Re: Last Call: <draft-ietf-v6ops-v6-aaaa-whitelisting-implications-03.txt> (IPv6 AAAA DNS Whitelisting Implications) to Informational RFC
SM <sm@resistor.net> Tue, 19 April 2011 00:13 UTC
Return-Path: <sm@resistor.net>
X-Original-To: ietf@ietfc.amsl.com
Delivered-To: ietf@ietfc.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfc.amsl.com (Postfix) with ESMTP id 8FFF2E06EC for <ietf@ietfc.amsl.com>; Mon, 18 Apr 2011 17:13:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([208.66.40.236]) by localhost (ietfc.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y4w291UZD7-k for <ietf@ietfc.amsl.com>; Mon, 18 Apr 2011 17:13:41 -0700 (PDT)
Received: from mx.ipv6.elandsys.com (mx.ipv6.elandsys.com [IPv6:2001:470:f329:1::1]) by ietfc.amsl.com (Postfix) with ESMTP id 02661E0692 for <ietf@ietf.org>; Mon, 18 Apr 2011 17:13:39 -0700 (PDT)
Received: from subman.resistor.net (IDENT:sm@localhost [127.0.0.1]) by mx.elandsys.com (8.14.4/8.14.5.Beta0) with ESMTP id p3J0DXiF024013 for <ietf@ietf.org>; Mon, 18 Apr 2011 17:13:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=opendkim.org; s=mail2010; t=1303172018; bh=fC4Gy6uhMPRBG0/dEC5T51fqT+NExOYppdgWoSRQt6k=; h=Message-Id:X-Mailer:Date:To:From:Subject:In-Reply-To:References: Mime-Version:Content-Type; b=tCefXTBJQ3K5pAOK7I76fQvYIh+S7YOGp3KGgYboRrV2mxwQbwEAmRYAjJ4epJ7yj v9z0kgPMOLHYw+gI6WHqdDUs0kCpTir00xQTyCXjKdRBnTSQm76mn1KSbPdoGDXFbG hvFM+1ksTMonXMvagOI8ppmdlmwhWbwsUZHR9IA8=
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=resistor.net; s=mail; t=1303172018; bh=fC4Gy6uhMPRBG0/dEC5T51fqT+NExOYppdgWoSRQt6k=; h=Message-Id:X-Mailer:Date:To:From:Subject:In-Reply-To:References: Mime-Version:Content-Type; b=qWRxQv8TRfzLRAUFCLBIxQCS7464Jsg9/Bam9vzW9ORWiy8xScAbP2D2FLAoCCoXR +3nZX1iKEi4G6U4EEwTYjM9uHkD7rP9uOLLWQSrzgiC4Jzh0ZIpkdVGj2i8gIfMz8X 4/ll+jKMRKNGcm4haDBM2xthtD4i0q4ice+0/jXs=
Message-Id: <6.2.5.6.2.20110418134230.05318b10@resistor.net>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.5.6
Date: Mon, 18 Apr 2011 16:58:44 -0700
To: ietf@ietf.org
From: SM <sm@resistor.net>
Subject: Re: Last Call: <draft-ietf-v6ops-v6-aaaa-whitelisting-implications-03.txt> (IPv6 AAAA DNS Whitelisting Implications) to Informational RFC
In-Reply-To: <20110415205113.13704.48681.idtracker@ietfc.amsl.com>
References: <20110415205113.13704.48681.idtracker@ietfc.amsl.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Apr 2011 00:13:45 -0000
At 13:51 15-04-2011, The IESG wrote:
>The IESG has received a request from the IPv6 Operations WG (v6ops) to
>consider the following document:
>- 'IPv6 AAAA DNS Whitelisting Implications'
> <draft-ietf-v6ops-v6-aaaa-whitelisting-implications-03.txt> as an
>Informational RFC
>
>The IESG plans to make a decision in the next few weeks, and solicits
>final comments on this action. Please send substantive comments to the
From Section 1:
"The fraction of users with such impaired access has been estimated
to be roughly 0.078% of total Internet users".
That's probably "web" users.
From the Abstract:
"The objective of this document is to describe what the whitelisting
of DNS AAAA resource records is, hereafter referred to as DNS
whitelisting, as well as the implications of this emerging practice
and what alternatives may exist."
The only alternatives listed are a few paragraphs in Section
8.3. After reading the draft, it's hard to say whether the problem
should be addressed at the network level, the DNS level or whether it
is a chicken and egg problem. The draft seems to aim to keep
everyone happy by covering what different parties may view as issues.
Section 3 is about "What Problems Are Implementers Trying To
Solve". My naive view is that:
1. Web browser tries to connect to web site over IPv6
2. User has to wait for a timeout to get content over IPv4
3. Content provider sees this as a business case against adopting IPv6
An alternative is to disable IPv6 in the web browser or have a popup
message that says "IPv6 allows you to access more web sites. Does
your ISP support IPv6? Y/N".
Or the workaround can be done through DNS as documented in this
draft. It will be interesting to see what 8.8.8.8 will do.
In Section 6:
"In either of these deployment scenarios, it is possible that
reputable third parties could create and maintain DNS whitelists, in
much the same way that blacklists are used for reducing email spam."
I suggest using DNSBLs instead of "blacklists".
As I do meet the religious requirements, I cannot take a position on
this draft.
Regards,
-sm
- Re: Last Call: <draft-ietf-v6ops-v6-aaaa-whitelis… Bernard Aboba
- Re: Last Call: <draft-ietf-v6ops-v6-aaaa-whitelis… SM
- Re: Last Call: <draft-ietf-v6ops-v6-aaaa-whitelis… Pekka Savola
- Re: Last Call: <draft-ietf-v6ops-v6-aaaa-whitelis… Livingood, Jason
- Re: Last Call: <draft-ietf-v6ops-v6-aaaa-whitelis… Livingood, Jason