In <Pine.LNX.4.44.0611281214540.29291-100000@bmsred.bmsi.com> "Stuart D. Gathman" <stuart@bmsi.com> writes:
> [large snip]
I agree with all of that....
> Therefore, as test-suite czar, I declare the MUTUAL EXCLUSION party the
> winner, [...]
However, I would like to wait to hear more people chim in before
declaring a winner. I don't see any reason why this issue needs to be
decided quickly, it has been lurking in the spec for years, after
all.
And, for what it is worth, I'm still doing research into this to see
what what previously said on the subject.
What should happen when you get an SPF check using example.com and
72.81.252.18:
example.com TXT "v=spf1 ip6:::FFFF:72.81.252.18 -all"
1) The SPF result is well defined and the result is Fail. An ip6:
mechanism that lists an IPv4-mapped IPv6 address is effectively a
no-op and will never be matched.
2) The SPF result is well defined and the result is Pass. All SPF
implementations must check both ip4: and ip6: mechanisms.
3) The SPF result is well defined and it depends on whether the
connecting SMTP session is on an IPv6 socket or an IPv4 socket. If
it is on an IPv4 socket, the result is Fail, if it is on an IPv6
socket, the result is Pass.
4) The SPF result is undefined and implementations can choose to match
or not match this.
5) Some other case
Next, what should happen when you get an SPF check using example.org and
72.81.252.18:
example.org TXT "v=spf1 a -all"
AAAA ::FFFF:72.81.252.18
1) The SPF result is well defined and the result is Fail. An AAAA
record that lists an IPv4-mapped IPv6 address is effectively a
no-op and will never be matched.
2) The SPF result is well defined and the result is Pass. All SPF
implementations must check both A and AAAA records.
3) The SPF result is well defined and it depends on whether the
connecting SMTP session is on an IPv6 socket or an IPv4 socket. If
it is on an IPv4 socket, the result is Fail, if it is on an IPv6
socket, the result is Pass.
4) The SPF result is undefined and implementations can choose to match
or not match this.
5) Some other case
Again, while I think these cases will be somewhat rare, I do see them
happening. I think that as IPv6 becomes more common, people will
start thinking in terms of IPv6 addresses and won't always recognize
that ::FFFF:4851:FC12 is really an IPv4-mapped IPv6 address and the
same as ::FFFF:72.81.252.18. I think people will start adding AAAA
records with IPv4-mapped addresses either accidentally or in order to
save an extra lookup for the equivalent A record. I think people will
make typos such as "ip6::1234:5678:9ABC/8" when they meant to have a
"/48".
-wayne
-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?list_id=1007
> [large snip]
I agree with all of that....
> Therefore, as test-suite czar, I declare the MUTUAL EXCLUSION party the
> winner, [...]
However, I would like to wait to hear more people chim in before
declaring a winner. I don't see any reason why this issue needs to be
decided quickly, it has been lurking in the spec for years, after
all.
And, for what it is worth, I'm still doing research into this to see
what what previously said on the subject.
What should happen when you get an SPF check using example.com and
72.81.252.18:
example.com TXT "v=spf1 ip6:::FFFF:72.81.252.18 -all"
1) The SPF result is well defined and the result is Fail. An ip6:
mechanism that lists an IPv4-mapped IPv6 address is effectively a
no-op and will never be matched.
2) The SPF result is well defined and the result is Pass. All SPF
implementations must check both ip4: and ip6: mechanisms.
3) The SPF result is well defined and it depends on whether the
connecting SMTP session is on an IPv6 socket or an IPv4 socket. If
it is on an IPv4 socket, the result is Fail, if it is on an IPv6
socket, the result is Pass.
4) The SPF result is undefined and implementations can choose to match
or not match this.
5) Some other case
Next, what should happen when you get an SPF check using example.org and
72.81.252.18:
example.org TXT "v=spf1 a -all"
AAAA ::FFFF:72.81.252.18
1) The SPF result is well defined and the result is Fail. An AAAA
record that lists an IPv4-mapped IPv6 address is effectively a
no-op and will never be matched.
2) The SPF result is well defined and the result is Pass. All SPF
implementations must check both A and AAAA records.
3) The SPF result is well defined and it depends on whether the
connecting SMTP session is on an IPv6 socket or an IPv4 socket. If
it is on an IPv4 socket, the result is Fail, if it is on an IPv6
socket, the result is Pass.
4) The SPF result is undefined and implementations can choose to match
or not match this.
5) Some other case
Again, while I think these cases will be somewhat rare, I do see them
happening. I think that as IPv6 becomes more common, people will
start thinking in terms of IPv6 addresses and won't always recognize
that ::FFFF:4851:FC12 is really an IPv4-mapped IPv6 address and the
same as ::FFFF:72.81.252.18. I think people will start adding AAAA
records with IPv4-mapped addresses either accidentally or in order to
save an extra lookup for the equivalent A record. I think people will
make typos such as "ip6::1234:5678:9ABC/8" when they meant to have a
"/48".
-wayne
-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?list_id=1007