-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com]On Behalf Of David
MacQuigg
Sent: Friday, May 06, 2005 11:26 AM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: Re: [spf-discuss] New DNS Record Types
I'm very close to reaching a conclusion that the least painful alternative
for a new service needing multiple TXT-type records is to use the
_namehack. The one issue I need to nail down is Wayne's concern about the
conflict between this and certain web interfaces to DNS hosting
services. Is this something easily fixed, like a common PHP
script used by
all the web interfaces with this problem, or is it something much more
embedded? Did any of the other services using _namehacks encounter this
problem? How about the _namehacks in DomainKeys and CSV?
The main difference right now is that DomainKeys and CSV are only for
entities that run mail servers. SPF is for all domain owners. In general,
the types of organizations that do DomainKeys and CSV are much less likely
to be managing their DNS entries via a web interface. DomainKeys says that
they will offer MUA level signing, but until they do, if you don't have a
mail server, you don't do DomainKeys. AFAIK, CSV has almost no deployment.
I have asked my DNS provider to allow the underscore in host names, but they
haven't implemented it yet. They are generally responsive to user requests.
I don't know the answer to your question about how hard this would be to
change. I've drawn the conclusion from my experience with my provider that
either there isn't much demand for it or it's hard. I'm not sure which.
In the early development of SPF, deployability of records and getting past
the chicken-egg problem of record publishing/record checking was a primary
consideration in the design trades they made. I think that this was (and
is) smart.
Scott Kitterman