Re: [spfbis] Last Call: <draft-ietf-spfbis-4408bis-19.txt> (Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1) to Proposed Standard

Måns Nilsson <mansaxel@besserwisser.org> Mon, 19 August 2013 15:05 UTC

Return-Path: <mansaxel@besserwisser.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED11311E82A9; Mon, 19 Aug 2013 08:05:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Level:
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, GB_I_LETTER=-2, MIME_8BIT_HEADER=0.3, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JLsE8axdJROK; Mon, 19 Aug 2013 08:05:24 -0700 (PDT)
Received: from jaja.besserwisser.org (jaja.besserwisser.org [IPv6:2a01:298:4:0:211:43ff:fe36:1299]) by ietfa.amsl.com (Postfix) with ESMTP id 475A111E829F; Mon, 19 Aug 2013 08:05:24 -0700 (PDT)
Received: by jaja.besserwisser.org (Postfix, from userid 1004) id C10729E98; Mon, 19 Aug 2013 17:05:21 +0200 (CEST)
Date: Mon, 19 Aug 2013 17:05:21 +0200
From: Måns Nilsson <mansaxel@besserwisser.org>
To: ietf@ietf.org
Subject: Re: [spfbis] Last Call: <draft-ietf-spfbis-4408bis-19.txt> (Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1) to Proposed Standard
Message-ID: <20130819150521.GB21088@besserwisser.org>
References: <20130819131916.22579.36328.idtracker@ietfa.amsl.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="5I6of5zJg18YgZEa"
Content-Disposition: inline
In-Reply-To: <20130819131916.22579.36328.idtracker@ietfa.amsl.com>
X-URL: http://vvv.besserwisser.org
X-Purpose: More of everything NOW!
X-happyness: Life is good.
User-Agent: Mutt/1.5.20 (2009-06-14)
Cc: spfbis@ietf.org, IETF-Announce <ietf-announce@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Aug 2013 15:05:25 -0000

Subject: [spfbis] Last Call: <draft-ietf-spfbis-4408bis-19.txt> (Sender Policy?Framework (SPF) for Authorizing Use of Domains in Email, Version 1) to Proposed Standard Date: Mon, Aug 19, 2013 at 06:19:16AM -0700 Quoting The IESG (iesg-secretary@ietf.org)
> 
> The IESG has received a request from the SPF Update WG (spfbis) to
> consider the following document:
> - 'Sender Policy Framework (SPF) for Authorizing Use of Domains in Email,
>    Version 1'
>   <draft-ietf-spfbis-4408bis-19.txt> as Proposed Standard
> 
> The IESG plans to make a decision in the next few weeks, and solicits
> final comments on this action. Please send substantive comments to the
> ietf@ietf.org mailing lists by 2013-09-02. Exceptionally, comments may be
> sent to iesg@ietf.org instead. In either case, please retain the
> beginning of the Subject line to allow automated sorting.

I strongly OPPOSE draft-ietf-spfbis-4408bis-19.txt being published as
RFC unless substantial parts are reworked.

* The charter disallows major protocol changes -- removing the SPF RR type
is a direct charter violation; since SPF is being used on the Internet.

* The overloading of the TXT record is a hack at best, aimed at
circumventing DNS management systems vendors that fail to ship
support. Breaking the DNS model with specific resource records is not
the way to get better application support. (besides, the major argument
at the time was "it's so hard and takes ages to get a RR type", which
isn't true anymore and also, the RRtype is allocated, what's the fuss? )

* The empirical data that was gathered and the conclusions from which
that where published as RFC 6686 are IMNSHO flawed and rushed in that they
set far too optimistic deadlines for adaptation before declaring failure.

The IESG should send draft-ietf-spfbis-4408bis-19 back to spfbis wg and tell
the wg that instead of deprecating SPF it should be algorithmically
preferred while maintaining support for TXT.

Thanks, 
-- 
Måns Nilsson     primary/secondary/besserwisser/machina
MN-1334-RIPE                             +46 705 989668
It was a JOKE!!  Get it??  I was receiving messages from DAVID LETTERMAN!!
YOW!!