Re: [DNSOP] I-D An Extension to DNS64 for Sender Policy Framework SPF Awareness

rue, the second should say "It has never been necessary at all." - -- richard Richard Clayton Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 No

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

thereby forming a view as to their legitimacy (or otherwise) If lots of work is to be done on reverse lookups in IPv6 (which I would argue is entirely self-defeating) then being able to do a reverse lookup which returns "/48" or "/56" or whatever is, in my view, significantly m

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

ever, logging systems don't generally attempt to check that forward and reverse match, and so there is significant risk of being misled by the wicked. Asking the bad guy to tell you their name and not checking their answer is never the most solid of approaches. - -- richard

Re: [DNSOP] DNSOP Call for Adoption draft-vixie-dns-rpz

ng an interchange standard for DNS related badness (with annotations to hint at how this badness might affect a resolver) would seem better engineering and rather less dangerous. - -- Dr Richard Clayton Director, Cambridge Cybercrime Centremobile: +4

Re: [DNSOP] draft-liman-tld-names-04

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 In message <4ce1b830.5040...@necom830.hpcl.titech.ac.jp>, Masataka Ohta writes >I already gave an example of capital form of 'c' with cedille is >often plain 'C' without cedille That, as I understand it, is the convention in mainland France. >and

Re: [DNSOP] draft-liman-tld-names-04

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 In message <4cf0289c.7080...@dougbarton.us>, Doug Barton writes >On 11/25/2010 09:52, Andrew Sullivan wrote: >> It seems to me that those who don't like the document >> aren't actually offering text that they'd like to see in the document. > >You may

Re: [DNSOP] Draft Reverse DNS in IPv6 for Internet Service Providers

if we don't build such a system where this information can be stored for anyone to access for free then we're all going to end up paying another set of brokers for the data needed to provide the granularity measures our reputation systems must use - -- Dr Richard Clayton

Re: [DNSOP] PTR usage cases for networking Re: Using PTRs for security validation is stupid

tion Systems are doing PTR lookups >by policy >For IDS are their expectations any different than log processors? >and if IDS’s are taking decisions based on the content of PTR records what >granularity do they need? If they're making significant decisions based on PTR records