In <20040803144414(_dot_)GA28898(_at_)nic(_dot_)fr> Stephane Bortzmeyer
<bortzmeyer(_at_)nic(_dot_)fr> writes:
On Tue, Aug 03, 2004 at 06:02:53AM -0500,
wayne <wayne(_at_)midwestcs(_dot_)com> wrote
a message of 29 lines which said:
I have read that paper, and I did reply to the points raised in it.
The issues with TXT records was discussed to death on the MARID list
and even DNS gurus don't seem to have a huge problem the way SPF is
using TXT records.
Discussed to death? Yes. Consensus that there is no problem?
Did I say there were no problems? No. I said that even DNS gurus
don't seem to have a huge problem with the way SPF is using TXT
records.
[snip of the current SenderID spec that talks about a new RR type]
Yeah, that will make some people happy. My bet is that this new RR
type will never be widely used, either for publishing SPF records nor
by SPF/SenderID implementations checking for them.
It will likely be many months before name server software will be
updated to support this new RR type, and some software (djbdns?) may
never support it. It will be even longer before updated name server
software will be deployed. Until then, TXT RRs will be used
exclusively and that will create a large install base of software that
only checks TXT SPF records. There will then be a huge
chicken-and-egg problem: No one will bother publishing with the new
RRs because no one checks them, and no one will bother checking the
new RR because no one publishes them. Even if you check for the TXT
and new RR in parallel and thus only have a small increase in latency,
you are still doubling the bandwidth used and the amount of cache used
to store the NODATA responses.
So, it does not say there is no problem with TXT records (there are)
but quite the opposite: we should not use the TXT record but practical
concerns with broken <insert the name of a big software company> DNS
resolvers and provisioning issues with some Web interfaces for DNS
management force us to allow the use of TXT records.
Well, of course if you ignore all the problems with using a new RR, a
new RR will look better. Again, I didn't say that there are *no*
problems with TXT records. There are just far more problems with
using a new RR type than using a TXT record, and I think this will
always be the case.
What the DNS folks need to do, as I suggested in my first reply, is
uses some of the tens of thousands of completely unused RR numbers and
allocate a whole bunch of TXT-like RRs for people to use. Then TXT
space won't be scares and people won't have to wait for new RRs to be
defined.
Or, there needs to be a new query type defined similar to the EDNS0
technique of adding a little bit of info to the query. You could
do something like allow up to 8 bytes of magic numbers to select on at
the beginning of each TXT record and the reply would only contain
those matching TXT records. No fancy SQL or regular expressions, just
a simple way to extend TXT records.
Things like the draft-ymbk-dns-choices-00.txt I-D just shows that the
DNS folks are stuck in the mindset of "let's never let anyone use TXT
for anything" and "everyone who uses DNS needs to go through us and
get our blessing".
In another 6 months, the most effective thing IANA could do is simply
rename the TXT record to SPF and note that a small percentage of
people use the SPF record for other things.
-wayne