On Sat, 27 Aug 2005, Douglas Otis wrote:
On Sat, 2005-08-27 at 12:00 -0700, william(at)elan.net wrote:
But if reuse of spf1 records is really realy the only way for MS
and it wants to continue, then the only possibility for negotiation
I see is to get it part the way for both sides. This would involve:
1. MS agrees to change its draft and only use positive results of
SID verification on v=spf1 records (but not fail, softfail or
results if record is absent) and that for negative results real
SPF2.0 record would be needed.
This overlooks a problem related to abuse-feedback techniques accruing
to "Sender-ID verified" identities. An erroneous positive verification
based upon a PRA, unchecked by the sender perhaps due to licensing
issues, could be a serious concern. These SPF records are public and
outbound servers are often shared.
I did not say its good way for the future, but it does eliminate the cases
of failures [i.e. email not delivered] due to record being used by incorrect
protocol, which is a lot worse then what you describe. And what I said
is that this maybe an acceptable [temporary] compromise (not something that
either side is fully happy with) while waiting for permanent solution, which
is #3 on on my list -.both sides agree to work on the next version of SPF
that has clear scoping and when finished promote that instead of spf1.
--
William Leibzon
Elan Networks
william@xxxxxxxx
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf