Please excuse the top post.
When I wrote in my post in this thread:
|<snip>
|
|And please remember that Carl Hutzler, in his posts to
|ietf-mxcomp went on to write, in essence, if you want to
|use it (referencing v=spf1 and speaking of SMTP mail from)
|for anything else, it is your network and your rules, but
|...
|
|(I am paraphrasing.)
|
|<snip>
The reference to "I am paraphrasing" was to the referenced
paragraph and the proceeding paragraphs starting with an
asterisk and referencing what Carl Hutzler, John Levine and
Andy Newton had written on the ietf-mxcomp mailing list and
nothing else.
When I wrote the following statement:
|So, let's accept the limits of v=spf1 given the general
|state of affairs, let the folks who are pushing network
|security, push network security, acknowledge the edge cases
|and tell network administrators what is the highest and
|best use.
This was my recommendation to this group, based on what I
wrote in the proceeding paragraphs.
As to the next paragraph:
|If you want to apply for a standard for v=spf1, see the
|IESG reject the request and then proceed to set up your own
|standards body, hey that's your choice. But, that is a road
|I can't follow.
This was my statement.
I thought all this was clear when I made my initial post in
this thread. But since it seems at least once person was
confused, I am clarifying matters by way of a top post.
.....
As to what Wayne wrote on June 5, 2005 in this thread in
response to my post:
|<snip>
|
|> Keep in mind the purpose of an experimental protocol:
|>
|> |The "Experimental" designation typically denotes a
|> |specification that is part of some research or development
|> |effort.
|
|Right, which doesn't describe the SPFv1 protocol that has
|been in use and largely unchanged since late 2003/early
|2004.
I believe the record shows there has been something like 6
draft protocols for v=spf1 since 2003, (I am sure someone
will correct me and provide us with the actual number),
with 2 since November, 2004.
Since the last 2 protocols, senders are now being asked to
publish v=spf1 records for both the domain in the SMTP mail
from and the EHELO/HELO commands.
Yes, yes I know, the mantra is that publishing a v=spf1
record for the domain in the EHELO/HELO command was always
part of v=spf1. However, since my involvement in June,
2004, I don't recall any emphasis being placed on
publishing a record for the domain used in the EHELO/HELO
command until October/November 2004.
As such, looking at the record in its entirety, I must
strongly disagree with your statement and no, I am not
going to go through the record at this time and dig up
every relevant statement.
Having said this, I appreciate the acknowledgement that:
<snip>
|Even if we do come up with something new to address the
|problems with SPFv1, I don't see the deployment of SPFv1
|ending any time in the near future.
<snip>
The acknowledgement that there are "problems with SPFv1" is
the strongest reason for keeping v=spf1 as an experimental
protocol.
Why? So that those who use this protocol will understand it
is an experiment and so subject to change.
John