Hi Doug,
At 21:55 11-09-2013, Douglas Otis wrote:
Recommended text is as follows:
Thanks for suggesting text. I'll take this up with the SPFBIS WG
after the (IESG) DISCUSSes have been addressed.
Here are some quick comments. Section 4.6.4 was reviewed again in
response to the DISCUSS from Barry Leiba. I will take the new
changes into consideration when making a suggestion to the SPFBIS WG
about that part of the draft. I'll also review the text proposed in
the message at
http://www.ietf.org/mail-archive/web/ietf/current/msg82402.html
before making that suggestion.
There were also some text clarifications to Section 5 in response to
comments from Barry Leiba. I'll see whether the addition of the one
sentence which you propose fits in.
Some text was proposed to address the "DNS message" issue in Section
3.4 (
http://www.ietf.org/mail-archive/web/spfbis/current/msg04104.html
). I'll use your suggestion and some of the other suggestions to get
this issue resolved.
It is my understanding that you consider the "macro" issue (Section
11.5.3 in the text which was proposed) as a major one. The argument
in your message starts with IPv6 or DNSSEC not being in the purview
of draft-ietf-spfbis-4408bis. It is followed by EDNS0 is used with
DNSSEC, and there is a discussion about MTU after that. The next
paragraph starts with the argument that the SPF macro feature can be
used for "attacks". The proposed text then argues that SPF records
containing macros are to be ignored to mitigate such an attack. At
the moment I do not know what I will suggest. I welcome any new
input from anyone who has not commented about the "macro" issue.
I suggest using the spfbis@xxxxxxxx mailing list only for any
follow-up about the above instead of copying the message to the ietf@xxxxxxxx.
Regards,
S. Moonesamy (as document shepherd)