On Wed 01/May/2013 03:04:52 +0200 Mark Andrews wrote: > In message <517FF144.5040600@xxxxxxx>, Alessandro Vesely writes: >> On Tue 30/Apr/2013 01:07:42 +0200 Mark Andrews wrote: >>> >>> SPF is techically superior to TXT is lots of ways. >>> >>> [...] >>> >>> For TXT you need to lookup the existing RRset, extract >>> the v=spf1 record from it. You then need to create a >>> UPDATE message to delete just that record as well as add >>> the new TXT record. You then have to hope that no one >>> else is performing a simultaneous update as you may get >>> two TXT v=spf1 records in the RRset. >> >> That's true, except that one has TXT records anyway. > > nsupdate > update del example.com SPF > update add example.com 3600 SPF v=spf1 .... > send > > [intricacies of doing so in the face of multiple TXT records elided] Thanks for the examples. > I'm sure I could come up with a more compact way of identifying > a spf record but it wouldn't be needed if people published type > SPF. You must mean "if people published SPF _only_". What percentage of NS servers use dynamic updates primarily? (I only happened to use nsupdate occasionally, e.g. to fix dhcp hiccups.) Switching to fully dynamic management would be a major evolutionary step for DNS, and it will certainly make the arguments for strong DNS typing more stringent.