Stuart D. Gathman replied:
I do agree, however, that the XML data is too
large for DNS and ought to be fetched via TCP.
Which leaves a huge question mark whether DNS queries over TCP are actually
going to work as nobody's ever used them. That's why I like Tim's thing better,
as HTTP over TCP is proven and easy to publish. And it would not create extra
strain on the DNS infrastructure. As an added bonus, HTTPS could be specified
instead of HTTP, making MITM attacks more difficult.
This makes SPF1 a prerequisite to using SPF2.
I honestly don't see where the issue is.
By sticking with the current _ep subdomain scheme for
SPF2, the layers are more independent. However, the
existing _ep format can contain the link.
Could you post an example? I think I understand what you want to do but I could
not figure out how to make it work within what is defined in
draft-ietf-marid-core-00.txt
Tim Meadowcroft wrote:
Similarly a publisher can choose to publish either or both records
SPF but no XML record: v=spf2 mx -all
XML, no SPF: v=spf2 xml=http://www.schmerg.com/spf.xml
Both: v=spf2 xml=http://www.schmerg.com/spf.xml mx -all
This is definitely something I like as domain owner, no matter what the syntax.
but I thought it was a good way to AVOID forking SPF (which
I am dead set against - I'd drop interest in SPF if it forked,
whereas if it went XML-in-DNS I'd retain a skeptical interest).
That's exactly how I understood it, and it does make a lot of sense to me.
Michel.