As far as I can tell, you are deflecting my serious concerns rather than responding to them. I’m asking you to describe an actual situation where the information you want us to publish would (a) be published and (b) actually work as a means of notifying some real person of something, or prosecuting some real crime. I’m going to respond to what you’ve said to point out that it’s not serious, but I encourage you not to debate these points with me. If your goal is actually to publish this draft, the right thing to do is come up with some good arguments why the IETF should publish it, not to get into a debate over details with me.
You respond: > I most certainly can and do use no information and false information for > making policy decisions. In fact, so do you and everyone here, every day. > Would you give you credit card information over the phone when receiving a > call with no caller ID? Caller ID is always presumptively forged. If you actually care about not being phished, you should never under any circumstances provide your credit card information over the phone if you didn’t initiate the phone call. You shouldn’t even do it then, since telephone conversations aren’t encrypted end-to-end. > You're making an assumption that people SHOULDN'T ever give contact > information. That's not true. Every business puts their contact information > their website. They WANT to be contact. Individuals often will do the same. > On twitter, journalists routinely put their phone numbers. > This isn’t actually true. People who want anonymous contact do in fact publish information that people can use to contact them anonymously, which may be a phone number. It’s also a straw man. I’m not saying people shouldn’t ever give contact information. I’m saying that people shouldn’t be held hostage in such a way that they are forced to _publish_ personal information in order to get services. > As far as pretext for "investigating people", as long as I break no laws, I > can't investigate anyone for anything I want at any time I want for any > reason I want. So can you. But that's not the question here. Voluntary > interconnection is. I can deny people access to my resource for any reason I > want. > Repressive regimes often use pretexts to justify their repressive activities. It is to this that I am referring when I talk about this as an attack surface. Maybe you never engage in improper policing, but we can’t assume that this is true everywhere where DNS is used. > You'd want me (or others) to let you know about compromises, for one. DMARC > does this already, in a sense. I get email reports about potential abuse of > my domain and spoofing emails. To do this, it needs an email. I get > something. But wide-spread adoption is the risk, I don't make any illusions > of that. There is no way in the world that I would ever publish my email address as a way to get notifications of compromise. Not merely for privacy reasons, but because the spam rate on that email address would be astronomical, and so I’d never see them. > I can provide lots of use cases and provide others who will attest to the > same. Victim notification, correlation of domains and resources, > investigations, generating reputational data… > These are nearly all examples of ways this information will be used against me. If you think victim notification is a good use case, can you describe in detail how that would work? > There is no protocol, communication, human endeavor where this will be every > true as far as "not used against me". DNS records is entirely voluntary now. > You control what you put or don't put in there, no one is changing that. But > using it against you or not, someone could use the fact you are running an > IIS web server against you. > It’s true that whenever I communicate with anyone, I create a risk for myself. So doesn’t it make sense that I would want to control with whom I communicate, rather than broadcasting? > Exactly what ethical standard do you claim is violated here? And if the > answer is that you have some unfettered right to access my network resources, > that is simply false. That’s an interesting response, which suggests that you have a use case in mind. The use case you have in mind is that you will deny service to people who do not publish this information. This is exactly the attack surface I was describing earlier, and you’ve just said that you intend to use this attack. Of course it’s your right to deny service to people who don’t identify themselves to you. If you want to do that, the way you do that is by establishing a business relationship with them and refusing service to people with whom you have no business relationship. It is not by creating a huge database of personal information accessible to everyone, and demanding that they publish their information in this database.
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop