Re-reading this thread, looking for common ground, I see
1) There is near universal agreement that domains will still want to
publish records about the 2821 Mail From identity.
2) There is still concern on where the TXT records should be published:
Either at something like _pra._marid.example.com vs. at example.com
itself.
3) It has been shown that even if records go into sub-domains, due to
the way DNS wildcards work, records still need to be distinguishable
based solely on their content, not their location.
Therefore, I suggest that we adopt the scheme I labeled (3a):
3a) Put scopes in the <ver-ext> field
Proposed by Wayne in
http://www.imc.org/ietf-mxcomp/mail-archive/msg03441.html
This scheme replaces the "/pra" and <ver-ext> field in the version
string with a list of scopes. For example: "spf2.0/pra,mailfrom" or
"spf2.0/mailfrom". It applies to the whole record, so it only helps
domains with very large records if their v=spf1 and spf2.0/pra records
are otherwise the same. If the above two large records were the same,
this would look like:
example.com. IN TXT "spf2.0/pra,mailfrom ... some very
long record here ..."
The only counter to this scheme (other than some preference for the
others) was that it would require existing v=spf1 domains to
re-publish. I don't beleive this would be the case:: All existing SPF
implementations are likely to accept v=spf1 for quite some time, if not
forever. And, because it is also likely that all existing SPF
implementations would be rev'd quickly[1] to support spf2.0/mailfrom,
then new sites can simply publish the new version.
- Mark
[1]: There aren't that many existing implementations, and everyone
running one knows that they are running less than 1.0 code and
generally is keeping an eye on updates.