On Wednesday, August 21, 2013 23:32:33 Mark Andrews wrote: > I object to the removal of the SPF record.
This is not a shock. You were in the rough when we discussed it in the WG too. > Name servers already have access controls down to the granuality > of TYPE. If this draft proceeds as currently described it is forcing > name server vendors to access controls at the sub TYPE granuality. It's primarily an issue for applications. To the DNS, it's exactly what it is, a TXT record. > With SPF lookup first I can specify the SPF policy using SPF and > leave TXT free for other uses without having to worry about the > records being misinterpeted. Unless you have some specific reason to be concerned about accidentally starting an unrelated TXT record with "v=spf1 ", I can't imagine you don't have more important things to worry about. This being a "problem" is a great theory, but it just doesn't happen in practice. > SPF validators MUST NOT proceed to a TXT lookup on SERVFAIL for SPF. > This is similar to not proceeding to A/AAAA lookups on MX lookup > failures. Except that it's quite common for a SERVFAIL on TYPESPF to occur for a domain that has an actual SPF record due to various operational issues. SERVFAIL on type SPF doesn't reliably tell you anything about what a type TXT lookup would produce. So it's similar, but only superficially so. > I would also suggest that there be a sunset date published for the > use of TXT for SPF. Do you also suggest creation of an Internet police force to enforce this? What would be be mandatory minimum sentence? Scott K
