IETF Logo Mail Archive

Re: [spfbis] Last Call: <draft-ietf-spfbis-4408bis-19.txt> (Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1) to Proposed Standard

Måns Nilsson <mansaxel@besserwisser.org> Wed, 21 August 2013 20:06 UTC

Return-Path: <mansaxel@besserwisser.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1DBA221F9E80 for <ietf@ietfa.amsl.com>; Wed, 21 Aug 2013 13:06:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.5
X-Spam-Level:
X-Spam-Status: No, score=-2.5 tagged_above=-999 required=5 tests=[AWL=-0.200, BAYES_00=-2.599, MIME_8BIT_HEADER=0.3, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1x1+mWhlSftN for <ietf@ietfa.amsl.com>; Wed, 21 Aug 2013 13:05:59 -0700 (PDT)
Received: from jaja.besserwisser.org (jaja.besserwisser.org [IPv6:2a01:298:4:0:211:43ff:fe36:1299]) by ietfa.amsl.com (Postfix) with ESMTP id 0B0F221F9F1F for <ietf@ietf.org>; Wed, 21 Aug 2013 13:05:45 -0700 (PDT)
Received: by jaja.besserwisser.org (Postfix, from userid 1004) id D030F9E5B; Wed, 21 Aug 2013 22:05:37 +0200 (CEST)
Date: Wed, 21 Aug 2013 22:05:37 +0200
From: Måns Nilsson <mansaxel@besserwisser.org>
To: Scott Kitterman <scott@kitterman.com>
Subject: Re: [spfbis] Last Call: <draft-ietf-spfbis-4408bis-19.txt> (Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1) to Proposed Standard
Message-ID: <20130821200537.GH30516@besserwisser.org>
References: <20130819131916.22579.36328.idtracker@ietfa.amsl.com> <6.2.5.6.2.20130820100431.0df2aea0@elandnews.com> <20130821100055.GF30516@besserwisser.org> <13637683.gDTVOaM8nE@scott-latitude-e6320>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="bygAmIonOAIqBxQB"
Content-Disposition: inline
In-Reply-To: <13637683.gDTVOaM8nE@scott-latitude-e6320>
X-URL: http://vvv.besserwisser.org
X-Purpose: More of everything NOW!
X-happyness: Life is good.
User-Agent: Mutt/1.5.20 (2009-06-14)
Cc: ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Aug 2013 20:06:01 -0000

Subject: Re: [spfbis] Last Call: <draft-ietf-spfbis-4408bis-19.txt> (Sender Policy?Framework (SPF) for Authorizing Use of Domains in Email, Version 1) to Proposed Standard Date: Wed, Aug 21, 2013 at 08:51:31AM -0400 Quoting Scott Kitterman (scott@kitterma
> > Apparently.
> 
> Translated:
> 
> RFC 4408 was in error because it didn't abandon it's installed base.  I gather 
> this is an error you propose to rectify.

Well, almost. 4408 sort of blunders about like the elephant in a china
shop wrt. query method and depreciation. 
	(As I have been sternly lectured off-list that I do not understand
	the SPF payload and therefore am in no position to discuss the
	DNS usage, I'd like to assert that the payload syntax matters
	marginally, if at all, for the discussion about which DNS records
	to use and how.)

Specifically, 4408 section 3.1.1 should be updated to: 

* A domain SHOULD use SPF and MAY use TXT. The latter is only suitable if
  SPF is impossible to publish. 

* If it is possible to use SPF as a result of having modern provisioning
  systems, SPF MUST be used and consequently, TXT SHOULD NOT be used. (I'd
  like MUST here, but I'm not certain it flies.) If SPF and TXT coexist, 
  they MUST agree wrt content. 

* The notion of a sunset date as introduced by Mark Andrews, is interesting. 

Section 4.1.1 in 4408 should be altered to direct implementations to
FIRST look for SPF and then _perhaps_ (I'm open for discussion) ask for
TXT, thus creating an incentive to improve performance by serving SPF
rather than TXT. After a possible sunset, TXT MUST NOT be queried for. 

The preference for SPF vs TXT that is present in 4408 is to be kept
unaltered.

-- 
Måns Nilsson     primary/secondary/besserwisser/machina
MN-1334-RIPE                             +46 705 989668
I'm gliding over a NUCLEAR WASTE DUMP near ATLANTA, Georgia!!

v2.23.0 | Report a Bug | By Email