Subject: Re: [spfbis] Last Call: <draft-ietf-spfbis-4408bis-19.txt> (Sender Policy?Framework (SPF) for Authorizing Use of Domains in Email, Version 1) to Proposed Standard Date: Wed, Aug 21, 2013 at 08:51:31AM -0400 Quoting Scott Kitterman (scott@kitterma > > Apparently. > > Translated: > > RFC 4408 was in error because it didn't abandon it's installed base. I gather > this is an error you propose to rectify. Well, almost. 4408 sort of blunders about like the elephant in a china shop wrt. query method and depreciation. (As I have been sternly lectured off-list that I do not understand the SPF payload and therefore am in no position to discuss the DNS usage, I'd like to assert that the payload syntax matters marginally, if at all, for the discussion about which DNS records to use and how.) Specifically, 4408 section 3.1.1 should be updated to: * A domain SHOULD use SPF and MAY use TXT. The latter is only suitable if SPF is impossible to publish. * If it is possible to use SPF as a result of having modern provisioning systems, SPF MUST be used and consequently, TXT SHOULD NOT be used. (I'd like MUST here, but I'm not certain it flies.) If SPF and TXT coexist, they MUST agree wrt content. * The notion of a sunset date as introduced by Mark Andrews, is interesting. Section 4.1.1 in 4408 should be altered to direct implementations to FIRST look for SPF and then _perhaps_ (I'm open for discussion) ask for TXT, thus creating an incentive to improve performance by serving SPF rather than TXT. After a possible sunset, TXT MUST NOT be queried for. The preference for SPF vs TXT that is present in 4408 is to be kept unaltered. -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE +46 705 989668 I'm gliding over a NUCLEAR WASTE DUMP near ATLANTA, Georgia!!
Attachment:
signature.asc
Description: Digital signature