spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Forking SPF into The New SPF and SPF1

2004-06-07 13:14:39
from [James Couzens] [Permanent Link] 
On Mon, 2004-06-07 at 13:03, Michel Py wrote:

Which leaves a huge question mark whether DNS queries over TCP are actually 
going
to work as nobody's ever used them. That's why I like Tim's thing better, as 
HTTP
over TCP is proven and easy to publish. And it would not create extra strain 
on
the DNS infrastructure. As an added bonus, HTTPS could be specified instead of
HTTP, making MITM attacks more difficult.


There is little question here.  Transfers over TCP happen in DNS all the
time.  Indeed likely every zone transfer (AXFR) as well as, any time a
query (recursive or otherwise) exceeds 'X' DNS automagically switches to
TCP.  In fact, in a PERFECT world we would all use keyservers instead...
something actually designed to handle this very thing...

I've said this before, thats a neat idea, but a bad one.  I would rather
have the DNS servers handle the TCP load than farming it off anywhere
else given the alternative.  My issue is forcing the use of TCP period! 
TCP is expensive eh?  I did the math in here before, UDP is
significantly less expensive, and I'm not exaggerating here.  UDP
because of its size and because it doesn't have to negotiate a
connection is also FASTER.
 

Could you post an example? I think I understand what you want to do but
 I could not figure out how to make it work within what is defined
 in draft-ietf-marid-core-00.txt



That's exactly how I understood it, and it does make a lot of sense to me.


XML in DNS is just plain stupid.  I'll be leaving the playground should
the moon ever turn blue and i'll be taking my ball with me!

Cheers,

James

-- 
James Couzens,
Programmer
-----------------------------------------------------------------
http://libspf.org -- ANSI C Sender Policy Framework library
http://libsrs.org -- ANSI C Sender Rewriting Scheme library
-----------------------------------------------------------------
PGP: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBD3BF855

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com

Attachment: signature.asc
Description: This is a digitally signed message part

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: everybody please calm down :), Stuart D. Gathman
Next by Date:  RE: everybody please calm down :), Scott Taylor
Previous by Thread:  RE: Forking SPF into The New SPF and SPF1, Michel Py
Next by Thread:  RE: Forking SPF into The New SPF and SPF1, terry
Indexes:  [Date] [Thread] [Top] [All Lists]