Dean, On the surface, I deem your objection to be without merit. Unless you can convince me otherwise, I will send draft-ietf-dnsop-reflectors-are-evil to the RFC editor for publication on Friday, September 5. See below for point by point responses.
Dean Anderson wrote: > Anytime you discover that the facts asserted and relied on for a > document are false, or the sources of those facts and assurances > discredited, that's a "new" fact. A good example was the discovery in > TLS-AUTHZ that the assurances made by the document authors that patents > were disclosed according to RFC3979 was false. In the TLS-AUTHZ case, > the discovery of false facts justified the removal of IESG approval. > > In this case, it was asserted that there was a serious problem with open > recursors being used in attacks. That asserted fact was the motivation > for this document. However, in the time since the first two attacks, we > have seen no evidence of any further attacks, and the two small > motivating attacks now seem in retrospect to be contrived for this > document. The motivating attacks were first reported on NANOG, which > has previously made false statements deceiving the public and network > operators, and is therefore not a reliable source. See > http://www.iadl.org/nanog/nanog-story.html Requests for substantiation > and evidence of the claims of serious attacks have not been > affirmatively answered in two years. No direct or indirect evidence for > further, serious attacks has been produced at all. > > Analysis also shows an alternative DNS attack that requires less effort > from the attacker, does not expose the attacker to discovery, and is > much harder to mitigate and more damaging. There is no reason anyone > considering using DNS as an attack vector would use open recursors. > Analysis also shows that an attack using open recurors is easy to > mitigate. Do you deny that the vulnerabilities described in this document *could* be exploited? If this is your claim, and you can substantiate it, the WG will entertain your objection. However, if you are arguing any or all of the following, the WG will not entertain your objection: - that there have only been two attacks - that these attacks were contrived - that the organization reporting these attacks is not credible - that the organization reporting these attacks has not satisfied your requests for evidence - that there are easier ways to attack DNS This is because vulnerabilities need to be mitigated, regardless of whether they have been exploited. > > The above are significant contrary facts that undermine the original > consensus (if there even was one, next) > > On the point of consensus, I do not see that a WGLC succeeded for this > document. A last call held in November 2006 resulted in most people > being against this document. The last message with "WGLC" and "evil" in > the subject line was on November 21, 2006, extending date of the WGLC. > After the extension, there are several new versions, but no WG last > call. I'm not entirely sure why this document is in the state 'IESG > Evaluation' or how it got to state "Publication Requested" by Ron Bonica > given the Working Group record and the objections raised. According to > Section 7.5 of RFC2418, a rough consensus must exist before such a > request for publication is made by the WG chair(s) to the Area > director. It should also be noted that strong disapproval was voice in > the 2006 WGLC. The strong disapproval was based, in part, on the lack of > credible evidence supporting the need for this document. Two years > later, lack of evidence of real attacks is still a problem. There is no > widespread ISP support for, or call for, this document. Please see the minutes from IETF 67. It appears that most comments were accepted and addressed in subsequent versions of the draft. The WG chair appropriately determined that another WG last call was not required. Ron > > I strongly disapprove this document, object to the submarined approval > process, and will appeal this document to the limit of the appeals > process. > > --Dean > > On Sat, 6 Sep 2008, Peter Koch wrote: > >> On Mon, Sep 01, 2008 at 10:45:02AM -0700, [EMAIL PROTECTED] wrote: >> >>> Title : Preventing Use of Recursive Nameservers in Reflector >>> Attacks >>> Author(s) : J. Damas, F. Neves >>> Filename : draft-ietf-dnsop-reflectors-are-evil-06.txt >>> Pages : 8 >>> Date : 2008-09-01 >> this draft is in the "IESG Evaluation" state. >> The purpose of this update was to address the issues raised in the last >> remaining >> DISCUSS during IESG review (as mentioned during the DNSOP session in Dublin). >> You can visit the changes (non-editorial only affecting the security >> considerations section) through the tools site: >> <http://tools.ietf.org/wg/dnsop/draft-ietf-dnsop-reflectors-are-evil/> >> Editors, AD and shepherd (me) judged these changes to be minor enough and >> non controversial not to require another WG round. >> The draft will be approved as soon as the DISCUSS will have been released. >> >> To clarify, there's nothing that would suggest against the chairs' judgement >> of WG consensus being maintained. That said, any further discussion of >> whether or not the draft should have been worked on is probably >> counterproductive >> and consuming energy better spent on other current topics. >> As any document, this document can be revisited at a later stage with time >> passed and new facts on the table. >> I'd not consider the perceived absence of facts establishing a "new fact". >> >> -Peter [wearing a chair's hat] >> _______________________________________________ >> DNSOP mailing list >> DNSOP@ietf.org >> https://www.ietf.org/mailman/listinfo/dnsop >> >> > _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
