On Wednesday, August 21, 2013 23:32:33 Mark Andrews wrote:
I object to the removal of the SPF record.
This is not a shock. You were in the rough when we discussed it in the WG
too.
Name servers already have access controls down to the granuality
of TYPE. If this draft proceeds as currently described it is forcing
name server vendors to access controls at the sub TYPE granuality.
It's primarily an issue for applications. To the DNS, it's exactly what it
is, a TXT record.
With SPF lookup first I can specify the SPF policy using SPF and
leave TXT free for other uses without having to worry about the
records being misinterpeted.
Unless you have some specific reason to be concerned about accidentally
starting an unrelated TXT record with "v=spf1 ", I can't imagine you don't
have more important things to worry about. This being a "problem" is a great
theory, but it just doesn't happen in practice.
SPF validators MUST NOT proceed to a TXT lookup on SERVFAIL for SPF.
This is similar to not proceeding to A/AAAA lookups on MX lookup
failures.
Except that it's quite common for a SERVFAIL on TYPESPF to occur for a domain
that has an actual SPF record due to various operational issues. SERVFAIL on
type SPF doesn't reliably tell you anything about what a type TXT lookup would
produce. So it's similar, but only superficially so.
I would also suggest that there be a sunset date published for the
use of TXT for SPF.
Do you also suggest creation of an Internet police force to enforce this?
What would be be mandatory minimum sentence?
Scott K