[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TECH-ERROR: DNS Record Types

To: Jim Lyon <jimlyon@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: TECH-ERROR: DNS Record Types
From: ned.freed@xxxxxxxxxxx
Date: Mon, 23 Aug 2004 18:03:25 -0700 (PDT)
Cc: IETF MARID WG <ietf-mxcomp@xxxxxxx>
In-reply-to: "Your message dated Mon, 23 Aug 2004 17:09:13 -0700" <>
List-archive: <http://www.imc.org/ietf-mxcomp/mail-archive/>
List-id: <ietf-mxcomp.imc.org>
List-unsubscribe: <mailto:ietf-mxcomp-request@imc.org?body=unsubscribe>
References: <>
Sender: owner-ietf-mxcomp@xxxxxxxxxxxx

FWIW, I fuly support making this change.

				Ned

> I believe that the latest Protocol draft (draft-ietf-marid-protocol-03)
> contains changes that don't correctly reflect the consensus of the group
> concerning DNS record types. Briefly, it states:

> 1. Publishers MUST publish using the new SPF2 record type.
> 2. Publishers MAY also publish using TXT records.
> 3. Consumers MUST do lookups using the new SPF2 record type.
> 4. Consumers MAY also do lookups using TXT records.
> 5. Consumers MAY do both lookups (3 and 4) in parallel.
> 6. If consumers receive records from both lookups, they SHOULD use
>    the SPF2 record and ignore the TXT record.

> These are all in section 2.1.1 of the Protocol doc.

> The problems with the above are:

> a. It's not what was previously debated / agreed to.
> b. Anyone who can't publish an SPF2 record cannot comply with this spec.
> c. Anyone who can't look up an SPF2 record cannot comply with this spec.
> d. Publishers who take the "MAY" in step 2 above to heart and don't
>    publish TXT records will have their record be completely invisible
>    to consumers that can't query for the new record type.

> I respectfully request that the above requirements be replaced with:

> 1.Pushblishers SHOULD publish using the new SPF2 record type,
>   if they are able to do so.
> 2. Regardless of whether they published using the SPF2 record
>    type, publishers MUST publish a TXT record.
> 2a.The contents of the SPF2 record and TXT record MUST be identical.
> 3. Consumers SHOULD check for the new SPF2 record type, if they
>    are able to do so.
> 4. Consumers who either cannot query for SPF2 records or who find
>    that a domain hasn't published any SPF2 records MUST query for
>    a TXT record.
> 5. Consumers MAY do both lookups (3 and 4) in parallel.
> 6. If consumers receive records from both lookups, they SHOULD use
>    the SPF2 record and ignore the TXT record.

> Brief Discussion:

> It's undisputed that the world would be a better place if everyone uses
> the new record type. However, it's also undisputed that many players
> won't be able to publish and/or consume the new record type until new
> software is installed. The updated requirements as I've spelled them out
> above will me that:
>   a) Everyone can work before new DNS software is installed.
>   b) After new DNS software is installed, there will be minimal harm to
> the DNS system.

> I think that (a) is obvious. There are four sub-cases:

> i. Publisher and consumer both have out-of-date DNS software:

> If the publisher and consumer both have out-of-date DNS software, the
> publisher will only publish a TXT record. The consumer will only query
> for a TXT record, and get the right information.  All of the oft-debated
> issues of packet size and TCP fallback apply.

> ii. Publisher has up-to-date DNS software and consumer has out-of-date
> DNS software:

> If the publisher has up-to-date DNS software, he'll publish both an SPF2
> record and a TXT record. The consumer will only query for a TXT record,
> and get the right information. All of the packet size and TCP fallback
> issues apply.

> iii. Publisher has out-of-date DNS software and consumer has up-to-date
> DNS software:

> If the publisher has out-of-date DNS software, he'll only publish a TXT
> record. The consumer will query for a DNS2 record, and receiving no
> records will query for a TXT record, yielding the right information. All
> of the packet size and TCP fallback issues will apply.

> iv. Publisher and consumer both have up-to-date DNS software.

> If both the publisher and the consumer have up-to-date DNS software, the
> publisher will publish both an SPF2 and a TXT record. They consumer will
> query for the SPF2 record, and get the right information.  The
> packet-size issues will generally not apply, because the SPF2 record
> won't be mingled with other irrelevant records.

> So in all four cases, the updated requirements work. Contrast this with
> the currently specified requirements, which cause cases (ii) and (iii)
> to fail to discover the record.

> b. Note that after up-to-date DNS software is widely deployed, only SPF2
> record will be queried for. The TXT records will still exist, but will
> not be the subject of queries by SenderID software. As such, the only
> harm that the TXT records cause is that they will take up space in
> packets when other applications query for TXT records for a domain.
> However, as there aren't any such widely-deployed other applications,
> this harm is minimal and largely theoretical.


> -- Jim Lyon

References:
- TECH-ERROR: DNS Record Types
  - From: Jim Lyon

Prev by Date: TECH-ERROR: DNS Server Requirements
Next by Date: Re: TECH-ERROR: DNS Record Types
Previous by thread: TECH-ERROR: DNS Record Types
Next by thread: Re: TECH-ERROR: DNS Record Types
Index(es):
- Date
- Thread