IETF Logo Mail Archive

Re: Last Call: draft-irtf-asrg-dnsbl (DNS Blacklists and Whitelists)

ned+ietf@mauve.mrochek.com Sat, 08 November 2008 15:32 UTC

Return-Path: <ietf-bounces@ietf.org>
X-Original-To: ietf-archive@megatron.ietf.org
Delivered-To: ietfarch-ietf-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 90CBF3A6883; Sat, 8 Nov 2008 07:32:39 -0800 (PST)
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B3F373A6883 for <ietf@core3.amsl.com>; Sat, 8 Nov 2008 07:32:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.8
X-Spam-Level:
X-Spam-Status: No, score=-1.8 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, SARE_SUB_RAND_LETTRS4=0.799]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8NT1Iu-iEQIe for <ietf@core3.amsl.com>; Sat, 8 Nov 2008 07:32:37 -0800 (PST)
Received: from mauve.mrochek.com (mauve.mrochek.com [66.59.230.40]) by core3.amsl.com (Postfix) with ESMTP id ED1223A6768 for <ietf@ietf.org>; Sat, 8 Nov 2008 07:32:36 -0800 (PST)
Received: from dkim-sign.mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01N1OF4LQGW000PTQN@mauve.mrochek.com> for ietf@ietf.org; Sat, 8 Nov 2008 07:32:14 -0800 (PST)
Received: from mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01N1OCWQX3KW00MISX@mauve.mrochek.com> (original mail from NED@mauve.mrochek.com) for ietf@ietf.org; Sat, 08 Nov 2008 07:30:35 -0800 (PST)
Date: Sat, 08 Nov 2008 06:57:21 -0800
From: ned+ietf@mauve.mrochek.com
Subject: Re: Last Call: draft-irtf-asrg-dnsbl (DNS Blacklists and Whitelists)
In-reply-to: "Your message dated Sat, 08 Nov 2008 06:46:54 -0500" <278E245FD800CC334CA5100F@klensin-asus.icannmeeting.org>
To: John C Klensin <john-ietf@jck.com>
Message-id: <01N1OF2N8AL400MISX@mauve.mrochek.com>
MIME-version: 1.0
References: <20081107111744.GA31018@nic.fr> <20081107141821.79303.qmail@simone.iecc.com> <45AEC6EF95942140888406588E1A660206A5D881@PACDCEXCMB04.cable.comcast.com> <4914D181.9090605@network-heretics.com> <278E245FD800CC334CA5100F@klensin-asus.icannmeeting.org>
Cc: Livingood Jason <Jason_Livingood@cable.comcast.com>, Keith Moore <moore@network-heretics.com>, ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org

> Sadly, I have to agree with Keith.   While these lists are a
> fact of life today, and I would favor an informational document
> or document that simply describes how they work and the issues
> they raise, standardizing them and formally recommending their
> use is not desirable at least without some major changes in our
> email model and standards for what gets addresses onto --and,
> more important, off of-- those lists.

Such a criticism might be a sensible response to a document that defines an
actual whitelisting or blacklisting service. But that's not what this document
does. Rather, this document defines vaarious formats for storing such
information in the DNS and procedures for querying that data. Specification of
actual services based on these formats and procedures is left for later
specifications.

Standardizing these formats and procedures is important for at least two
reasons: (1) Without a specification nailing down these details there can be
(and in practice have been) interoperability problems between various
implementations and (2) Without something describing how to structure and
operate these systems they can, independent of the actual list content, create
serious operational problems.

Now, I am of course aware of the line of reasoning that says we should not
publish specifications for things that can potentially be abused. I'm sorry,
but if we take a candid look at how this strategy has played out with other
technologies ranging from MIME downgrading to NAT to Bonjour, I think the
record is fairly clear: We're much better off specifying things while calling
out the dangers of their use than we are when we all run off out our respective
corners and pout about the sad state of the world.

Assuming that the document does in fact define sensible formats that can be
operated at Internet scale (I think it does but am willing to be shown
otherwise by those with more expertise in large-scale DNS operations than I
have) and does not preclude operating a reliable and accountable service
(again, I think it does but I am willing to be proved wrong with specific
examples), I support publication of this specification. 

				Ned
_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

v2.23.0 | Report a Bug | By Email