IETF Logo Mail Archive

Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-detection-00

Paul Ebersman <list-add@dragon.net> Wed, 17 July 2019 18:37 UTC

Return-Path: <list-add@dragon.net>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6ECCF12085E for <add@ietfa.amsl.com>; Wed, 17 Jul 2019 11:37:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yNzBw2Xl_wS2 for <add@ietfa.amsl.com>; Wed, 17 Jul 2019 11:37:14 -0700 (PDT)
Received: from mail.dragon.net (mail.dragon.net [IPv6:2001:4f8:3:36::235]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D99A01201DC for <add@ietf.org>; Wed, 17 Jul 2019 11:37:14 -0700 (PDT)
Received: from fafnir.remote.dragon.net (localhost [IPv6:::1]) by mail.dragon.net (Postfix) with ESMTP id CA44F374009B; Wed, 17 Jul 2019 11:37:13 -0700 (PDT)
Received: by fafnir.remote.dragon.net (Postfix, from userid 501) id 9C074157858C; Wed, 17 Jul 2019 12:37:13 -0600 (MDT)
Received: from fafnir.local (localhost [127.0.0.1]) by fafnir.remote.dragon.net (Postfix) with ESMTP id 9429E157858B; Wed, 17 Jul 2019 12:37:13 -0600 (MDT)
From: Paul Ebersman <list-add@dragon.net>
To: Rob Sayre <sayrer@gmail.com>
cc: add@ietf.org
In-reply-to: <CAChr6SwM1aopoLdowTesua5xLKSmE4AgidWK89PiHxMm-oVmZA@mail.gmail.com>
References: <CAChr6SwEUz9MrdRA0bnv9f-oNi0oUHkfRKjd9-o6jwhuckLXdw@mail.gmail.com> <CAFWeb9LNdT=EYVKTsYDxcBCQKoQFNShKotYtWujt4U9GA-V1mg@mail.gmail.com> <CAFWeb9+eWKSKY9O2JLn9-0+Zq7hrD48F-y+Y4T-iRaaF0vtdOA@mail.gmail.com> <A45F4F74-D6C1-435A-A52F-C2DEA82E2999@sky.uk> <CAFWeb9JVBj+Yehup5q4v9X-7XDY+02frd-04AQGL2HoSLON2qA@mail.gmail.com> <CABcZeBMY9q9vKGse1svzbvXF_dSHA+9q06j4ugDVCZP9VT1koQ@mail.gmail.com> <CAChr6Sz5Rfz=UxOYuPguSvVK2HCX2ZoA1-FytW7+EOUxN8y46Q@mail.gmail.com> <CABcZeBNB7ASu2U3ZMBZ+OOxEhbSnhDXwFN3Lsex1uzVSDv3R=Q@mail.gmail.com> <CAChr6SwEwRRX7BA6ZCeBuC93hFxbfi3d7G_3G3VA7Lm09yuneg@mail.gmail.com> <CABcZeBNa97Vb6Fw-fMhoZnMezGtm3nJODENN4=XXsz7GWxf2Cg@mail.gmail.com> <CAChr6Sxm__NroZ92v4HL_6iCa62fwYgNw9r8ZDAxCdzVwNoDGw@mail.gmail.com> <20190716190219.5DEF4156CDF0@fafnir.remote.dragon.net> <CAChr6SzSkVU5xbh0sZCCEgd7BUdr-dMorNq=5iMkWp66k8PVow@mail.gmail.com> <15205609-8203-4C6F-9DE7-14D492873C51@rfc1035.com> <CAChr6Syf_=3__jcv6D7b1JokGFYpFuy9y9419V0nCAx=MMh24A@mail.gmail.com > <15138 17825.9983.1563350802523@appsuite-gw1.open-xchange.com> <CA+9kkMAdGF_U-syxtFVz-MfBfv-GF_CFouvuUhqcSH96-=Hkjg@mail.gmail.com> <ABBFB472-DC7C-48E2-999E-C364BFD3260E@open-xchange.com> <CA+9kkMBO3LAhVmC+PzBoO7V5vzrfeYyrEPdq6s5nRBrYniqaNA@mail.gmail.com> <CAFWeb9LFnWvo_Y2A1JUKZw2JidD7w1nZsAjLVE85pKqnB46YYA@mail.gmail.com> <B134E7B1-0544-4886-AEAA-8B2390DAABFE@open-xchange.com> <CAChr6SwM1aopoLdowTesua5xLKSmE4AgidWK89PiHxMm-oVmZA@mail.gmail.com>
Comments: In-reply-to Rob Sayre <sayrer@gmail.com> message dated "Wed, 17 Jul 2019 11:31:04 -0700."
X-Mailer: MH-E 7.4.2; nmh 1.7.1; XEmacs 21.4 (patch 22)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <65648.1563388633.1@fafnir.local>
Date: Wed, 17 Jul 2019 12:37:13 -0600
Message-Id: <20190717183713.9C074157858C@fafnir.remote.dragon.net>
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/2zH4v7yspMt2GjykshpEPPHQxIs>
Subject: Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-detection-00
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Jul 2019 18:37:17 -0000

sayrer> The thing is, your DNS policy won't actually work. It's security
sayrer> theater.

No. It's not. It's not 100% effective for all forms of badness but that
doesn't make it security theatre.

sayrer> You'd really want a feature along the lines of

sayrer> [[https://www.apple.com/families/]]

And I could call this security theatre if I'm not an apple owner but I
won't because that isn't true either. But it's also not effective for
everyone.

I would think our goal here is to make security tools that help enough
people to be worth doing and realize that security in depth and with
multiple techniques and use cases is as good as we can do right now.

v2.23.0 | Report a Bug | By Email