spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [OT]Frozen or slushy?

2004-01-29 02:22:34
from [James Couzens] [Permanent Link] 
On Thu, 2004-01-29 at 01:20, Dan Boresjo wrote:

On Wednesday 28 January 2004 9:46 pm, Hallam-Baker, Phillip wrote:

The reason for this is that we are likely to define new features for spf at
some time that mean it makes sense to talk about a 2.0 or 3.0 version with a
whole lotta extra features. We want to have the option of doing that without
loosing backwards compatibility.


Why? The current SPF spec is up to the task it is designed for, unless 
problems arise there should be no need for a series of protocols with 
ever-expanding scope beyond the original premise.

I am getting seriously worried about supporting SPF if it is going to be a 
'blank cheque' for an ongoing process which draws in all kinds of 'features' 
unrelated to the task of IP-based sender authentication.

There is no need to cater for 'unrecognised mechanisms', and I feel that the 
best change that could be made to the current spec is to say that any 
mechanism or modifier not defined in the spec is an error.

If somebody wishes to publish additional data points in their DNS for any 
other purpose (related or unrelated) they can do so with or without SPF's 
help.

If you want to build a reputation system, go do it with your own record type 
- 
maybe "v=mrs1 ...." (mail reputation system)

If you want to publish a public key, go do it with your own record type -
maybe "v=kds1 ..." (key distribution system)

Please don't destroy SPF with feature creep and misplaced 'extensibility'. 
Let's please freeze it and concentrate on evangelism and adoption rather than 
creating new opportinities for confusion and incompatibility.

- Dan


As long as spf1 is locked down, and that any future version never breaks
spf1, and spf1 does as advertised, which is prevent forgery, then there
is no need for anyone to fret, regardless if there is an spf2, or if
there is mrs or kds etc... the 1 alone implies future versions, or else
it would just be called spf and there would be no v= at all.

Cheers,

James

-- 
James Couzens,
Programmer

Current projects:
http://libspf.org

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
Wiki: 
http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/HomePage
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname(_at_)½§Åv¼ð¦¾Øß´ëù1Ií-»Fqx(_dot_)com

Attachment: signature.asc
Description: This is a digitally signed message part

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [OT]Frozen or slushy?, Dan Boresjo
Next by Date:  Re: [OT]Frozen or slushy?, Dan Boresjo
Previous by Thread:  Re: [OT]Frozen or slushy?, Dan Boresjo
Next by Thread:  Re: [OT]Frozen or slushy?, Dan Boresjo
Indexes:  [Date] [Thread] [Top] [All Lists]