In <a0602040cbcefca45e8cd(_at_)[192(_dot_)136(_dot_)136(_dot_)83]> Edward Lewis
<edlewis(_at_)arin(_dot_)net> writes:
At 23:15 -0700 6/10/04, Michel Py wrote:
II. At the same time, we obsolete the RFCs describing the
TXT RR and replace them with new text that says:
i) The TXT RR is now reserved for SPFID and you can't put
anything you want in it anymore; anything that would go
into the TXT record needs to be cleared by MARID first.
ISC's DHCP implementation is one thing that uses the TXT RR (and as
far as I know, not spec'd by a std). I know of other experimental
uses of the TXT RR, for one, opportunistic encryption. There is an
RFC in preparation to document that.
So, MARID can't claim the TXT for it's own - others already use it.
And the fact that one of these of the TXT RR is spec'd in any IETF
document (so far as I have been able to tell), reliance on TXT in a
proposed standard chancy - in my opinion.
I agree, MARID can't claim the TXT RR for it's own. Not only do
others already use it, but there will be new uses for it in the
future. I think that if MARID uses the TXT record, it must "play
fair" by keeping the records as short as possible, making them
distinctive, and placing in parts of the DNS tree that don't cause
conflicts.
I have mentioned several times that before the interim meeting, I did a
scan of 1.3 million email domains (e.g. places that would likely be
checked for SPF records). I found that the usage of TXT records isn't
that high, almost all domains have enough space left in the 512B UDP
DNS packet that you can add SPF records without problems. Of the
dozen or so domains that would need TCP, half are already over the
limit.
Ed mentioned two different examples of existing usage. In the survey,
I found 13 examples of the ISC DHCP records. These records are short
and distinctive, so I think they play fair with the limited TXT resources.
I found 8 examples of what I would guess are the opportunistic
encryption. Those records are so long that, hmmm, I guess they
account for most of the domains that can't add SPF records without
going to TCP. Those records are distinctive, but are way too long.
They certainly need their own RR type, and may need to be shorten up
even then.
For those who are interested in lightly cooked data, you can download
a list of all the text records that I found at:
http://www.midwestcs.com/dns_txt_rr.text
Note that some domains had many records, and each of these are listed
once. I have also collapsed similar records and the leading number is
the count of those records. For example, all valid SPF records are
collapsed into one line, even though there are many different
variations. This will give you a good idea of what is out there that
SPF records will have to co-exist with.
-wayne