On Tue, Mar 29, 2005 at 12:12:59PM -0500, Scott Kitterman wrote:
I'm, by and large, with Frank. We need to get the existing v=SPF1
documented in an experimental RFC and then move on to whatever comes next.
I do think that some added cautions wrt DNS loading and security risks may
be in order. I'm thinking that one over.
I'm the same way.
The design phase for spf1 is long over.
Tweaks that address DNS DOS attacks make sense to me as
acceptable modifications, but IMHO pretty much nothing else
does, outside of fixing spelling/editing/wording problems
or internal inconsistencies within the spec.