On Aug 5, 2004, at 6:38 AM, John Glube wrote:
* Will the Marid protocol be changed to say ... senders
must publish using v=marid1?
It will say that to be compliant with the draft, the record must start
"v=marid1". It doesn't compel any senders to be compliant. Nor does
put any restrictions on what other records clients may publish.
Please note: "v=marid1" is only used by example. The new version
string hasn't been picked yet.
* Will those who have already published records be obliged
to change from v=spf1 to v=marid1?
No. And I would encourage them to add a "v=marid1" record, not change
their existing one for now.
* Will the existing libraries and plug-ins have to be
amended?
If they want to be compliant with the protocol and core drafts, yes.
They'll need to use the PRA identity and query for "v=marid1" records
to check against. Of course there is nothing stopping them from
continuing to use the MAIL-FROM identity and querying for "v=spf1"
records to check that against.
Frank writes,
"Okay, if the result is now v=spf1 => test only
SPF/MAILFROM, and v=marid1 => select the SPF tests you like
today, then I can live with this strange solution."
Not quite: Records that start "v=spf1" are used only when checking the
MAIL-FROM identity. Records that start "v=marid1" are used only when
checking the PRA identity. There is nothing stopping a domain from
publishing both, nor a library from checking both.
If a library were to check both, it would have to proceed thus:
1) extract the MAIL-FROM domain, call it <mf-dom>
2) query TXT records for <mf-dom>,
keep only that which starts "v=spf1",
call it <mf-rec>
3) compute <mf-rec>.check_host(<ip>, <mf-identity>)
4) extract the PRA domain, call it <pra-dom>
5) query new RR type records for <pra-dom>
keep only that which starts "v=marid1",
call it <pra-rec>
6) if <pra-rec> is empty,
query TXT records for <pra-dom>
keep only that which starts "v=marid1",
call it <pra-rec>
7) compute <pra-rec>.check_host(<ip>, <pra-identity>)
Steps 2 and 6 could, of course, use the same query if <mf-dom> and
<pra-dom> are the same. Many of these steps could be done in parallel
(such as 5 & 6).
- Mark "protocol-draft-guy" Lentczner
Mark Lentczner
http://www.ozonehouse.com/mark/
markl(_at_)glyphic(_dot_)com