Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt
ac <ac@main.me> Mon, 19 December 2016 05:06 UTC
Return-Path: <ac@main.me>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1781F1294B7 for <dnsop@ietfa.amsl.com>; Sun, 18 Dec 2016 21:06:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.791
X-Spam-Level:
X-Spam-Status: No, score=-1.791 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, SPF_PASS=-0.001, T_DKIM_INVALID=0.01] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=main.me
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n4HXNIBKggc0 for <dnsop@ietfa.amsl.com>; Sun, 18 Dec 2016 21:05:59 -0800 (PST)
Received: from web.hostacc.com (hostacc.com [188.40.114.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6F643129497 for <dnsop@ietf.org>; Sun, 18 Dec 2016 21:05:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=main.me; s=default; h=Content-Transfer-Encoding:Content-Type:MIME-Version:References: In-Reply-To:Subject:To:From:Date:Sender:Reply-To:Message-ID:Cc:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=Zz8ATC7YlWVz+aiwfJszuuDH8oI64TIUQVi6awvsSQQ=; b=Ipz2Vi5KgTelDiaFMRTud6zNrw DwcKSPE2tzprrbxvtPzJJNUSrhzZUDDoP5TIFseh2Nf38sbqO/MnF067BvZHTgOefan0/X0/nYqof JhmAr/l6hpOkqTTIIACuOlbRKhEWtoc16BKFRw/TKWy+v5wSZGtJDF0ehUe0HueurjgVP4+BA0pWa EhggGZKtzj/Qg42Tc6Y0wU3azjlRQAZZtgyuyo5yzPgF0Xagj3Iuomommj5B04hev9QLy0ItbTeEt xnEGSkjGq61wVJ9HYx37urYL92kZhiYlUxIRTU2EpRB5dFoPj7V7CGfQzXMdq/j7CxtfdCue1bYxY GL5yqjnA==;
Received: from [165.255.65.6] (port=40754 helo=tree.nuts.me) by web.hostacc.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.87) (envelope-from <ac@main.me>) id 1cIq96-00020m-W1 for dnsop@ietf.org; Mon, 19 Dec 2016 06:05:57 +0100
Date: Mon, 19 Dec 2016 07:05:24 +0200
From: ac <ac@main.me>
To: "dnsop@ietf.org" <dnsop@ietf.org>
In-Reply-To: <em8c69a376-3e56-437d-8fe4-d70af6aa0e63@bodybag>
References: <20161218224231.GB16301@odin.ulthar.us> <em8c69a376-3e56-437d-8fe4-d70af6aa0e63@bodybag>
Organization: acmain
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - web.hostacc.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - main.me
X-Get-Message-Sender-Via: web.hostacc.com: authenticated_id: ac@main.me
X-Authenticated-Sender: web.hostacc.com: ac@main.me
X-Source:
X-Source-Args:
X-Source-Dir:
Message-Id: <20161219050559.6F643129497@ietfa.amsl.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/D9miXXB1QaPSTNcKvVcS0Ffkc9Q>
Subject: Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Dec 2016 05:06:00 -0000
On Sun, 18 Dec 2016 23:45:34 +0000 "Adrien de Croy" <adrien@qbik.com> wrote: > > If the admin's goal is to block access to malicious sites, then > > they want to block the traffic, not falsify DNS. If the goal is > > to warn users away from bad places, they can publish the list as a > > filter for end-system firewalls. > That may be your view about how blocking should work, but a lot of > companies are using systems like OpenDNS who would beg to differ with > you. > In terms of many of the metrics admins like such as simplicity, > effectiveness, cost etc, then spoofing DNS comes out very favourably. DNS admins also have a fiduciary responsibility to their users. Other services also have implied fiduciary responsibility, like email, but DNS is a direct service - Your user is asking you, right now, for a fact, not a best guess. Your user is asking you : What are the operators of my bank saying their IP number is. While I am saying things that nobody is saying out loud, (I may as well continue down my own slippery slope...) DNS admins are more important than other admins. DNS admins must be more sensitive to their own ethics, their own truth. When it is presented as "okay" or "normal" to create protocols for telling lies, AND hiding those lies from their users, this is an indication that a lack of understanding exists about how important it is to meet the high trust expectations the world has, on DNS. Many arguments could be made why it is a good thing to "protect" users by using DNS and many arguments could be made why using DNS is completely wrong for this. My objection to the continued publication of the subject matter in this draft, is not that. My objection is that it is simply not ethical. It is simply not right. Andre
- [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt internet-drafts
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Ted Lemon
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Vernon Schryver
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Scott Schmit
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Tony Finch
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Scott Schmit
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Adrien de Croy
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Ralf Weber
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt sthaug
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Evan Hunt
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt bert hubert
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt bert hubert
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Jim Reid
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt bert hubert
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Ralf Weber
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Tony Finch
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Tony Finch
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt sthaug
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Vernon Schryver
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Evan Hunt
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt william manning
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Evan Hunt
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Allan Liska
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Jim Reid
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Ted Lemon
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt David Conrad
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt John Levine
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Olafur Gudmundsson
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt william manning
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Ted Lemon
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Ray Bellis
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Ted Lemon
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt John Levine
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Paul Wouters
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Scott Morizot
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt John Levine
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Stephane Bortzmeyer
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Stephane Bortzmeyer
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Stephane Bortzmeyer
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt sthaug
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt John Levine
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Tony Finch
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Vernon Schryver
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Paul Wouters
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt John Levine
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Vernon Schryver
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Mukund Sivaraman
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Vernon Schryver
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Vernon Schryver
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Mukund Sivaraman
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Mukund Sivaraman
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt David Conrad