Problem part of the spec:
domain-spec = macro-string domain-end
domain-end = ( "." toplabel ) / macro-expand
toplabel = ALPHA / ALPHA *[ alphanum / "-" ] alphanum
; LDH rule (See [RFC3696])
Regarding above Kurt is correct that we should allow for "." at the
end, which correctly means modification of toplabel to:
toplabel = ALPHA / ALPHA *[ alphanum / "-" ] alphanum ["."]
; LDH rule (See [RFC3696])
But underscores are not a problem because allocated domain (toplabel)
should not have any underscores and so the underscore would be in what
is referred to as 'macro-string' which is defined by:
macro-string = *( macro-expand / macro-literal )
macro-expand = ( "%{" macro-letter transformers *delimiter "}" )
/ "%%" / "%_" / "%-"
macro-literal = %x21-24 / %x26-7E
; visible characters except "%"
macro-letter = "s" / "l" / "o" / "d" / "i" / "p" / "h" /
"c" / "r" / "t"
transformers = *DIGIT [ "r" ]
delimiter = "." / "-" / "+" / "," / "/" / "_" / "="
The part that allows underscore in domain spec is macro-literal which
may well be too open (i.e. allows for things that are not hostname) but
that is what the current spec says and I think it is well understood
that transformation is expected to produce FQDN at the end.
I'll think about it more later tonight though...
On Mon, 20 Mar 2006, Kurt Andersen wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
After pondering the issue with the "domain-spec" of SPF not matching
RFC 1034's definition, I have found another, perhaps more serious
inconsistency. (See the earlier thread on spf-discuss found at:
http://thread.gmane.org/gmane.mail.spam.spf.discuss/20772 for details.)
Section 6.l provides an example of redirect with an illegal (according
to the LDH rule) record. This is not just an academic issue, as the
current records for Microsoft and even POBox themselves violate the
LDH specification (by using underscores '_'). I have not combed the
spec for further examples, but I suspect that they are there too.
I strongly urge the council and the authors to correct this
inconsistency by expanding the definition of "domain-spec" in the SPF
draft to match RFC 1034 before this problem becomes formalized.
Cheers,
Kurt
- --
Kurt Andersen <kurta(_at_)agilent(_dot_)com>
Agilent Technologies Postmaster
Global Messaging Team, Agilent Technologies
+1 (509) 921-3792
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFEHvgW8aJC5m0EgMURAozaAJ9fkq9YPRsUF60+aj5Fg15OPX/7ZQCeLgEa
v9rvAIiLfTKWBH6NmPJrqBA=
=KGIJ
-----END PGP SIGNATURE-----
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com