IETF Logo Mail Archive

[DNSOP] draft-ietf-dnsop-reflectors-are-evil-05.txt

Edward Lewis <Ed.Lewis@neustar.biz> Wed, 05 December 2007 01:10 UTC

Return-path: <dnsop-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Izimp-0000GS-Eu; Tue, 04 Dec 2007 20:10:51 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Izimo-0000Cd-C2 for dnsop@ietf.org; Tue, 04 Dec 2007 20:10:50 -0500
Received: from hlid.ogud.com ([66.92.146.160] helo=ogud.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Izimn-0004t1-TD for dnsop@ietf.org; Tue, 04 Dec 2007 20:10:50 -0500
Received: from [130.129.67.81] (hlid.ogud.com [66.92.146.160]) by ogud.com (8.13.1/8.13.1) with ESMTP id lB51Afb0037824 for <dnsop@ietf.org>; Tue, 4 Dec 2007 20:10:42 -0500 (EST) (envelope-from Ed.Lewis@neustar.biz)
Mime-Version: 1.0
Message-Id: <a0624080fc37ba787c4f6@[130.129.67.81]>
In-Reply-To: <E1IzNrF-00061S-Lb@stiedprstage1.ietf.org>
References: <E1IzNrF-00061S-Lb@stiedprstage1.ietf.org>
Date: Tue, 04 Dec 2007 17:10:38 -0800
To: dnsop@ietf.org
From: Edward Lewis <Ed.Lewis@neustar.biz>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Scanned-By: MIMEDefang 2.63 on 66.92.146.160
X-Spam-Score: -0.0 (/)
X-Scan-Signature: 7baded97d9887f7a0c7e8a33c2e3ea1b
Subject: [DNSOP] draft-ietf-dnsop-reflectors-are-evil-05.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
Errors-To: dnsop-bounces@ietf.org

http://www.ietf.org/internet-drafts/draft-ietf-dnsop-reflectors-are-evil-05.txt

1) (Somewhat jokingly) I would strike the first word ("Recently") as 
the attacks were almost two years ago now.  In the spirit of "sending 
text" it might be more appropriate to start with "Once upon a 
time...".

2) I guess I should get over the fact that "are-evil" is part of the 
the file name and that will go away when this document gets out of 
the RFC Editor.  I think the tone of the document is right as is, 
recommending ways to have name servers not offer free and unchecked 
services unless the owner is aware.

3) I was a bit troubled by the discussion in the room on Monday. 
Parts of the discussion were hard to hear (the acoustics plus my 
aging ears) and I my laptop was off (no jabber for me).  It sounded 
like someone (not present) claimed that they required open resolvers 
for roaming.  The discussion seemed to criticize that comment because 
it is not generalizable, but I think that wasn't the intent.  I 
thought the comment was offered as a reason why a blanket prohibition 
against open resolvers was a bad idea.

I would be against a campaign to cajole people into closing open 
resolvers.  One reason is that I don't believe that the problem is 
the open resolvers but the inherent nature of UDP involved.  Two is 
that it is up to operators to decide how to responsibly operate their 
network (and it is up to the IETF to give them the educational 
materials they need).

I think the document is a good balance.  It recommends closing access 
to resolvers but does not berate those that leave them open.  (Unless 
I missed something.)  It lists approaches to selective openness.  I 
apologize if I lost the train of thought of the mic discussion.

-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis                                                +1-571-434-5468
NeuStar

Think glocally.  Act confused.

_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www1.ietf.org/mailman/listinfo/dnsop

v2.23.0 | Report a Bug | By Email