Re: [DNSOP] DNSOP Call for Adoption draft-vixie-dns-rpz

Donald Eastlake <> Tue, 27 December 2016 02:37 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 71CE012942F for <>; Mon, 26 Dec 2016 18:37:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.449
X-Spam-Status: No, score=-2.449 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 6dqUkfgRJGcc for <>; Mon, 26 Dec 2016 18:37:01 -0800 (PST)
Received: from ( [IPv6:2607:f8b0:4001:c06::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 9757A1204D9 for <>; Mon, 26 Dec 2016 18:37:01 -0800 (PST)
Received: by with SMTP id p42so305642663ioo.1 for <>; Mon, 26 Dec 2016 18:37:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=SB+MhjEdzIWyF8NYnMqkQyLxhpJRaSyUl534JwlWEkM=; b=p8EmVVAlDt/JUZIyuS2vYnBw8MiFuS/pcauKdTCqk9j3dIp7hQjGDM72lcXq0VKH3D 5yRExwPXcyJYzGQ21JLS89c+vsXBY1Dxp7EPVk5arjjbS6Z2/U8n/WgxP/m8FQhLo8hz p/LcPpA1+MEXIIXWTWndZqo6YvZMsMA2ZbsEhvg5agG/eJ/4foabpj3ZCx+O2NrMg4oZ UTOvewVTxsYK/3OTqBuA9WBOI43R3OZWf9K8EERV48a30Q+/6tlja3WD0f2MHcl6ukTY ujFpM0R7/TbmilEy5tjpujAMrqTQBNbvgX/rzh04TypP+fTe9UsY9mhVaK9tET75DXq/ hYlA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=SB+MhjEdzIWyF8NYnMqkQyLxhpJRaSyUl534JwlWEkM=; b=jbSB4J2WdVoNoGSzr1OWwU/DoSsjRAiT7X/m+y+uwbbJ7rpOtR4NAPKLWPbusNBPkm ySOEUzAbaHTozjfHYEERkjouPyG9ylk6w/n7qNkVXIUwgi2xdkgi8vgJuqS4S2kDUZ0h 4tkvBBEwWfl1HChQEbuSY5xKjt7St7WZAfvaBv9o/f/4LXsClJcAJcz3tbXDmdHRf4Os kLLsE2oP1worKC9Vi1pFnQcoBOj5W19qhDwn0d2YlD4svHHcNk9vtpqfJFSVCex+L6V6 MqCDqFRGmvQUc1KhGkM+xtLgKY+N8LQQqnG2irUceGEpuCneeATPPEpXVAzklhJd/Xxn Iujw==
X-Gm-Message-State: AIkVDXIJ/mv9PbMop8mFPhikWGtBA5nkr8lOQ700tScCjWCZbilaU+fkPGCntCaZjzdSaPU41Js1eosVzOi/2Q==
X-Received: by with SMTP id y77mr21752761ioe.12.1482806220740; Mon, 26 Dec 2016 18:37:00 -0800 (PST)
MIME-Version: 1.0
Received: by with HTTP; Mon, 26 Dec 2016 18:36:44 -0800 (PST)
In-Reply-To: <>
References: <> <>
From: Donald Eastlake <>
Date: Mon, 26 Dec 2016 21:36:44 -0500
Message-ID: <>
To: dnsop <>
Content-Type: multipart/alternative; boundary="001a114496bc0ee1c205449aba98"
Archived-At: <>
Subject: Re: [DNSOP] DNSOP Call for Adoption draft-vixie-dns-rpz
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 27 Dec 2016 02:37:03 -0000


I've read this thread up to date. Reading the draft, a few minor things
occurred to me which I think might be small improvements, but I could be
wrong as I'm sure others have studied this more than me. And perhaps some
more warning should be sprinkled into it. But, when I get to the bottom
line, I believe that something reasonably close to it should be published
as an Informational RFC. I think it should be adopted by the WG. If not, it
might be best submitted as Independent, in which case the IESG will ask the
DNSOP WG for its comments. Either way, there will be the same political
argument in the WG which - as far as I can see form the comments so far -
favors publication. I think a higher quality draft would result if the
draft was processed through the WG.

 Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
 155 Beaver Street, Milford, MA 01757 USA

On Tue, Dec 20, 2016 at 10:26 AM, Suzanne Woolf <>

> On Dec 20, 2016, at 10:16 AM, tjw ietf <> wrote:
> Why not just wade into this discussion...
> The draft is being present as "Informational", and the point here is to
> document current working behavior in the DNS (for the past several years).
>   It is obvious that some feel this draft is a large mistake, but like
> edns-client-subnet, more operators are deploying this than one is aware of.
> This starts a Call for Adoption for draft-vixie-dns-rpz
> As an additional observation:
> The discussion already on the mailing list has shown a number of views on
> the legal and ethical implications of using RPZ, or publishing an
> Informational RFC about it.
> In the past, where there has been controversy about similar issues, the WG
> has sometimes declined to adopt a draft. If the draft had been adopted as a
> WG work item, the WG may have asked that the draft be modified to reflect
> those concerns. Sometimes the consensus has been to regard them as out of
> scope. Sometimes there’s been no way to get to consensus on a draft, and
> the WG involved hasn’t advanced it for publication.
> Ethical and legal issues, including those around DNS names and DNS
> operations, are complex and “the truth” varies widely with circumstance and
> jurisdiction, both of which tend to be determined outside of the IETF.
> If you feel you must comment on those aspects of RPZ, please keep it
> brief, avoid unsustainable generalizations,  and state clearly whether you
> support adoption, oppose adoption, or support adoption with changes you’re
> willing to work on.
> thanks,
> Suzanne
> _______________________________________________
> DNSOP mailing list