spf-discuss
[Top] [All Lists]

[spf-discuss] Re: Test suite update

2007-03-25 03:11:36
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Frank Ellermann wrote:
Julian Mehnle wrote:
From a theoretical PoV, in a context that doesn't allow local name
inter- pretations (e.g. SPF records), "museum" -- with or without a
trailing dot - -- is an FQDN.  No questions about it.

+1

From a practical PoV, SPFv1 doesn't support it, and this isn't
something we can fix with minor tweaks to the v=spf1 grammar.

We could decree that it's invalid in chapter 4.8 for consistency with
the <domain-spec> construct always requiring more than one label (in
the absence of macros).

We could also decree that a single trailing dot found in <target-name>
is silently removed, 

You didn't understand what I said.  We cannot add this to v=spf1, EVER.  
Such additions would be semantic changes and existing implementations 
would have to undergo significant changes in order to remain compliant.

and after that it's always added for proper DNS FQDN queries (bypassing
any local "search lists").  But actually I think that's understood, and
nobody needs it in prose somewhere.

Yeah, I'd expect that none of the existing SPF implementations performs DNS 
lookups with local search lists.  It would be like applying a local search 
list to "MX 0 museum." RRs...

There's also the issue of erroneous DNS queries to the root servers.

The 2821 author (John) apparently thinks that this problem is slightly
exaggerated, and nothing that needs to be addressed in 2821bis.  I've
asked him if he's sure, or if [we] should better ask the DNSOP folks.

Please tell us his response when he gives you one.

This is however an issue where I won't take the next 2821bis draft as
gospel, for that I want something that survived IETF and IESG review.

Of course we could also ask them, the Council decided to contact two
DNSOP contributors anyway about an unrelated issue, and maybe asking
also for advice about this relatively harmless detail helps to break
the ice.  BTW, we could also ask Stephane, also a DNSOP regular.

I (being quite busy right now) haven't contacted them yet, but I will.

<target-name> isn't an element of the v=spf1 grammar.  It's a semantic
variable.

Yes, with a somewhat underspecified semantic.

True, but we cannot introduce post-macro-expansion validation into v=spf1.  
It would be an entirely new concept.

BTW, just a thought, we can also post an I-D with "updates 4408".

No, we cannot change v=spf1 in this manner, EVER.

Let's just begin work on v=spf3 instead.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGBkqmwL7PKlBZWjsRAs2cAJ96u1n8k3DT0jLE1PrpYOKdShBMbgCg/Eit
h908vHqNJwdRaJzjY1V6Sp0=
=lElp
-----END PGP SIGNATURE-----

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to http://v2.listbox.com/member/?list_id=735