On Wed, 11 May 2005, Mark copied the following eMail exchange to
<spf-council(_at_)moongroup(_dot_)com> in
message <200505110046(_dot_)j4B0kE5G099057(_at_)asarian-host(_dot_)net>:
|----- Original Message -----
|From: "Ted Hardie" <hardie(_at_)qualcomm(_dot_)com>
|To: "Mark" <admin(_at_)asarian-host(_dot_)net>
|Sent: Wednesday, May 11, 2005 1:38 AM
|Subject: Re: Clarification on "RFC Editor Note"
Hi Mark,
As I believe Wayne was told at the time, the
IESG was considering both draft-schlitt-spf-classic-00.txt
and the sender-id documents as candidates for
Experimental RFC at the same time. That statement in
the spf-classic draft would have created an RFC 2119
statement that the other Experiment shouldn't be run.
That was contrary to the decision taken at the end of
MARID (that both should be documented as Experimental
and further work await experience with the experiment).
regards,
Ted Hardie
At 12:28 AM +0000 5/11/05, Mark wrote:
Dear Mr. Hardie,
As a member of the SPF Council, I kindly seek clarification on a matter
regarding draft-schlitt-spf-classic-00.txt:
https://datatracker.ietf.org/public/pidtracker.cgi?command=print_ballot&bal
l
ot_id=1599&filename=draft-schlitt-spf-classic
I read the following:
---------------------------
RFC Editor Note
OLD:
section 2.4, the final sentence of paragraph 1 reads:
"Checking other identities against SPF records is NOT RECOMMENDED because
there are cases that are known to give incorrect results."
NEW:
"Checking other identities against SPF records is not defined in this
document."
---------------------------
Specifically, some confusion exists about the placement/authorship of this
"RFC Editor Note". Can you please shed some light on who added this
comment?
Kind regards,
- Mark
SPF Council member
Looking now at the original wording and Ted Hardie's reply I think I see the
cause of the problem. It's a very simple drafting error on 'our' part. It should
be simple to fix.
The problem clause is "Checking other identities against SPF records is ...."
Here's the problem, as I see it:
SPF 'classic' has defined the syntax and semantics of SPF records in a way which
is substantially independent of the entity being tested.
'v=spf1' defines a specific pair of entities against which to test an IP
address - mailFrom and HELO (in certain cases).
The MARID process proposed the use of the identical SPF record syntax against
different entities - the 'PRA', but with that intent recorded by using a
'spf/2.0' prefix to the record.
The section 2.4 which Ted has taken exception to warns against misuse of "SPF
records" - which are common to both systems; both parallel experiments.
I think it has been (mis-)interpreted as an attempt by the 'SPF Classic'
community to deny the use of the (now common) SPF record syntax in non-Classic
situations. That is how I understand Ted's reply.
As the IETF is an engineering-driven organization, the following wording SHOULD
be acceptable to them and, if respected by other experiments, would meet the
concerns of the SPF community:
--------------
Checking other identities against SPF records prefixed by 'v=spf1' is NOT
RECOMMENDED because there are cases that are known to give incorrect results
---------
The essential change is the addition of the words "prefixed by 'v=spf1' ".
IMHO, this meets our concerns, but leaves those running the 'other experiment'
free to continue - so long as they use the different prefix they proposed during
MARID.
The correct use of prefixes disambiguates the two experiments.
It might be worth Mark testing this wording out on Ted - to see if it would
remove the IETF's concerns.
Chris Haynes