Re: consensus call of RR prefix

Any requirement (or even expectation) of DNS over TCP will probably kill widespread adoption of Sender ID, as DNS over TCP does not work over a large number of networks. Either it's blocked at a firewall, or it's disabled on the DNS server.

If DNS/TCP is blocked at a firewall, then that firewall is badly configured.  (People often come to DNS discussion fora asking what shape of holes they should knock into their firewalls.  The frequently given answer on the subject clearly states that such holes will encompass DNS/TCP for the back-ends of resolving proxy DNS servers.)  And if you think that resolving proxy DNS server softwares have the capability of disabling the use of DNS/TCP, then you are confused.  No mainstream resolving proxy DNS server has such a capability (and quite rightly so, given RFC 1123 section 6.1.3.2).  Only content DNS server softwares provide anything remotely like such a capability, and only one mainstream DNS server software package, djbdns, actually has the ability to selectively disable the use of DNS/TCP for its content DNS service.  Other content DNS server softwares have the capability of disabling the "zone transfer" database replication mechanism; but that is not the same as disabling the use of DNS/TCP, old wives tales to the contrary notwithstanding.