>I hereby, with full knowledge and prior consent, *refuse* that my ISP >(or the hotel where I stay) modify DNS responses.
I gather you live in France, where the government can and occasionally does require ISPs to change DNS responses so that requests for domains that a court considers illegal in various ways get the address of an interior ministry server instead. They did not need RPZ to do this, and they do not ask your permission when they do so. I'm certainly not saying it's a good idea, but it is the law in France, and there are similar laws in the UK and other countries that ISPs have to follow. To me, it is utter self-indulgence to imagine that it will make any difference whatsoever to government censorship if we do or do not publish RPZ documents. On the other hand, as many people with operational experience have confirmed, RPZ is an extremely useful tool to keep Internet users from being attacked by malware. It seems clear to me that if we can help providers deploy anti-malware RPZ zones, by enabling interoperable implementations, that will prevent a lot of evil directed at our users. It might be helpful to explain what people consider a reasoanble tradeoff between censorship concerns and consumer protection concerns, and how likely it is that RPZ publication or standardization would have any practical effect in the two areas. R's, John _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop