>> Protocol signalling can help, but it is a relatively trivial matter >> compared to how the blocking technology is explained to the people who are >> affected by it. > >I don't agree. While my Aunt Mildred might understand the instructions >of a walled garden the next time she infects her computer, she'll never >understand RPZ, HTTPS proxies, or even firewalls. Even if she had the >wit, she lacks the interest.
Users do strange things. People at large mail systems tell me that their users constantly take obvious phishes and 419s out of the spam folder and respond to them, so the mail operators do things like rewriting the mail to make the links unclickable even if it's moved back into the inbox. If we make a mutant RPZ that signals when something's rewritten, I can promise that some clever person who imagines that RPZ is 99% censorship and 1% anti-malware, rather than the reality which is the other way around, will write a "free speech resolver" that undoes the changes so the malware goes straight into the user's browser. Then, of course, the users will blame us for not protecting them from cryptolocker. As many people have pointed out, censorship happens with or without RPZ, and it is pure hubris to imagine that anything we do or don't do with RPZ will change that. On the other hand, we've seen plenty of reports from operators with actual experience of RPZ protecting their users from malware. So let's do something pro-user for a change. R's, John _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
