Re: [DNSOP] draft-ietf-dnsop-dns-rpz
Mukund Sivaraman <muks@isc.org> Fri, 06 October 2017 14:32 UTC
Return-Path: <muks@isc.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E1091342E2 for <dnsop@ietfa.amsl.com>; Fri, 6 Oct 2017 07:32:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.664
X-Spam-Level:
X-Spam-Status: No, score=0.664 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b2XpFjwP3ZEw for <dnsop@ietfa.amsl.com>; Fri, 6 Oct 2017 07:32:09 -0700 (PDT)
Received: from mail.banu.com (mail.banu.com [46.4.129.225]) by ietfa.amsl.com (Postfix) with ESMTP id 172691323B8 for <dnsop@ietf.org>; Fri, 6 Oct 2017 07:32:09 -0700 (PDT)
Received: from jurassic (unknown [115.117.161.154]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.banu.com (Postfix) with ESMTPSA id 034EF56A00F9; Fri, 6 Oct 2017 14:32:06 +0000 (GMT)
Date: Fri, 06 Oct 2017 20:02:03 +0530
From: Mukund Sivaraman <muks@isc.org>
To: Petr Špaček <petr.spacek@nic.cz>
Cc: dnsop@ietf.org
Message-ID: <20171006143203.GA7941@jurassic>
References: <d7dd539d-e2b9-b708-cc7e-8b417ff06a20@gmail.com> <a1c456fd-8d80-4e61-56d1-2ee05ea3eeef@nic.cz>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <a1c456fd-8d80-4e61-56d1-2ee05ea3eeef@nic.cz>
User-Agent: Mutt/1.9.0 (2017-09-02)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/JYILSmGsKjvTQaWOt9rNauVkJ8o>
Subject: Re: [DNSOP] draft-ietf-dnsop-dns-rpz
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Oct 2017 14:32:11 -0000
Hi Petr On Fri, Oct 06, 2017 at 03:56:20PM +0200, Petr Špaček wrote: > Hello dnsop, > > draft-ietf-dnsop-dns-rpz expired on 2017-09-10, i.e. did not receive any > update from 2017-03-09. > > Is there a real apetite for work on this document? No answer for this question, but see below... > We are considering RPZ implementation for Knot Resolver next year but if > the document is not going to move forward I would rather close the > ticket and be done with it. I certainly do commit to implementing > ever-changing protocol without readily available description ... I can't tell you whether to implement RPZ or not, but maybe the following will be useful from an implementation perspective. Whether IETF adopts it or not, RPZ is has been an existing real protocol in operational use for several years now (with implementations and data (zone) providers). The old RPZ specification was obsolete and this draft is the only current spec that describes RPZ as it is used today. For this reason at least, BIND will follow this spec whether it is a dnsop adopted document or is maintained outside IETF. If for some reason the co-authors abandon it (highly unlikely as they seem to have a business case for it), we at ISC will likely pick it up as it is a BIND feature. (We were going to do so about 1-1.5 years ago when we found that the old draft was outdated, and contacted Vixie about it.) It follows that if you want to support the RPZ zone syntax that is used in feeds provided by several vendors, this draft is the only current and correct spec as of now. No comment about whether dnsop should adopt it or about the philosophical side. Mukund
- Re: [DNSOP] draft-ietf-dnsop-dns-rpz Suzanne Woolf
- [DNSOP] draft-ietf-dnsop-dns-rpz Suzanne Woolf
- Re: [DNSOP] draft-ietf-dnsop-dns-rpz Ted Lemon
- Re: [DNSOP] draft-ietf-dnsop-dns-rpz Petr Špaček
- Re: [DNSOP] draft-ietf-dnsop-dns-rpz Suzanne Woolf
- Re: [DNSOP] draft-ietf-dnsop-dns-rpz Paul Hoffman
- Re: [DNSOP] draft-ietf-dnsop-dns-rpz Ted Lemon
- Re: [DNSOP] draft-ietf-dnsop-dns-rpz Paul Wouters
- Re: [DNSOP] draft-ietf-dnsop-dns-rpz avri doria
- Re: [DNSOP] draft-ietf-dnsop-dns-rpz Peter van Dijk
- Re: [DNSOP] draft-ietf-dnsop-dns-rpz John Levine
- Re: [DNSOP] draft-ietf-dnsop-dns-rpz Petr Špaček
- Re: [DNSOP] draft-ietf-dnsop-dns-rpz Mukund Sivaraman
- Re: [DNSOP] draft-ietf-dnsop-dns-rpz Vernon Schryver
- Re: [DNSOP] draft-ietf-dnsop-dns-rpz Vladimír Čunát
- Re: [DNSOP] draft-ietf-dnsop-dns-rpz Paul Vixie
- Re: [DNSOP] draft-ietf-dnsop-dns-rpz Vernon Schryver
- Re: [DNSOP] draft-ietf-dnsop-dns-rpz Marek Vavruša
- Re: [DNSOP] draft-ietf-dnsop-dns-rpz Vernon Schryver