IETF Logo Mail Archive

Re: [dnsext] Obsoleting SPF RRTYPE

Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp> Thu, 25 April 2013 12:18 UTC

Return-Path: <mohta@necom830.hpcl.titech.ac.jp>
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4DE8921F9367 for <dnsext@ietfa.amsl.com>; Thu, 25 Apr 2013 05:18:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.17
X-Spam-Level:
X-Spam-Status: No, score=0.17 tagged_above=-999 required=5 tests=[AWL=0.260, BAYES_00=-2.599, HELO_EQ_JP=1.244, HOST_EQ_JP=1.265]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 20NLSSWWn7mx for <dnsext@ietfa.amsl.com>; Thu, 25 Apr 2013 05:18:57 -0700 (PDT)
Received: from necom830.hpcl.titech.ac.jp (necom830.hpcl.titech.ac.jp [131.112.32.132]) by ietfa.amsl.com (Postfix) with SMTP id D0A2921F9079 for <dnsext@ietf.org>; Thu, 25 Apr 2013 05:18:56 -0700 (PDT)
Received: (qmail 41999 invoked from network); 25 Apr 2013 12:16:25 -0000
Received: from necom830.hpcl.titech.ac.jp (HELO ?127.0.0.1?) (131.112.32.132) by necom830.hpcl.titech.ac.jp with SMTP; 25 Apr 2013 12:16:25 -0000
Message-ID: <51791EFC.5060907@necom830.hpcl.titech.ac.jp>
Date: Thu, 25 Apr 2013 21:18:04 +0900
From: Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:17.0) Gecko/20130328 Thunderbird/17.0.5
MIME-Version: 1.0
To: dnsext@ietf.org
References: <20130425013317.36729.qmail@joyce.lan> <80ADB3EE-17FD-4628-B818-801CB71BCBFE@virtualized.org> <alpine.BSF.2.00.1304242309150.38677@joyce.lan> <46778ED3-35A2-44B4-BE3C-AAC4F7B314FF@virtualized.org> <20130425095856.GA18148@mx1.yitter.info>
In-Reply-To: <20130425095856.GA18148@mx1.yitter.info>
Content-Type: text/plain; charset="ISO-2022-JP"
Content-Transfer-Encoding: 7bit
Subject: Re: [dnsext] Obsoleting SPF RRTYPE
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Apr 2013 12:18:58 -0000

Andrew Sullivan wrote:

>> implication of this would appear to be that definition of new RRs
>> should be constrained to "consenting adults" (e.g., EUI48/68). Is
>> there some other takeaway from the "failure" of the SPF RR?
> 
> One obvious one is, "Don't have two mechanisms to achieve the same
> goal."

It means anything to be implemented by TXT can not have its own
RR.

> Given that SPF has the TXT record and that there is zero hope
> of getting rid of that use, the SPF RRTYPE was just a vain hope.

"there is zero hope of getting rid of that use"?

Why?

Some reasoning, please.

> And indeed, as DKIM and other such uses show, the underscore-label
> extension is a permanent part of the DNS landscape and we should
> expect applications to depend on that as often as on new RRTYPEs,
> regardless of any advice to the contrary.

Where is the advice not to have underscore-label extensions
with SRV?

The problem of underscore-label extensions is that the
underscore-labels is not assured to be unique (RFC1034
imposes no restriction to use underscore-label for any
purpose) and can have conflicts to other applications.

Thus, an application specific underscore-label extension is
just fine if and only if it is tied with applications' own
specific RR type to prevent ambiguities on meaning of the label.

That is, having application specific RRs is MUST, even if you
use underscore-labels.

						Masataka Ohta

v2.23.0 | Report a Bug | By Email