-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com]On Behalf Of Mark
Lentczner
Sent: Wednesday, October 06, 2004 12:21 PM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: Re: [spf-discuss] SPF v1 draft for review
Friends -
Contributors
------------
The authors of the DMP, RMX and Vixie proposals are listed in the
references section. Is that not enough?
New RR
------
The wording an design of this section was done in conjunction
with DNS
guru types. It doesn't include the stronger language they desired
which would have made the new RR type required for both
publishers and
receivers.
It is by design that publishers can choose not to publish the TXT
format if they wish. One can only hope for a day when
deployment makes
this a reasonable option.
It is also by design that which order to query the types isn't
specified. Implementations may choose to query both simultaneously.
I understand, makes sense, I am converted.
May I humbly suggest that the documentation be explicit in this statement, i.e.
An SPF compliant check SHOULD lookup both types.
Be changed to:
An SPF compliant check SHOULD use both RR types, either by query for both
RR types
simultaneously OR by query for RR of new type and if not found then proceed to
lookup on the TXT RR
record type
Or in its weakest (but still explicit form):
An SPF compliant check SHOULD use both RR types, either by query for both
RR types
simultaneously OR by query for RR of one type and if not found then proceed to
lookup on RR of the
other type
REASONING: High volume or low connection speed servers may want to conserve
bandwidth, and where
bandwidth is more precious then time, these alternative wordings allow a site
to stop at the first
successful query (which is reasonable since both results are required to be
identical).
Terry Fielder
Manager Software Development and Deployment
Great Gulf Homes / Ashton Woods Homes
terry(_at_)greatgulfhomes(_dot_)com
Fax: (416) 441-9085
Repeated Modifiers
------------------
Section 4.6.3 says "The same key MUST NOT appear in more than one
modifier in a record." The intent is that modifiers cannot be
repeated, and any repetition results in a syntax error (PermFail).
As this is a specification, it should not sanction tolerance of
non-well-formed records, or records with ambiguous semantics (such as
having two "exp=" sections). Implementations, will of
course, vary in
their degree of strictness.
Case Sensitivity
----------------
Since the specification is defined using the ABNF of RFC 2234, all
alphabetic literal characters (those in double quotes) in the syntax
are case insensitive. So, yes, "v=spf1" and "V=SPF1" and
"v=SpF1" are
technically all legal and the same. Similarly, "+a" and "+A" are the
same. On the other hand, the characters that make up domain-spec and
macro-string, as they are specified with percent notation (as in
%x30-7E), are case sensitive.
I have long suspected that this is NOT really agreed upon
understanding
of SPF v1. Comments?
- Mark
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in
Atlanta features SPF and Sender ID.
To unsubscribe, change your address, or temporarily
deactivate your subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com