joel jaeggli <joe...@bogus.com> wrote: > On 12/29/16 1:51 PM, william manning wrote:
> > if this work does proceed, i'd like to insist that it carry a > > disclaimer that it is designed specifically for closed networks and is > > not to be used in the Internet. > > this sounds like an aplicability statement to be included in the > introduction. I don't understand what "not to be used in the Internet" means for RPZ. Part of the point of standardizing it is interoperability between multiple RPZ resolver implementations and multiple RPZ data providers. The resolver operator gets the RPZ data via IXFR across the Internet. Is this bad? Or maybe "not to be used in the Internet" is something to do with who uses resolvers with RPZ blocks. Open resolvers are horrible abuse magnets and should not be available for use by the whole Internet unless their operators have impressive anti-DDoS skills. But that isn't an RPZ-specific problem. Tony. -- f.anthony.n.finch <d...@dotat.at> http://dotat.at/ - I xn--zr8h punycode Southwest Shannon: Southeasterly 5 to 7. Moderate or rough. Fair. Good. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
