IETF Logo Mail Archive

Re: IP-based reputation services vs. DNSBL (long)

Tony Finch <dot@dotat.at> Tue, 11 November 2008 17:15 UTC

Return-Path: <ietf-bounces@ietf.org>
X-Original-To: ietf-archive@megatron.ietf.org
Delivered-To: ietfarch-ietf-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9F74828C1CA; Tue, 11 Nov 2008 09:15:27 -0800 (PST)
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 591B528C1CC for <ietf@core3.amsl.com>; Tue, 11 Nov 2008 09:15:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.2
X-Spam-Level:
X-Spam-Status: No, score=-6.2 tagged_above=-999 required=5 tests=[AWL=0.400, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zo0ltC5-zzLe for <ietf@core3.amsl.com>; Tue, 11 Nov 2008 09:15:22 -0800 (PST)
Received: from ppsw-6.csi.cam.ac.uk (ppsw-6.csi.cam.ac.uk [131.111.8.136]) by core3.amsl.com (Postfix) with ESMTP id 5E61A28C1CA for <ietf@ietf.org>; Tue, 11 Nov 2008 09:15:22 -0800 (PST)
X-Cam-AntiVirus: no malware found
X-Cam-SpamDetails: not scanned
X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/
Received: from hermes-1.csi.cam.ac.uk ([131.111.8.51]:60733) by ppsw-6.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.156]:25) with esmtpa (EXTERNAL:fanf2) id 1Kzwpg-0005mf-Kr (Exim 4.70) (return-path <fanf2@hermes.cam.ac.uk>); Tue, 11 Nov 2008 17:15:16 +0000
Received: from fanf2 (helo=localhost) by hermes-1.csi.cam.ac.uk (hermes.cam.ac.uk) with local-esmtp id 1Kzwpg-00018S-EU (Exim 4.67) (return-path <fanf2@hermes.cam.ac.uk>); Tue, 11 Nov 2008 17:15:16 +0000
Date: Tue, 11 Nov 2008 17:15:16 +0000
From: Tony Finch <dot@dotat.at>
X-X-Sender: fanf2@hermes-1.csi.cam.ac.uk
To: Keith Moore <moore@network-heretics.com>
Subject: Re: IP-based reputation services vs. DNSBL (long)
In-Reply-To: <49172BCE.2000705@network-heretics.com>
Message-ID: <alpine.LSU.2.00.0811111711310.14367@hermes-1.csi.cam.ac.uk>
References: <49172BCE.2000705@network-heretics.com>
User-Agent: Alpine 2.00 (LSU 1167 2008-08-23)
MIME-Version: 1.0
Cc: IETF <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org

On Sun, 9 Nov 2008, Keith Moore wrote:
>
> It is worth repeating that just because the notion of a reputation
> service has value, and such services are widely used, does not imply
> that using IP addresses as identifiers or the DNS protocol as a means of
> transmitting reputation are technically sound.  There is reason to doubt
> both of these assumptions, and there is no evidence that these design
> questions have been given due consideration and resolved - as our
> process would normally require.

Could you give us a reference to an explanation of why the DNS might not
be a sound choice of protocol for reputation services?

This protocol can use domain names as lookup keys as well as IP addresses.

Tony.
-- 
f.anthony.n.finch  <dot@dotat.at>  http://dotat.at/
ROCKALL MALIN HEBRIDES BAILEY: NORTHERLY OR NORTHWESTERLY 6 TO GALE 8
DECREASING 4 OR 5, BACKING SOUTHWESTERLY 5 OR 6 IN ROCKALL AND BAILEY LATER.
ROUGH OR VERY ROUGH. RAIN OR SQUALLY SHOWERS. MODERATE OR GOOD.
_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

v2.23.0 | Report a Bug | By Email