On Sat, Dec 31, 2016 at 5:00 PM Ted Lemon <mel...@fugue.com> wrote: > On Dec 31, 2016, at 3:27 PM, Viktor Dukhovni <ietf-d...@dukhovni.org> > wrote: > > why is there a need to make it easier for outside forces > to pressure providers to use such mechanisms to exert control over > their users rather than protect them from harm? > > > There is no _way_ to make it easier for said outside forces to pressure > providers. They have the force of law on their side. What we do makes > no difference in that arena. The arena in which it _does_ make a > difference is protecting people from losing their homes because they got > suckered by some malware that got into their personal records on their > computer. >
Another arena in which we have some control is how well implemented and interoperable the feature is -- if we document RPZ properly then, regardless of why it is being deployed, at least it will behave deterministically across implementations. RPZ is already implemented in nameserver software -- if the feature exists, I'd like it to work the same wherever it gets uses, and not cause collateral damage... W P.S / full-disclosure: I happen to use RPZ, and have for a number of years -- I run a number of (personal) mailing lists on my own mailserver, and use a number of RPZ feeds (e.g Spamhaus' DBL) for spam mitigation. > > IOW, the argument you are presenting has nothing to do with the choice > that faces us. If you want to make the case for rpz being a bad thing, > the argument you should be making would have to show why protecting people > in this way is the wrong solution to the problem, and why some other > solution to the problem (e.g., a blacklist in the browser) is less bad. > > Can’t we have that conversation, instead of these repeated assertions > about things over which we have no control? > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop >
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
