IETF Logo Mail Archive

Re: [dnsext] Obsoleting SPF RRTYPE

Patrik Fältström <paf@frobbit.se> Thu, 25 April 2013 14:09 UTC

Return-Path: <paf@frobbit.se>
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 70AB021F943A for <dnsext@ietfa.amsl.com>; Thu, 25 Apr 2013 07:09:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.299
X-Spam-Level:
X-Spam-Status: No, score=-2.299 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MIME_8BIT_HEADER=0.3]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Fp+W7NKTBDCU for <dnsext@ietfa.amsl.com>; Thu, 25 Apr 2013 07:09:00 -0700 (PDT)
Received: from mail.frobbit.se (mail.frobbit.se [IPv6:2a02:80:3ffe::176]) by ietfa.amsl.com (Postfix) with ESMTP id 2CDEE21F9412 for <dnsext@ietf.org>; Thu, 25 Apr 2013 07:08:57 -0700 (PDT)
Received: from [172.20.10.2] (2.68.187.227.mobile.tre.se [2.68.187.227]) by mail.frobbit.se (Postfix) with ESMTPSA id 0740F21D88; Thu, 25 Apr 2013 16:08:55 +0200 (CEST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 6.3 \(1503\))
From: Patrik Fältström <paf@frobbit.se>
In-Reply-To: <80ADB3EE-17FD-4628-B818-801CB71BCBFE@virtualized.org>
Date: Thu, 25 Apr 2013 16:08:57 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <BB8C643A-FC46-4B2F-B677-F1B7CAB0E79F@frobbit.se>
References: <20130425013317.36729.qmail@joyce.lan> <80ADB3EE-17FD-4628-B818-801CB71BCBFE@virtualized.org>
To: David Conrad <drc@virtualized.org>, John R Levine <johnl@taugh.com>
X-Mailer: Apple Mail (2.1503)
Cc: "dnsext@ietf.org Group" <dnsext@ietf.org>
Subject: Re: [dnsext] Obsoleting SPF RRTYPE
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Apr 2013 14:09:00 -0000

>> Once again, the huge practical barriers to deploying new RRTYPEs made the SPF RR dead on arrival.

John, I completely disagree, as you know, with this statement. What killed SPF RR was the introduction of the TXT cludge for SPF.

I therefore support David in this:

> Yes, the ossification of the DNS makes introducing new things challenging however as Mark pointed out, software was beginning to do the right thing and there actually are web interfaces out there that let folks enter SPF records (I use one). My reading of 6686 would suggest that SPF has greater penetration than either DNSSEC or IPv6 which both face the practical barriers you mention, yet I'd argue deploying DNSSEC and IPv6 are the right thing to do.

We do deploy IPv6 and DNSSEC with new RR types. Having that in TXT would have made things not just a little bit messier.

   Patrik

v2.23.0 | Report a Bug | By Email