At 5:27 PM -0500 2003/10/27, David Maxwell wrote:
A DNS server being compromisable is an implementation flaw, not an
infrastructural one. It's also more difficult than forging an email
address is today, thereby raising the bar for spammers.
No more difficult than writing a virus to compromise millions of
PCs world-wide and make them available to you as open proxy servers.
The later would be difficult for a virus to 'know'.
Easy to find out, especially if the site has implemented DRIP and
RMX type solutions.
Of course, another issue with open caching/recursive servers is
that you can get anyone in the world to effectively host your domain
for you, and combined with wildcards they could appear to be hosts
for virtually all domains on the Internet.
I don't understand your example.
Then you don't understand enough about DNS security issues to be
able to pass judgement on these matters.
Right, it's raising the bar, and it's also enabling other tools.
It's not raising the bar. It's moving the bar, but merely
horizontally. You're not improving the situation. Moreover, because
you're moving the bar into territory where many admins have much less
knowledge and experience, in many ways you're making the situation
worse than it was before.
Without (verified) domain names, you can't have verified email
addresses.
Not true.
Without (verified) email addresses, you can't have reliable user based
whitelists.
Not true.
I believe that for many users, a short whitelist would be a highly
practical solution to the spam problem. It wouldn't be for myself,
personally - but for my mother, and my aunts...
It wouldn't be useful for anyone who doesn't understand the
details of the technical implementation, and who doesn't know what
the potential failure modes are and what to do about them.
In other words, the people it would be least useful for would be
your mother or your aunts.
Any white or black listing proposal which doesn't address the need for
authentication of the list compared data may be worked around.
Anything which causes the trust boundary to be crossed can (and
will) be gamed. This is where joe-jobs come from. Authentication
methods won't change this fact, unless they are based on a secure
protocol which uses strong crypto at the core -- which means that
they cannot possibly be implemented through the DNS.
--
Brad Knowles, <brad(_dot_)knowles(_at_)skynet(_dot_)be>
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-Benjamin Franklin, Historical Review of Pennsylvania.
GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E-(---) W+++(--) N+
!w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg