IETF Logo Mail Archive

Re: [spfbis] WGLC: draft-ietf-spfbis-4408bis-14 - Fully parse record *first*

Scott Kitterman <spf2@kitterman.com> Mon, 22 April 2013 14:47 UTC

Return-Path: <spf2@kitterman.com>
X-Original-To: spfbis@ietfa.amsl.com
Delivered-To: spfbis@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1BB4F21E8098 for <spfbis@ietfa.amsl.com>; Mon, 22 Apr 2013 07:47:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nrZmEGbl1jkg for <spfbis@ietfa.amsl.com>; Mon, 22 Apr 2013 07:47:43 -0700 (PDT)
Received: from mailout02.controlledmail.com (mailout02.controlledmail.com [72.81.252.18]) by ietfa.amsl.com (Postfix) with ESMTP id B56BA21E8096 for <spfbis@ietf.org>; Mon, 22 Apr 2013 07:47:43 -0700 (PDT)
Received: from mailout02.controlledmail.com (localhost [127.0.0.1]) by mailout02.controlledmail.com (Postfix) with ESMTP id 44E7C20E410C; Mon, 22 Apr 2013 10:47:43 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=kitterman.com; s=2007-00; t=1366642063; bh=/7kxl4kbW8rO3SoI+MlHZaSAwdDH00IKKfkKuRz5Rtc=; h=From:To:Subject:Date:In-Reply-To:References:From; b=RnYMxVoy+00NGtF3CpWurM9zCWAuJPNr58cs8j6jRfh9dOO1HycQhg8ZL0sL/HS0E F32LLTdgwfbpfIgRy/f8yqBEvKv0LAKwfctfEgJmOoSAKTthuzzUavhwnTAXCAufzu of/ZQth1ERLV/mKeBSVywd3kYUAQVhoYXAc9hXBw=
Received: from scott-latitude-e6320.localnet (static-72-81-252-21.bltmmd.fios.verizon.net [72.81.252.21]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mailout02.controlledmail.com (Postfix) with ESMTPSA id 3464A20E40CD; Mon, 22 Apr 2013 10:47:43 -0400 (EDT)
From: Scott Kitterman <spf2@kitterman.com>
To: spfbis@ietf.org
Date: Mon, 22 Apr 2013 10:47:42 -0400
Message-ID: <18983729.OXGN2viB33@scott-latitude-e6320>
User-Agent: KMail/4.9.5 (Linux/3.5.0-27-generic; KDE/4.9.5; i686; ; )
In-Reply-To: <CABuGu1pebsfi+1JHRYoOmm1Q3xft2paOGi3zwXbxHjbR3tmnKw@mail.gmail.com>
References: <20130409062431.GK24624@mx1.yitter.info> <17085583.vi2SDUBAix@scott-latitude-e6320> <CABuGu1pebsfi+1JHRYoOmm1Q3xft2paOGi3zwXbxHjbR3tmnKw@mail.gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"
X-AV-Checked: ClamAV using ClamSMTP
Subject: Re: [spfbis] WGLC: draft-ietf-spfbis-4408bis-14 - Fully parse record *first*
X-BeenThere: spfbis@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: SPFbis discussion list <spfbis.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spfbis>, <mailto:spfbis-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/spfbis>
List-Post: <mailto:spfbis@ietf.org>
List-Help: <mailto:spfbis-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spfbis>, <mailto:spfbis-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Apr 2013 14:47:44 -0000

I don't think so.  An included record only gets match/notmatch or some error.  
The qualifier for the 'all' mechanism in the included record doesn't enter into 
it.

Scott K

On Monday, April 22, 2013 07:40:14 AM Kurt Andersen wrote:
> That leaves the ambiguity of handling -all in embedded (include:) records.
> What should be done if the sample foobar mechanism is being referenced in
> an included record?
> 
> --Kurt
> 
> On Mon, Apr 22, 2013 at 7:04 AM, Scott Kitterman <spf2@kitterman.com> wrote:
> > On Sunday, April 21, 2013 09:21:42 PM Stuart Gathman wrote:
> > > On 04/17/2013 12:50 AM, S Moonesamy wrote:
> > > > As Scott mentioned, things have been very quiet for this WGLC.  It
> > > > helps if there are people who read the draft as you did above as I can
> > > > determine whether the working group reviewed the draft and is ok with
> > 
> > it.
> > 
> > > Minor nit:
> > > 
> > > Section 5.1
> > > 
> > > Mechanisms listed after "all" MUST be ignored.
> > > 
> > > Sure, section 4.6 says
> > > 
> > > If there are any syntax errors
> > > 
> > >     anywhere in the record, check_host() returns immediately with the
> > >     result "permerror", without further interpretation.
> > > 
> > > But an implementer could misinterpret this as saying the following
> > > should get Fail rather than PermError:
> > > 
> > > v=spf1 mx -all foobar
> > > 
> > > Section 4.6 doesn't make it clear you have to parse everything
> > > (returning permerror on syntax errors), and only *then* interpret. The
> > > wording makes it sound like you could parse and interpret one term at a
> > > time, stopping when you get a match or syntax error.
> > 
> > I would tend to favor the MUST be ignored over the returns immediately
> > with a
> > permerror (yielding the opposed view of the preferred result from yours).
> > 
> >  I
> > 
> > think this confirms there's an ambiguity in the current draft.
> > 
> > If I take your view that it's better to raise the error (unknown
> > mechanism),
> > the perhaps changing the 5.1 language would help.  Adding the sentence
> > before
> > 
> > in, for more context:
> > > Mechanisms after "all" will never be tested.  Mechanisms listed after
> > 
> > "all"
> > 
> > > MUST be ignored.
> > 
> > Perhaps if we combine those it helps:
> > > Mechanisms after "all" MUST not be tested.  Mechanisms listed after
> > > "all"
> > > will be ignored for all purposes except syntax error evaluation.
> > 
> > Does that help?
> > 
> > Scott K
> > _______________________________________________
> > spfbis mailing list
> > spfbis@ietf.org
> > https://www.ietf.org/mailman/listinfo/spfbis

v2.23.0 | Report a Bug | By Email