IETF Logo Mail Archive

Re: [spfbis] Last Call: <draft-ietf-spfbis-4408bis-19.txt> (Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1) to Proposed Standard

Scott Kitterman <scott@kitterman.com> Tue, 20 August 2013 05:08 UTC

Return-Path: <scott@kitterman.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 568E611E80F2 for <ietf@ietfa.amsl.com>; Mon, 19 Aug 2013 22:08:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.474
X-Spam-Level:
X-Spam-Status: No, score=-2.474 tagged_above=-999 required=5 tests=[AWL=0.125, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O0-QCytjQWPk for <ietf@ietfa.amsl.com>; Mon, 19 Aug 2013 22:07:59 -0700 (PDT)
Received: from mailout02.controlledmail.com (mailout02.controlledmail.com [72.81.252.18]) by ietfa.amsl.com (Postfix) with ESMTP id 963E911E8198 for <ietf@ietf.org>; Mon, 19 Aug 2013 22:07:59 -0700 (PDT)
Received: from mailout02.controlledmail.com (localhost [127.0.0.1]) by mailout02.controlledmail.com (Postfix) with ESMTP id 9EF4620E410F; Tue, 20 Aug 2013 01:07:56 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=kitterman.com; s=2007-00; t=1376975276; bh=EmvonCTuM1SPkUds2ZH/9SVI84epDEXCMeeDzWOR+/o=; h=From:To:Subject:Date:In-Reply-To:References:From; b=DqCXLUJ5+YzbLqbsiLN3KPE3rM/f9Yft20HFdxa0ZG8KpeSUifJ3Ye792gP1kWbrl RzaqyH88b4POAFwNZdSW6fLAK+hY2w2WOgkR+y1213shJQBhzUKxgcjhj4Za0PXaHG CIvAJb0SB1X0mpTqBs6LiU5NU5YTQuV1LM421aEE=
Received: from scott-latitude-e6320.localnet (static-72-81-252-21.bltmmd.fios.verizon.net [72.81.252.21]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mailout02.controlledmail.com (Postfix) with ESMTPSA id 81CFE20E40CB; Tue, 20 Aug 2013 01:07:56 -0400 (EDT)
From: Scott Kitterman <scott@kitterman.com>
To: ietf@ietf.org
Subject: Re: [spfbis] Last Call: <draft-ietf-spfbis-4408bis-19.txt> (Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1) to Proposed Standard
Date: Tue, 20 Aug 2013 01:07:41 -0400
Message-ID: <1611736.YDOKKx2rmU@scott-latitude-e6320>
User-Agent: KMail/4.10.5 (Linux/3.8.0-27-generic; KDE/4.10.5; i686; ; )
In-Reply-To: <5FF26B6A-7A6C-45FE-BF93-8EB17851159D@virtualized.org>
References: <20130819225810.63086.qmail@joyce.lan> <5FF26B6A-7A6C-45FE-BF93-8EB17851159D@virtualized.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"
X-AV-Checked: ClamAV using ClamSMTP
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Aug 2013 05:08:04 -0000

On Monday, August 19, 2013 21:57:26 David Conrad wrote:
> John,
> 
> On Aug 19, 2013, at 3:58 PM, John Levine <johnl@taugh.com> wrote:
> >> AFAICT, no one is arguing that overloading TXT in the
> >> way recommended by this draft is a good idea, rather the best arguments
> >> appear to be that it is a pragmatic "least bad" solution to the fact
> >> that (a) people often implement (poorly) the very least they can get
> >> away with and (b) it can take a very long time to fix mistakes on the
> >> Internet.> 
> > Neither of those are the reason the WG dropped type 99 records.
> 
> My apologies for trying to provide a high-level summary of what I believe
> the arguments to be.  My understanding of the reasons the WG decided to
> deprecate the SPF RR:
> 
> 1) the low level of deployment of the SPF RR "both on the publishing side
> and the validation side" relative to TXT RRs
> 
> This corresponds to (a): people implement/deploy TXT because it is currently
> sufficient, both from what people put into their zone data as well as what
> middlebox and DNS UI implementors bother supporting.  I believe it is
> sufficient because the migration strategy proposed in RFC 4408 was in
> error.
> 
> 2) a "race condition" or "interoperability problem" resulting from what is
> documented in RFC 6686, Appendix A, #4.
> 
> This corresponds to (b): there was a mistake in 4408 and fixing that mistake
> takes a long time.
> > Once again, I really don't understand what the point is here.
> 
> To quote from "http://www.openspf.org/FAQ/TXT_abuse" (a page on one of the
> websites referenced in RFC 6686):
> 
> "The Right Thing To Do is to get our own RRtype, and although it took a long
> time to get it, we have it assigned."

According to the history of the page, I wrote that in 2006.  Don't confuse 
engineering and marketing.  Despite the revisionist claims to the contrary, 
the SPF community pushed pretty hard on type SPF deployment, but it didn't 
work out very well.  Most open source libraries have given up on type SPF 
query be default, despite having supported it initially.

Support for type SPF in SPF verifiers is more likely declining than increasing.  
At least for the open source implementations capable of supporting it, the 
code has been there for half a decade.  It's mostly been turned off by default 
for operational reasons.

Scott K

v2.23.0 | Report a Bug | By Email