"Hallam-Baker," == Hallam-Baker, Phillip <pbaker(_at_)verisign(_dot_)com>
writes:
Hallam-Baker,> There is a separate thread on the factored records
Hallam-Baker,> issue. I see no reason to specify anything more
Hallam-Baker,> than a set of ip addresses with the administrative
Hallam-Baker,> flexibiloity that margaret has argued for. It is
Hallam-Baker,> possible that an argument could be made for
Hallam-Baker,> expansion by the username component of the email
Hallam-Baker,> address. That is a worthwhile discussion.
I've seen it argued earlier in the life of SPF that some sites might
not wish to make their complete list of outgoing IP addresses easily
accessible, and that the exists mechanism in SPF (I guess this is what
is meant by a factored record) is of benefit to such sites. An
attacker who'd comprpomised an ISP's routing could use block records
to rapidly search for domains that list addresses in netblocks the
attacker is able to spoof. Factored records make that search much
harder.
-roy