On Wednesday, February 29, 2012 10:17:52 AM Mark Andrews wrote: > In message > <9452079D1A51524AA5749AD23E00392804C720@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx > m>, "Murray S. Kucherawy" writes: > > > -----Original Message----- > > > From: ietf-bounces@xxxxxxxx [mailto:ietf-bounces@xxxxxxxx] On Behalf > > > Of Doug> > > Barton > > > > > Sent: Tuesday, February 28, 2012 2:24 PM > > > To: John Levine > > > Cc: ietf@xxxxxxxx > > > Subject: Re: DNS RRTYPEs, the difficulty with > > > > > > Intelligent sysadmin: We need to deploy SPF > > > Boss: How does it work? > > > I: Well, eventually it will have its own DNS RR, but for now it > > > works > > > with TXT records > > > B: Ok, put those TXT records in > > > <time passes> > > > I: It's now possible to use SPF RRs for SPF, so I need to make some > > > changes, do some testing, etc. > > > B: Are the TXT records working now? > > > I: Well yes, but ... > > > B: We have more important priorities that I need you to spend your > > > time > > > on, leave the thing that's working alone. > > > > > > Or, put more simply, your conclusion seems to be that we can never > > > add > > > new RRs. Given that adding new RRs is crucial to the growth of the > > > Internet, I reject that conclusion completely. > > > > Your scenario illustrated the problem nicely: People started SPF with > > TXT reco rds because they were available and the road to a new RRType > > was seen as a ste ep one. Once that was even a little bit deployed, it > > became practically irrev ersible. The same happened with DKIM, and > > then VBR, and now it's basically co mmon practice to use naming tricks > > to sidestep the RRType arguments. > > > > I think the right endgame here is to make sure new RRTypes are > > accessible to t hose that want to have them. This will remove the > > temptation to start with TX T and, ultimately, stay there. > > They are there. They were there when SPF was being developed. They > were there when DKIM was being developed. It's just the neigh > sayers won out. > > Libresolv has supported unknown types for 25 years. Other C libraries > support them. dnspython supports them. dnsjava supports them. It > really isn't hard to get a length tagged blob of data back to the > application. > > Authoritative nameservers support them. Recursive nameservers > support them and always have modulo bugs. > > If your DNS hosting company doesn't support them find another one > or complain to them. You are paying them to host your DNS services > and this is a basic part of the job. To what hosting company should I switch if I want to publish SPF records of Type SPF? Scott K _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf