spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [spf-discuss] Re: Another test case for the test suite...

2007-01-12 08:55:26
from [wayne] [Permanent Link] 
In <20070112152527(_dot_)GS5768(_at_)ergens(_dot_)op(_dot_)het(_dot_)net> Alex 
van den Bogaerdt <alex(_at_)ergens(_dot_)op(_dot_)het(_dot_)net> writes:


On Fri, Jan 12, 2007 at 09:03:26AM -0600, wayne wrote:


I think that pushing for the implementation of type99 records with
stuff like name servers and such would be very good.  I can certainly
see that at some future date, a new version of SPF may support only
type99 records, and if we get stuff working now, this won't be a
problem.

For SPFv1, I think we shouldn't touch it.


In other words:

For SPFv1 (and 2.0) keep TXT as the primary RR to get things rolling,
but do encourage adopting SPF RR as well, so that there is no chicken
and egg problem when it's time for SPFv3.


Agreed.


Telling people there's no need to think about the SPF RR type, is
(IMnsHO) short sighted.


Yes, but there are lots of different people out there who do different
things.  Not everyone needs to know about type99 SPF records at this
time.



Now is the time to get hands on experience, with an easy fall back
mechanism (just remove the SPF RR record, and your TXT record will
be used again).


Agreed.

I think type99 SPF records need to be pushed in stages:

1) Get a RR type assigned by IANA and published in standards.

2) Get all major name server and resolvers implementations to support
   type99 records as well as they support TXT records.

3) Get SPF implementations to support type99 records, but the default
   *MUST* be to only deal with TXT records.  This should be for
   knowledgeable people who want to experiment.

4) Get firewalls, intrusion detection systems, etc. to allow new DNS
   RR types.

5) Get DNS hosters to (silently) publish type99 records for any valid
   SPF record that is published in a TXT record.

6) Change the default on SPF implementations to check type99 records
   by default.

7) Start pushing type99 records more widely and promote the transition
   from TXT records.

At this time, we have passed stage 1) and are in stage 2).  Going
beyond stage 3) at this point would be putting the cart in front of
the horse and do nothing but cause problems and create confusion.

Unfortunately, MS's DNS stuff qualifies as a major name server and
until they decide to update it to support type99 records, we really
can't advance to the later stages.  :-<



-wayne

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to http://v2.listbox.com/member/?list_id=735
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [spf-discuss] Re: Another test case for the test suite..., Alex van den Bogaerdt
Next by Date:  Re: [spf-discuss] Re: Better approach to the forwarder problem, Dick St.Peters
Previous by Thread:  Re: [spf-discuss] Re: Another test case for the test suite..., Alex van den Bogaerdt
Next by Thread:  [spf-discuss] Re: Another test case for the test suite..., Frank Ellermann
Indexes:  [Date] [Thread] [Top] [All Lists]