On Wed, 11 Jun 2008, Gervase Markham wrote: > Dean Anderson wrote: > >> That's unfortunate; but I must say this upset was not communicated to me. > > > > Probably that's because you are using SORBS to filter your email. SORBS > > has an unusually high number of false positives, and for example, > > falsely claims that that 130.105/16 and 198.3.136/21 are hijacked. You > > can find more information about SORBS on http://www.iadl.org/ > > No-one can have control over and knowledge of everything their ISP does > with relation to the services they provide.
Actaully, I looked into the 'Our ISP blocked our mail without our knowledge' claim. [I'm always interested in the cases where this is true]. In fact, Mozilla's email is handled by mailservers on 63.245.208/20, which is a /20 assigned to Mozilla.org. It struck me as quite odd that quite strange that Mozilla.org has 4096 IP addresses, and that it got this assignment in 2006, under what should have been very strict usage and allocation rules...I wonder how Mozilla.org justifies 4k public IP addresses---Question for a different forum. Anyway, using SORBS isn't a decision you can blame on your ISP. Its Mozilla.org's mailserver, not an outsourced ISP mailserver. Mozilla.org has control over its email filtering, and it seems likely a Mozilla.org admin configured SORBS. It was not their ISP. This affects at least my view of your credibility. > I confess I've only ever vaguely heard the name SORBS, and had no idea > that my provider was using it. But I don't believe that using it makes > me uncontactable. My phone number and address are on my personal web > page. > > I can hardly imagine some TLD administrator saying "I'm so irritated > about Firefox's TLD IDN whitelist. I'm going to send Gerv a nasty > email. Hang on, my email's been rejected. Oh well, I guess I'll just > have to live with it." Well, somehow they managed to convey their upset'ness to ICANN, but not convey that to Mozilla. I don't know exactly why that was. But people often don't try very hard to overcome communication problems to tell someone that they are unreasonably off in the weeds. A SORBS bounce would tend to confirm the effort is pointless. > >> That policy of ours should have no effect whatsoever on TLDs with a > >> responsible attitude to homographs. Our registration requirements are > >> not onerous. > > > > ??? This statement doesn't seem very credible. What authority do you > > have to decide what a 'responsible attitude to homegraphs' would be? > > What's your answer to that question? (Hint: the answer "no-one" is > equivalent to the answer "the registries", which has been shown not to > work. See http://www.shmoo.com/idn/ .) I don't see that the answer is "no-one", nor that "the registries" has been shown not to work, as you claim. However, if you think there is a problem and you have a solution that should be imposed on the TLDs, you should take the matter up with ICANN. Your unilateral exercise is certainly no solution. > > Mozilla.org doesn't represent the internet industry nor any > > government or governing organization. > > No, we represent our users, and we make all sorts of security > decisions for them on a regular basis. Hmm. Worrisome, given the apparent lack of serious thought put into some of those "security" decisions, and the lack of credible, serious thought put into even anti-spam choices, and the blaming of things on your ISP. > One of the reasons Firefox is popular is precisely because it doesn't > wimp out of security decisions with user-irritating popup questions > they have no information to answer. I also use firefox, but certainly not for those reasons. I use it because it came with Linux, and it displays HTML pretty reasonably. I didn't know it might have other dubious agendas hard-coded. > But, as someone else has said, if people don't like the decisions we > make, they can either become part of "we" and seek to change them, or > they can change or build their copy, or can distribute an alternative > browser. Actually, I said that. Perhaps others did, too. > > Why should TLD's think they need to register with Mozilla.org? > > They don't have to. Why should TLDs think they have an automatic right > to have Firefox display domains they have issued which allow our users > to be fooled or defrauded? You have no justification to form that conclusion. The TLDs aren't defrauding anyone; The TLDs aren't aiding in the fraud of anyone. And your scheme isn't even shown to stop fraudulent websites. So Mozilla.org seems to have little to no justification whatsoever for its extremely unilateral actions. The people who register their domains with any certified TLD do have an automatic right to have Firefox display their websites. You have no right to assert they are fraudulent when they aren't and you have no evidence they are. I don't get a good feeling about Mozilla.org, anymore. The unrealistic, unilateral attitude reminds me of other kinds of similar extremism, that was also found to be unsubstantiated, and a great waste of effort. Indeed, the claim of blocking fraud with this scheme, appears to be the deceptive claim. It reminds me of SPF proponents claims that SPF would end spam. Those were similarly false. But I am beginning to think this thread doesn't really belong on DNSOP (though it is relevant to TLD DNS operations), but probably should be on an ICANN list devoted to TLD public policy issues. I have no idea what list that would be, or if there is such a list. Not that I oppose continuing the thread here, but I am concerned that this is an important public policy topic and the readers of this list are more engineering oriented. --Dean -- Av8 Internet Prepared to pay a premium for better service? www.av8.net faster, more reliable, better service 617 344 9000 _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
