IETF Logo Mail Archive

Re: Last Call: draft-irtf-asrg-dnsbl (DNS Blacklists and Whitelists)

Doug Otis <doug.mtview@gmail.com> Fri, 07 November 2008 20:00 UTC

Return-Path: <ietf-bounces@ietf.org>
X-Original-To: ietf-archive@megatron.ietf.org
Delivered-To: ietfarch-ietf-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 03FFF3A6B90; Fri, 7 Nov 2008 12:00:14 -0800 (PST)
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 421BE28C191 for <ietf@core3.amsl.com>; Fri, 7 Nov 2008 12:00:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.2
X-Spam-Level:
X-Spam-Status: No, score=-2.2 tagged_above=-999 required=5 tests=[AWL=-0.400, BAYES_00=-2.599, SARE_SUB_RAND_LETTRS4=0.799]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mKBrf0zgjkPD for <ietf@core3.amsl.com>; Fri, 7 Nov 2008 12:00:12 -0800 (PST)
Received: from wf-out-1314.google.com (wf-out-1314.google.com [209.85.200.175]) by core3.amsl.com (Postfix) with ESMTP id 957583A6B90 for <ietf@ietf.org>; Fri, 7 Nov 2008 12:00:08 -0800 (PST)
Received: by wf-out-1314.google.com with SMTP id 27so1460724wfd.31 for <ietf@ietf.org>; Fri, 07 Nov 2008 11:59:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:cc:message-id:from:to :in-reply-to:content-type:content-transfer-encoding:mime-version :subject:date:references:x-mailer; bh=+lUUNpuZbPjFAM8zif2eN7sUQP7ZI9wA6Y2LNZix818=; b=eRz6TmWItVY1pujJQhQg7adZxskcW3ykGzVQGS4HVu71qxc6JEe7FmNTq56fQuJGLi uPsDurCHBIe/uhvzD6XnQ+7KSRYU0yzm/q44XdTFBGv2Pt2yFJerTKZUyb4KrUz4LYbW dKa89qOceQmyAOCjwwo3GzZRrx9YdIsLKKt2I=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=cc:message-id:from:to:in-reply-to:content-type :content-transfer-encoding:mime-version:subject:date:references :x-mailer; b=ROyelLCxFHeoAihm3vDltgTt8c9E1NkakbsS+YKPcsjFHvDazpWkp+YldUQUjSGkT4 niRz5HdUlPzEsCvS5gXd4XMWWNZxBR1H19F9itJ+7cw/9m6DsY4hUpa+L5PDYa0BTiS/ wJbOqEujrplbJLzB0Rnk/deuiuPRnqoUaOQ1Y=
Received: by 10.142.156.2 with SMTP id d2mr1057394wfe.47.1226087972659; Fri, 07 Nov 2008 11:59:32 -0800 (PST)
Received: from SJC-Office-NAT-221.mail-abuse.org (SJC-Office-NAT-221.mail-abuse.org [168.61.10.221]) by mx.google.com with ESMTPS id 30sm4661903wfg.9.2008.11.07.11.59.31 (version=TLSv1/SSLv3 cipher=RC4-MD5); Fri, 07 Nov 2008 11:59:31 -0800 (PST)
Message-Id: <6E314960-8182-4ABB-B130-0245768AE143@gmail.com>
From: Doug Otis <doug.mtview@gmail.com>
To: Stephane Bortzmeyer <bortzmeyer@nic.fr>
In-Reply-To: <20081107111744.GA31018@nic.fr>
Mime-Version: 1.0 (Apple Message framework v929.2)
Subject: Re: Last Call: draft-irtf-asrg-dnsbl (DNS Blacklists and Whitelists)
Date: Fri, 07 Nov 2008 11:59:30 -0800
References: <20081104185946.4879C3A6C20@core3.amsl.com> <20081107111744.GA31018@nic.fr>
X-Mailer: Apple Mail (2.929.2)
Cc: ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"; DelSp="yes"
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org

On Nov 7, 2008, at 3:17 AM, Stephane Bortzmeyer wrote:

> On Tue, Nov 04, 2008 at 10:59:46AM -0800,
> The IESG <iesg-secretary@ietf.org> wrote a message of 26 lines which  
> said:
>
>> - 'DNS Blacklists and Whitelists '
>>   <draft-irtf-asrg-dnsbl-07.txt> as a Proposed Standard
>
> Well, it is certainly very important that the DNSxL are documented,  
> given their widespread use. And the I-D is a good document.
>
> On the other hand, I have a few questions: the first one, why  
> "Proposed standard"? Is it really a good idea to standardize these  
> lists (most being badly managed)? Why not just "Informational" if we  
> just want to document what people are doing?

Agreed.

> Second question, the document indeed standardizes many things which  
> are not in common use but does not point towards a rationale, so  
> some choices are puzzling. Why TXT records to point to an URL and  
> not NAPTR? Is this because of current usage in DNSxL? If so, this  
> should be noted. But why IPv6 lists use a A record and not a AAAA? I  
> am not aware of existing IPv6 lists so this cannot be the current  
> usage?

In putting together planning for IPv6 block-lists, one soon confronts  
the enormity of its potential data-set and the incredible complexity  
related to carrier grade NATs, tunneling protocols, and third-party  
translation services.  :^(

On the other hand, the DKIM signature "domain" and an accurate "on- 
behalf-of" value as a tuple offers a safer and simpler basis for  
acceptance with perhaps only a two order increase in the data-set.  In  
today's budget cutting and tight schedules, even establishing a DKIM  
list is not easy where ADSP needs to be modified before this can  
happen. :^(

Perhaps years from now, part of the overhead for sourcing from IPv6  
will be to include DKIM signatures with accurate "on-behalf-of"  
values.  The "on-behalf-of" values should be opaque in most cases.     
Today it would seem email wants to pretend to authenticate, rather  
than indicate what is actually authenticated, even when using opaque  
values. :^(

It is seldom that a person's email-address represents the source of  
abuse. Instead, it is often the result of compromised systems  
somewhere in the message stream.

-Doug
_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

v2.23.0 | Report a Bug | By Email