[BALUG-Admin] linuxmafia.com & SPF (was: BALUG & SPF)

Rick Moen rick@linuxmafia.com
Mon Aug 21 11:52:42 PDT 2017 

I wrote:

> The dedicated SPF RR does exist as an IETF spec.


Update:  Discontinued in 2014 -- and I would suggest this was probably
because of the considerations I cited.  Reference:
https://tools.ietf.org/html/rfc7208#section-3.1
https://tools.ietf.org/html/rfc6686#appendix-A

Quoting the former:

   SPF records MUST be published as a DNS TXT (type 16) Resource Record
   (RR) [RFC1035] only.  The character content of the record is encoded
   as [US-ASCII].  Use of alternative DNS RR types was supported in
   SPF's experimental phase but has been discontinued.

   In 2003, when SPF was first being developed, the requirements for
   assignment of a new DNS RR type were considerably more stringent than
   they are now.  Additionally, support for easy deployment of new DNS
   RR types was not widely deployed in DNS servers and provisioning
   systems.  As a result, developers of SPF found it easier and more
   practical to use the TXT RR type for SPF records.

   In its review of [RFC4408], the SPFbis working group concluded that
   its dual RR type transition model was fundamentally flawed since it
   contained no common RR type that implementers were required to serve
   and required to check.  Many alternatives were considered to resolve
   this issue, but ultimately the working group concluded that
   significant migration to the SPF RR type in the foreseeable future
   was very unlikely and that the best solution for resolving this
   interoperability issue was to drop support for the SPF RR type from
   SPF version 1.  See Appendix A of [RFC6686] for further information.

   The circumstances surrounding SPF's initial deployment a decade ago
   are unique.  If a future update to SPF were developed that did not
   reuse existing SPF records, it could use the SPF RR type.  SPF's use
   of the TXT RR type for structured data should in no way be taken as
   precedent for future protocol designers.  Further discussion of
   design considerations when using new DNS RR types can be found in
   [RFC5507].

Which also prompts a correction to my earlier post:  I'm pretty sure I 
added my SPF RR immediately upon Meng Wong finishing the SPF spec in
2003, and not in 2010 as I said earlier.

More information about the BALUG-Admin mailing list