZlYeu6ioiXI>
Subject: Re: [BEHAVE] RFC6147 and RFC7208 interoperability issues
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/behave/>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Feb 2022 18:38:11 -0000

Dan,

On Feb 6, 2022, at 4:58 PM, Dan Wing <danwing@gmail.com> wrote:
> A problem with rewriting SPF records within DNS64 is that other IPv4 addresses may well appear in TXT records, throwing a loop to applications which won't know if the DNS64 has done rewriting or if the application needs to do rewriting.

Yes, IPv4 addresses (or what may look like IPv4 addresses) can exist in TXT records arbitrarily, however, IIRC, SPF TXT records are fairly tightly constrained to start with “v=spf1 …” and the content of interest here must be prefixed with “ipv4: “.  Given this, I’d imagine it’d be pretty straight forward for DNS64 to find the relevant IPv4 addresses to do whatever transforms are necessary, leaving other IPv4 addresses embedded in TXT RRs as Someone Else’s Problem (if encountered).

That is, instead of boiling the ocean, perhaps point solutions will suffice in an effort to address an identified operational issue?

Regards,
-drc

v2.23.0 | Report a Bug | By Email