Hi Pete,

I'll post some text proposed by Scott Kitterman to address the 
DISCUSS.  I am adding the SPFBIS WG to the Cc.

At 06:55 07-09-2013, Pete Resnick wrote:
>Pete Resnick has entered the following ballot position for
>draft-ietf-spfbis-4408bis-19: Discuss

[snip]

>Holding my own DISCUSS:
>
>Text needs to be created (probably for section 3.1) to better describe
>the reason this document settled on TXT RR only and therefore why no
>precedent is set for future use of the TXT RR.

[snip]

>----------------------------------------------------------------------
>COMMENT:
>----------------------------------------------------------------------
>
>Clarifications needed regarding size limitations in 3.4, and perhaps some
>clarifications in 4.6.4.

3.1.  DNS Resource Records

    SPF records MUST be published as a DNS TXT (type 16) Resource Record
    (RR) [RFC1035] only.  The character content of the record is encoded
    as [US-ASCII].  Use of alternative DNS RR types was supported in

WAS

<    SPF's experimental phase, but has been discontinued.  See Appendix A
<    of [RFC6686] for further information.

PROPOSED

 >    SPF's experimental phase, but has been discontinued.
 >
 >    In 2003, when SPF was first being developed, the requirements for
 >    assignment of a new DNS RR type were considerably more stringent than
 >    they are now.  Additionally, support for easy deployment of new DNS
 >    RR types was not widely deployed in DNS servers and and provisioning
 >    systems.  As a result, at that time, there was no reasonable
 >    alternative to using the TXT RR type for SPF records.
 >
 >    In its review of [RFC4408] the SPFbis working group concluded that
 >    its dual RR type transition model was fundamentally flawed since it
 >    contained no common RR type that implementers were required to serve
 >    and required to check.  Many alternatives were considered to resolve
 >    this issue, but ultimately the working group concluded that
 >    significant migration to the SPF RR type in the forseable future and
 >    that the best solution for resolving this interoperability issue was
 >    to drop support for the SPF RR type from SPF version 1.  See Appendix
 >    A of [RFC6686] for further information.
 >
 >    The circumstances surrounding SPF's initial deploymenta decade ago
 >    are unique and very, very unlikely to be repeated.  SPF's use of the
 >    TXT RR type for structured data should in no way be taken as
 >    precedent for future protocol designers.  Things have changed.


3.4.  Record Size

    The published SPF record for a given domain name SHOULD remain small
    enough that the results of a query for it will fit within 512 octets.
    This UDP limit is defined in [RFC1035] section 2.3.4, although it was
    raised by [RFC2671].  Staying below 512 octets ought to prevent older
    DNS implementations from failing over to TCP,and will work with UDP
    in the absence of EDNS0 [RFC6891] support.  Since the answer size is
    dependent on many things outside the scope of this document, it is

WAS

<    only possible to give this guideline: If the combined length of the
<    DNS name and the text of all the records of a given type is under 450
<    octets, then DNS answers ought to fit in UDP packets.  Records that
<    are too long to fit in a single UDP packet could be silently ignored
<    by SPF verifiers due to firewall and other issues that interfere with
<    the operation of DNS over TCP or using ENDS0.

PROPOSED

 >    only possible to give this guideline: If the size of the DNS message,
 >    the combined length of the DNS name and the text of all the records
 >    of a given type is under 450 octets, then DNS answers ought to fit in
 >    UDP packets.  Records that are too long to fit in a single UDP packet
 >    could be silently ignored by SPF verifiers due to firewall and other
 >    issues that interfere with the operation of DNS over TCP or using
 >    ENDS0.

    Note that when computing the sizes for replies to queries of the TXT
    format, one has to take into account any other TXT records published
    at the domain name.  Similarly, the sizes for replies to all queries
    related to SPF have to be evaluated to fit in a single 512 octet UDP

WAS

<    packet.

PROPOSED

 >    packet (i.e.  DNS message size limited to 450 octects).

Regards,
S. Moonesamy (as document shepherd)