Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE

[Noel David Torres Taño <envite@rolamasao.org>]

On Viernes, 26 de abril de 2013 22:58:59 Murray S. Kucherawy wrote:
> On Fri, Apr 26, 2013 at 12:31 PM, Doug Barton <dougb@dougbarton.us> wrote:
> >  No, what I'm saying is that the way things were ten years ago
> > 
> > As I (and others) have said many times, things were rough at the time SPF
> > came to bloom. However, and this is really important to understand, it's
> > not 10 years ago anymore.
> 
> I am keenly aware of the date.  What I am also keenly aware of, as I (and
> others) have said many times, is that SPF set off in a specific direction
> based on the situation ten years ago and has continued in that direction
> all this time.  Now, with the situation "at home"
> largely-but-not-completely improved, there are a few people now exclaiming
> that it went in the wrong direction, and that needs to be fixed.
> 
> It's very easy to make that assertion when one ignores questions of
> momentum and inertia.
> 
I'm physicist, so I understand momentum and inertia quite well. I thus can 
assure you that even the minimal force can stop and revert even the fastest 
movement of the heaviest celestial body. It's just a matter of how much time 
you apply that force.

Here, the momentum and inertia are the deployed base of TXT spf records. Most 
of them being v1, but the small force of spf 2 changed that movement and the 
body curved the trajectory from "use TXT v1" to "use TXT v1 and 2". Now, if we 
recommend SPF over TXT for spf (that's the minimal force) and give enought 
time, we'll see how TXT loses positions from almost unique to dominant, then 
to majority, then to coexistent, then to minority, then to historic, then to 
almost unused. It is just a matter of time, and if we start today better than 
tomorrow, well gain the same 1 day at the end of the process.

Physics is so simple!

Of course, greater forces like deprecating TXT too early can broke things, in 
the same way you can receive an egg with your hands (small force) but you'll 
break it if your receive it with a hockey stick.

So I suggest we do the right thing, which is not deprecating TXT, but exerting 
the small force: recommending SPF over TXT, and increasing slowly the force of 
the recommendation through SPF 3, 4 and so on.

Of course, it may be that we'll never reach SPF 4, but it can also be that an 
asteroid impacts us before IPv6 gets deployed completely, and we work towards 
that as well.
> 
> I'm not being petty when I say that. It really is important to understand,
> 
> > the time is going to pass anyway. In the time period between then and now
> > a LOT of things have happened in the DNS world, and the situation is
> > dramatically different now than it was.


Better if is is not dramatical ;)
> 
> Nobody's arguing that point.
> 
> > What is even more important to understand is that 10 years from now 10
> > more years will have passed. We have a chance now to set in motion events
> > that will continue to improve the situation, so that 10 years from now we
> > can look back and laugh at the SPF TXT record, and have joy that things
> > are so much better. Or, we can spend 10 more years with the same silly
> > kludge, and not have made any progress at all. Either way, the next 10
> > years are going to pass.
> 
> Sure.  Is that a good use of engineering resources?  This is where we
> appear to differ.  I claim, given current data, that it is not.

Reality is addict to do bad use of resources. The amount of engineering used 
to clone Minix just to make it free was (with then-current data) a complete 
waste, but The Universe (whatever that means) converted that waste of 
engineering resources into modern linux.
> 
> > And some of the software that handles SPF has already switched to
> > querying SPF/99 first. There is no reason that the rest could not do
> > that as well.
> 
> I agree with the first sentence, but not the second.
> 
> > As I have mentioned previously, in the DNS world we have a LOT of
> > experience dealing with issues EXACTLY like this. We know how it works,
> > we know what long tails look like, and we know that as problems go it's
> > a pretty easy problem to deal with.
> 
> This situation touches more than just DNS code.  You appear to be convinced
> that the path to overcoming inertia in the DNS world is the same, or maybe
> even harder, than it is in other environments like email.  I am not a
> believer.

I do not believe, I know. There is nothing that can not be moved. Moreover, 
there is nothing that can not be moved with the minimal force over its current 
friction limit. We just need to pass that limit. The friction, in this case, 
is those Windows and Providers unwilling to change. As the novel Momo teaches, 
they should be moved the last, once the remainder of the "society" is working 
the way you want. Do not try to "speak with Momo" too early.
> 
> > Um, it's not "suddenly." The advice to do it right in the first place has
> > been offered repeatedly, since the very beginning. That's why the code
> > point was assigned in the first place.
> 
> Um, it is "suddenly", or have you a copy of the spfbis archive that's
> different from the one I have?
> 
> > There is no doubt that in the early days, prior to the widespread
> > deployment of 3597, querying for SPF/99 could cause problems. But we're
> > not in that world anymore. Thank DNSSEC and IPv6 for shaking things
> > loose. There is currently no TECHNICAL reason that the change cannot be
> > made NOW to query SPF/99 first. The only argument you (and others) have
> > put forward so far is, "We have been using TXT, it works, so we want to
> > keep using it." I understand why that course of action is attractive,
> > but it's bad. And the right thing isn't hard to do.
> 
> I'm sorry, but that is not the only argument I (and others) have put
> forward so far.  If this conversation is going to be selective in that
> manner, then I think I'm done here.
> 
> -MSK

Regards

Noel Torres
er Envite
-------------------------
A: Because it breaks the logical flow of discussion.
Q: Why is top posting bad?