Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt
"John Levine" <johnl@taugh.com> Wed, 21 December 2016 22:55 UTC
Return-Path: <johnl@taugh.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 427681295F6 for <dnsop@ietfa.amsl.com>; Wed, 21 Dec 2016 14:55:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qlSrTJTe6JYI for <dnsop@ietfa.amsl.com>; Wed, 21 Dec 2016 14:55:04 -0800 (PST)
Received: from miucha.iecc.com (abusenet-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:1126::2]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C87A2129449 for <dnsop@ietf.org>; Wed, 21 Dec 2016 14:55:03 -0800 (PST)
Received: (qmail 70915 invoked from network); 21 Dec 2016 22:55:08 -0000
Received: from unknown (64.57.183.18) by mail1.iecc.com with QMQP; 21 Dec 2016 22:55:08 -0000
Date: Wed, 21 Dec 2016 22:54:40 -0000
Message-ID: <20161221225440.1053.qmail@ary.lan>
From: John Levine <johnl@taugh.com>
To: dnsop@ietf.org
In-Reply-To: <20161221205109.ahunf6rlk4dlsils@nic.fr>
Organization:
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/qfbTQAd7jIReUBARumN5ksfaGAM>
Subject: Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Dec 2016 22:55:05 -0000
>I hereby, with full knowledge and prior consent, *refuse* that my ISP >(or the hotel where I stay) modify DNS responses. I gather you live in France, where the government can and occasionally does require ISPs to change DNS responses so that requests for domains that a court considers illegal in various ways get the address of an interior ministry server instead. They did not need RPZ to do this, and they do not ask your permission when they do so. I'm certainly not saying it's a good idea, but it is the law in France, and there are similar laws in the UK and other countries that ISPs have to follow. To me, it is utter self-indulgence to imagine that it will make any difference whatsoever to government censorship if we do or do not publish RPZ documents. On the other hand, as many people with operational experience have confirmed, RPZ is an extremely useful tool to keep Internet users from being attacked by malware. It seems clear to me that if we can help providers deploy anti-malware RPZ zones, by enabling interoperable implementations, that will prevent a lot of evil directed at our users. It might be helpful to explain what people consider a reasoanble tradeoff between censorship concerns and consumer protection concerns, and how likely it is that RPZ publication or standardization would have any practical effect in the two areas. R's, John
- [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt internet-drafts
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Ted Lemon
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Vernon Schryver
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Scott Schmit
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Tony Finch
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Scott Schmit
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Adrien de Croy
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Ralf Weber
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt sthaug
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Evan Hunt
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt bert hubert
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt bert hubert
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Jim Reid
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt bert hubert
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Ralf Weber
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Tony Finch
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Tony Finch
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt sthaug
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Vernon Schryver
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Evan Hunt
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt william manning
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Evan Hunt
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Allan Liska
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Jim Reid
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Ted Lemon
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt David Conrad
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt John Levine
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Olafur Gudmundsson
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt ac
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt william manning
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Ted Lemon
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Ray Bellis
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Ted Lemon
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt John Levine
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Paul Wouters
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Scott Morizot
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt John Levine
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Stephane Bortzmeyer
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Stephane Bortzmeyer
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Stephane Bortzmeyer
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt sthaug
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt John Levine
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Tony Finch
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Vernon Schryver
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Paul Wouters
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt John Levine
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Vernon Schryver
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Mukund Sivaraman
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Vernon Schryver
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Vernon Schryver
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Mukund Sivaraman
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt Mukund Sivaraman
- Re: [DNSOP] I-D Action: draft-vixie-dns-rpz-04.txt David Conrad