+1 
I agree this is ugly as ugly can be but that ship has sailed. 
For interoperability sake lets just publish this with a note that says 
something like this;

This is documentation of fielded useful protocol.
This is ugly protocol and it copying it is strongly discouraged. 


    Olafur 
> On Dec 20, 2016, at 8:24 PM, David Conrad <d...@virtualized.org> wrote:
> 
> +1
> 
> Regards,
> -drc
> (speaking only for myself)
> 
>> On Dec 20, 2016, at 4:02 PM, John Levine <jo...@taugh.com> wrote:
>> 
>>> "Not wanting to be recruited into a botnet" is another such consideration.
>>> Paul and Vernon invented a useful tool to help address it, and I'm
>>> in favor of documenting it.
>> 
>> I would really prefer that the IETF not embarrass itself with a rerun
>> of the NAT fiasco, in which TCP/IP purists yelled and screamed and
>> insisted that NAT was evil, while in the real world it solved (still
>> solves) real problems, and everyone implemented it in various not very
>> transparent or compatible ways.
>> 
>> RPZ is ugly but it solves serious real world problems, and it's going
>> to be used all over the world regardless of what we do.  Just this
>> week I heard from a friend at a largish company that one of their
>> suppliers got hacked with the trendy new malware that hides in web
>> page images.  Without RPZ, approximately all of their Windows users
>> would have been infected, with RPZ none of them were.
>> 
>> If we want to offer advice and perhaps technical twiddles on how to
>> deploy RPZ to minimize surprises and make it easy to find and fix
>> mistakes, that would be swell.  Insisting that it's stupid and wrong
>> confirms the not ill-founded impression that dnsop is out of touch
>> with the real world.
>> 
>> So, yes, we should adopt this draft.
>> 
>> R's,
>> John
>> 
>> _______________________________________________
>> DNSOP mailing list
>> DNSOP@ietf.org
>> https://www.ietf.org/mailman/listinfo/dnsop
> 
> 
> 
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop

_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to