Re: [DNSOP] DNSOP Call for Adoption draft-vixie-dns-rpz

Suzanne Woolf <> Tue, 20 December 2016 15:26 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 9CF34129413 for <>; Tue, 20 Dec 2016 07:26:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id X14r9VvHGqYE for <>; Tue, 20 Dec 2016 07:26:49 -0800 (PST)
Received: from ( [IPv6:2607:f8b0:400d:c0d::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 1DE041299F5 for <>; Tue, 20 Dec 2016 07:26:49 -0800 (PST)
Received: by with SMTP id n6so179891809qtd.1 for <>; Tue, 20 Dec 2016 07:26:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc:message-id:references :to; bh=CvE1KzSRi8jllW8SElCrBQ17oKY8jWhKiYiolfjzCr0=; b=sZ1vV12Yjbx6WEfRNiDcOOJ5HaK0oCt8wOUgvLA69V+kgPaJBLeXmuiQ/6VwQg7U4L U0im85zuox/PZCRpAjRcqPxYEQjUuP0t10fxMJVcioHXmT0RkuPAhIdrR2bhVk89iwxH OMVF/eRo9ekzdZm6HtGQJQwADLeLeAhfvx9hkyWMtzJ6Mkrvq4S4XJDm2qFmRy3/l2J6 m5XO02JnoU4oOBL8ETO6iXYvv/U3/h/iPj5yZZNBlLMqJhiX1nj+GWf6M4YrQvZTYfrY /70zGJ+ZfEBQ5cObXv4YVvXNUqlbqI8pIa6LkHcEiOZPF5goWDp+AMOzR16RyFqWqHOh LwjA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :message-id:references:to; bh=CvE1KzSRi8jllW8SElCrBQ17oKY8jWhKiYiolfjzCr0=; b=kViWuX2ZFmZaT4xlGxulh17umgsxqRC42AT+oVIcUlDpwwQQiMP5cGLi5MWINfZw/W i3J1P5ueZRx+eXJo1hwk7+8eEpI0isTBPwsOgFMgtNBwQLskJyVayy1+s/198qKA/pFD fN5zI9lKhgbmadQgBSm7g+vBtr28sZ8rJopHpBDNH4PpBM/VrOfFhsj7ewHfnp5c6bbZ Lg1J3LeI+rbJyboU+aCUAcD1KKVmLcP8G34p91elhBi2+y9ctrRnDJnlXzeIdIelPTT+ fPHxhr1BM7UKF/h0SSn+gMm9z4tBythbaOUYdJhyi6JQQihzIiv0xfoVXA0v7PmbKLRA i7qg==
X-Gm-Message-State: AIkVDXL8S+XN3EwqVyFOwS81CSp9L6HHaERSEWvs9MTQH/D332ZvAZ6Vqy1YXVtulGlOTA==
X-Received: by with SMTP id g48mr20823344qtg.256.1482247608064; Tue, 20 Dec 2016 07:26:48 -0800 (PST)
Received: from ?IPv6:2601:181:c381:c20:5473:331e:5828:f9cb? ([2601:181:c381:c20:5473:331e:5828:f9cb]) by with ESMTPSA id c2sm13296986qkg.8.2016. (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 20 Dec 2016 07:26:47 -0800 (PST)
Content-Type: multipart/alternative; boundary="Apple-Mail=_21FCB5A2-7A4E-4CA3-8730-02B3DF159463"
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\))
From: Suzanne Woolf <>
In-Reply-To: <>
Date: Tue, 20 Dec 2016 10:26:45 -0500
Message-Id: <>
References: <>
To: tjw ietf <>
X-Mailer: Apple Mail (2.2104)
Archived-At: <>
Cc: dnsop <>
Subject: Re: [DNSOP] DNSOP Call for Adoption draft-vixie-dns-rpz
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 20 Dec 2016 15:26:50 -0000

> On Dec 20, 2016, at 10:16 AM, tjw ietf <> wrote:
> Why not just wade into this discussion...
> The draft is being present as "Informational", and the point here is to document current working behavior in the DNS (for the past several years).   It is obvious that some feel this draft is a large mistake, but like edns-client-subnet, more operators are deploying this than one is aware of. 
> This starts a Call for Adoption for draft-vixie-dns-rpz

As an additional observation: 

The discussion already on the mailing list has shown a number of views on the legal and ethical implications of using RPZ, or publishing an Informational RFC about it. 

In the past, where there has been controversy about similar issues, the WG has sometimes declined to adopt a draft. If the draft had been adopted as a WG work item, the WG may have asked that the draft be modified to reflect those concerns. Sometimes the consensus has been to regard them as out of scope. Sometimes there’s been no way to get to consensus on a draft, and the WG involved hasn’t advanced it for publication.

Ethical and legal issues, including those around DNS names and DNS operations, are complex and “the truth” varies widely with circumstance and jurisdiction, both of which tend to be determined outside of the IETF. 

If you feel you must comment on those aspects of RPZ, please keep it brief, avoid unsustainable generalizations,  and state clearly whether you support adoption, oppose adoption, or support adoption with changes you’re willing to work on.