Re: [DNSOP] Review of draft-livingood-dns-redirect-00

Todd Glassey <tglassey@earthlink.net> Mon, 13 July 2009 18:52 UTC

Return-Path: <tglassey@earthlink.net>
X-Original-To: dnsop@core3.amsl.com
Delivered-To: dnsop@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BDC603A67AD for <dnsop@core3.amsl.com>; Mon, 13 Jul 2009 11:52:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.482
X-Spam-Level:
X-Spam-Status: No, score=-2.482 tagged_above=-999 required=5 tests=[AWL=0.117, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EwE+cx-Gqow4 for <dnsop@core3.amsl.com>; Mon, 13 Jul 2009 11:52:57 -0700 (PDT)
Received: from elasmtp-curtail.atl.sa.earthlink.net (elasmtp-curtail.atl.sa.earthlink.net [209.86.89.64]) by core3.amsl.com (Postfix) with ESMTP id A28C23A69E6 for <dnsop@ietf.org>; Mon, 13 Jul 2009 11:52:57 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=dk20050327; d=earthlink.net; b=ZU1FWJ9hofqxLHAn3ArLLLWK2BQKG1ch+cnGUCrSq676h0fBeNSd9710nK64fhSG; h=Received:Message-ID:Date:From:User-Agent:MIME-Version:To:CC:Subject:References:In-Reply-To:Content-Type:Content-Transfer-Encoding:X-ELNK-Trace:X-Originating-IP;
Received: from [38.104.134.74] (helo=[192.168.1.138]) by elasmtp-curtail.atl.sa.earthlink.net with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.67) (envelope-from <tglassey@earthlink.net>) id 1MQQeT-00048p-R0; Mon, 13 Jul 2009 14:53:25 -0400
Message-ID: <4A5B82A5.1000602@earthlink.net>
Date: Mon, 13 Jul 2009 11:53:25 -0700
From: Todd Glassey <tglassey@earthlink.net>
User-Agent: Thunderbird 2.0.0.22 (Windows/20090605)
MIME-Version: 1.0
To: Paul Hoffman <paul.hoffman@vpnc.org>
References: <C680B51E.EB21%Jason_Livingood@cable.comcast.com> <p0624087dc6810d62d441@[10.20.30.158]>
In-Reply-To: <p0624087dc6810d62d441@[10.20.30.158]>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-ELNK-Trace: 01b7a7e171bdf5911aa676d7e74259b7b3291a7d08dfec79a665c771e7e7401f103b9c401e114200350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c
X-Originating-IP: 38.104.134.74
Cc: dnsop@ietf.org, "Livingood, Jason" <Jason_Livingood@cable.comcast.com>
Subject: Re: [DNSOP] Review of draft-livingood-dns-redirect-00
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Jul 2009 18:52:58 -0000

Paul Hoffman wrote:
> At 9:55 AM -0400 7/13/09, Livingood, Jason wrote:
>   
>> On the topic of 'lying resolvers' though, that seems a bit strong IMHO.  But perhaps I have missed a strong MUST statement (per RFC 2119) in a relevant RFC that you could refer me to?  
>>     
>
> I am not aware of an RFC that says something to the effect of "when you are responsible for translating addresses and you get some information that was requrested, you MUST NOT lie about it to the requester", but it might exist. 
That would be in the SLA the provider agrees to provide service under. 
Its part of the warranty for fitness, so while its not in the Standard 
itself - the use of the Standard to commit electronic fraud with will 
have criminal blow-back as well Paul.
> But that's immaterial. Even if the resolver has a good reason to lie, it is lying, and your document should encourage the resolver to be honest about that fact. The recipient might not care, or might very much want to be lied to to protect the recipient from doing something dangerous, but it should be made aware, if possible, that it is talking to a lying resolver.
>
> --Paul Hoffman, Director
> --VPN Consortium
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop
> ------------------------------------------------------------------------
>
>
> No virus found in this incoming message.
> Checked by AVG - www.avg.com 
> Version: 8.5.375 / Virus Database: 270.13.12/2234 - Release Date: 07/12/09 17:56:00
>
>