IETF Logo Mail Archive

Re: [spf-discuss] Re: Appeal: Publication of draft-lyon-senderid-core-01 in conflict with referenced draft-schlitt-spf-classic-02

Douglas Otis <dotis@mail-abuse.org> Mon, 29 August 2005 11:41 UTC

Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1E9i15-0001DG-FZ; Mon, 29 Aug 2005 07:41:31 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1E8oj4-0000Uq-Ue for ietf@megatron.ietf.org; Fri, 26 Aug 2005 20:39:15 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA03466 for <ietf@ietf.org>; Fri, 26 Aug 2005 20:39:13 -0400 (EDT)
Received: from b.mail.sonic.net ([64.142.19.5]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1E8ojs-0005Xq-6F for ietf@ietf.org; Fri, 26 Aug 2005 20:40:06 -0400
Received: from [10.2.164.130] (SJC-Office-NAT-244.Mail-Abuse.ORG [168.61.10.244]) (authenticated bits=0) by b.mail.sonic.net (8.13.3/8.13.3) with ESMTP id j7R0ctHt030459 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NO); Fri, 26 Aug 2005 17:38:59 -0700
In-Reply-To: <x4br3kmq0a.fsf@footbone.schlitt.net>
References: <B5BB79FFA1CF09E73E64D992@B50854F0A9192E8EC6CDA126> <1124993318.13993.123.camel@thunk> <09E57A88-3A53-4A78-99D9-67E95B93E9C5@hxr.us> <x43bowpzni.fsf@footbone.schlitt.net> <7E876E12-3D43-4BFB-8F5B-76C3E985A610@hxr.us> <x4pss0oili.fsf@footbone.schlitt.net> <6503D26C-DB8E-404D-8D8F-5087F64A9119@mail-abuse.org> <x4br3kmq0a.fsf@footbone.schlitt.net>
Mime-Version: 1.0 (Apple Message framework v734)
Content-Type: text/plain; charset="US-ASCII"; delsp="yes"; format="flowed"
Message-Id: <FBFCEBBC-5953-4FC4-9F5F-F27854769165@mail-abuse.org>
Content-Transfer-Encoding: 7bit
From: Douglas Otis <dotis@mail-abuse.org>
Date: Fri, 26 Aug 2005 17:38:52 -0700
To: wayne <wayne@schlitt.net>
X-Mailer: Apple Mail (2.734)
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 2857c5c041d6c02d7181d602c22822c8
Content-Transfer-Encoding: 7bit
X-Mailman-Approved-At: Mon, 29 Aug 2005 07:41:11 -0400
Cc: IETF MARID WG <ietf-mxcomp@imc.org>, ietf@ietf.org
Subject: Re: [spf-discuss] Re: Appeal: Publication of draft-lyon-senderid-core-01 in conflict with referenced draft-schlitt-spf-classic-02
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org

On Aug 26, 2005, at 12:56 PM, wayne wrote:

>
> In <6503D26C-DB8E-404D-8D8F-5087F64A9119@mail-abuse.org> Douglas  
> Otis <dotis@mail-abuse.org> writes:
>
>
>> If the goal of the SPF Classic draft was intended to capture a point
>> in time pre-dating semantic extensions related to RFC-2822 defined
>> content, then perhaps the draft should be on an historic track.  ; )
>>
>
> RFC2026 says:
>
> 4.2.4  Historic
>
>    A specification that has been superseded by a more recent
>    specification or is for any other reason considered to be  
> obsolete is
>    assigned to the "Historic" level. [...]
>
> This wouldn't apply because there are no newer specifications for SPF,
> nor is it obsolete.


My apologies for this poor attempt at humor.  With the authors  
insisting the draft only documents prior art that is now in conflict,  
it becomes difficult to consider this draft as experimental.

With an experimental draft, one would expect modifications addressing  
issues as they arise.  This record conflict has been a problem for a  
long time.  If this draft is really only for historical purposes,  
perhaps SPF Classic should dropped.  Sender-ID would then need to  
introduce a different draft defining the syntax related to the DNS  
records.


>
>> SPF Classic has not achieved the goal of capturing a pristine version
>> of pre-MARID semantics.  With some semantic changes introduced by the
>> SPF Classic draft itself, [...]
>>
>
> There isn't a "pristine" version of SPF, there are several different
> draft specifications and a whole bunch of implementation.  There are,
> unfortunately, conflicts between these.  The SPF-classic I-D attempts
> to document the most coherent intersection of these.


The reduction in processing limitations seemed substantial with  
understandable reasons.  There was a change that including HELO in  
parallel with the MAIL FROM rather than when the MAIL FROM was NULL.   
A number of other changes have since been struck.  Problems created  
when modifying record processing or what identifies are applied could  
be ameliorated through use of record versioning.  This would ensure  
the server understood how to utilize the record being offered.

While I agree with the view that PRA semantics may create problems  
when applied against the initial record version, the Sender-ID draft  
permits the use of a scoped version of the record which makes it  
clear what semantics are expected.  Accommodating this identical  
provision within SPF would have resolved the potential Sender-ID  
conflict and also would have been a means to acknowledge adherence to  
newer processing limits and HELO checking, for example.

Sender-ID does not define the syntax of the record, but instead  
depends upon the SPF draft for these definitions.  It would appear  
the Sender-ID draft is willing to follow the syntax defined by the  
SPF draft.  The major difference is that Sender-ID accommodates both  
versions of the record, whereas, despite the reasons, SPF has  
deliberately elected not to support the scoped version.

This difference relates to a prefix of "v=spf1 ..." versus "spf2.0/ 
<scope>,<scope> ..."


> While I'm sure that the SPF-classic I-D can be improved, I think it
> has done a good job of meeting the goal of documenting SPF, as it
> existed pre-MARID.


I understand this is the justification used for the draft then  
ignoring the scoping problem. : (


Solutions:

a) Sender-ID avoids applying any RFC-2822 content semantics to the  
initial DNS record version.

b) SPF incorporates support for a scoped version of the DNS record.

c) a & b

d) Drop SPF Classic and create a separate syntax document.


The number of domains publishing the initial version of the DNS  
records negatively affected is likely less than those that benefit.   
By itself, SPF is not without its own significant issues.  Even  
Hotmail publishes just the initial record version, but depends upon  
the PRA.  It would seem that while the SPF effort claims  
guardianship, they have been guilty of versioning abuses as well.   
Although option b is not perfect, it is good enough.

-Doug








_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf

v2.23.0 | Report a Bug | By Email