Hi, The only openly published standard for a policy implementing resolver of which I am aware is that under the direction of Paul Vixie, formerly of ISC. That standard is Response Policy Zones (RPZ).
I believe that the most recent version is at: https://kb.isc.org/getAttach/21/AA-00512/rpz.txt However, one would be best to check with ISC to confirm that this is the latest. Regards, -- Hugo Connery, Head of IT, DTU Environment, http://www.env.dtu.dk ________________________________________ From: DNSOP [dnsop-boun...@ietf.org] on behalf of Paul Hoffman [paul.hoff...@vpnc.org] Sent: Saturday, 25 April 2015 03:44 To: Paul Ferguson Cc: dnsop@ietf.org WG Subject: Re: [DNSOP] Terminology: policy-implementing resolver On Apr 24, 2015, at 6:38 PM, Paul Ferguson <fergdawgs...@mykolab.com> wrote: > > Policy-implementing resolver -- A resolver acting in recursive > > mode that changes some of the answers that it returns based on > > policy criteria, such as to prevent access to malware sites or > > objectionable content. In general, a stub resolver has no idea > > whether or not upstream resolvers implement such policy or, if they > > do, the exact policy about what changes will be made. In some > > cases, the user of the stub resolver has selected the > > policy-implementing resolver with the explicit intention of using > > it to implement the policies. In other cases, policies are imposed > > without the user of the stub resolver being informed. > > > > Sounds really good -- could you provide reference anchor for > "policy-implementing resolver", e.g. DNS RPG? That would be super. Good question, and no. "Policy-based" and "policy-implementing" are those kind of terms we hear bandied about in operator circles but not written about in RFCs because it is supposedly outside the purview of the IETF. If someone has a reasonable reference we can point to, that would be great. --Paul Hoffman _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
