IETF Logo Mail Archive

Re: [dnsext] Obsoleting SPF RRTYPE

David Conrad <drc@virtualized.org> Sun, 28 April 2013 23:58 UTC

Return-Path: <drc@virtualized.org>
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0EC1E21F9887 for <dnsext@ietfa.amsl.com>; Sun, 28 Apr 2013 16:58:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=0 tagged_above=-999 required=5 tests=[none]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FJiAzMWLeKUJ for <dnsext@ietfa.amsl.com>; Sun, 28 Apr 2013 16:58:04 -0700 (PDT)
Received: from trantor.virtualized.org (trantor.virtualized.org [199.48.134.42]) by ietfa.amsl.com (Postfix) with ESMTP id 497F821F9868 for <dnsext@ietf.org>; Sun, 28 Apr 2013 16:58:01 -0700 (PDT)
Received: from [172.20.10.2] (mobile-166-137-149-147.mycingular.net [166.137.149.147]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: drc) by trantor.virtualized.org (Postfix) with ESMTPSA id 66D3A17166; Sun, 28 Apr 2013 23:57:59 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 6.3 \(1503\))
From: David Conrad <drc@virtualized.org>
In-Reply-To: <20130426214956.75110.qmail@joyce.lan>
Date: Sun, 28 Apr 2013 18:57:58 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <3316FDF5-F97A-4D17-8B47-AF5B86C741DA@virtualized.org>
References: <20130426214956.75110.qmail@joyce.lan>
To: John Levine <johnl@taugh.com>
X-Mailer: Apple Mail (2.1503)
Cc: dnsext@ietf.org
Subject: Re: [dnsext] Obsoleting SPF RRTYPE
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Apr 2013 23:58:05 -0000

[Apologies for delays, travel distractions]

John,

On Apr 26, 2013, at 4:49 PM, John Levine <johnl@taugh.com> wrote:
>> Well, deprecating the SPF RR will certainly teach the DNSEXT/IESG/IETF community a good lesson.  (Seriously?)
> This may come as a surprise, but this isn't all about you.  

Damn.  Burst my bubble.  But I'd note that this isn't all about you or the other participants of SPFBIS either. It's actually about the future.

> For all its warts, SPF works fine
> as is, and they have no incentive to change.  Hence the narrow charter
> of the group only to clean up the existing spec, not to extend or
> change it.

Err, SPFBIS _does_ change the spec.  It is proposing to deprecate the RR specifically created for SPF and state that compliant implementations only use TXT.

>> And how do you propose that exactly, particularly given the precedent set by SPFBIS?
> Provide the tools and processes so that people can use new RRTYPEs in
> new designs.  (Insert usual point about provisioning.)

While I know you'd like to use this to drive dnsextlang (something I support), given the SPF RR semantics are identical to TXT RRs and the complexity associated with implementing (minimal) support for SPF is changing code to emit "99" instead of "16", I have a bit of skepticism that better tools/processes are actually the driving force here.

> Don't shoot yourself in the foot by demanding that we break one that's
> a decade old and likely in wider use than 95% of all of the other IETF
> protocols.

Strawman. Can you point to any message "demanding that we break" _anything_? Similarly, can you point to anyone who claims using TXT is the best choice as opposed to the pragmatic choice?  What I believe people (including myself) are saying is that the abandonment of a migration away from TXT is simply the wrong way to go and that a better approach would be to continue to encourage migration to SPF (with backwards compatibility, of course), even if it will take time. 

In any event, DNSEXT is the wrong venue to discuss the SPFBIS strategy. I suppose the right course of action is to write up a draft entitled "TXT Considered Harmful" or somesuch.

Regards,
-drc

v2.23.0 | Report a Bug | By Email