+1
I agree this is ugly as ugly can be but that ship has sailed.
For interoperability sake lets just publish this with a note that says
something like this;
This is documentation of fielded useful protocol.
This is ugly protocol and it copying it is strongly discouraged.
Olafur
> On Dec 20, 2016, at 8:24 PM, David Conrad <[email protected]> wrote:
>
> +1
>
> Regards,
> -drc
> (speaking only for myself)
>
>> On Dec 20, 2016, at 4:02 PM, John Levine <[email protected]> wrote:
>>
>>> "Not wanting to be recruited into a botnet" is another such consideration.
>>> Paul and Vernon invented a useful tool to help address it, and I'm
>>> in favor of documenting it.
>>
>> I would really prefer that the IETF not embarrass itself with a rerun
>> of the NAT fiasco, in which TCP/IP purists yelled and screamed and
>> insisted that NAT was evil, while in the real world it solved (still
>> solves) real problems, and everyone implemented it in various not very
>> transparent or compatible ways.
>>
>> RPZ is ugly but it solves serious real world problems, and it's going
>> to be used all over the world regardless of what we do. Just this
>> week I heard from a friend at a largish company that one of their
>> suppliers got hacked with the trendy new malware that hides in web
>> page images. Without RPZ, approximately all of their Windows users
>> would have been infected, with RPZ none of them were.
>>
>> If we want to offer advice and perhaps technical twiddles on how to
>> deploy RPZ to minimize surprises and make it easy to find and fix
>> mistakes, that would be swell. Insisting that it's stupid and wrong
>> confirms the not ill-founded impression that dnsop is out of touch
>> with the real world.
>>
>> So, yes, we should adopt this draft.
>>
>> R's,
>> John
>>
>> _______________________________________________
>> DNSOP mailing list
>> [email protected]
>> https://www.ietf.org/mailman/listinfo/dnsop
>
>
>
> _______________________________________________
> DNSOP mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/dnsop
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
