ietf-asrg
[Top] [All Lists]

RE: [Asrg] Re: [Politech] Congress finally poised to vote on anti -spam bill [sp]

2003-11-25 07:03:36
Especially for domains, it's important to do some validation,
though in the absence of widely-deployed DNSSEC, it's hard to 
do automatically.

DNSSEC is not happening, blame Randy Bush and the IESG for 
refusing the working group consensus and imposing their own
idea that cannot be deployed. An experimental protocol that 
increases the volume of data in the .com zone by an order of 
magnitude (read Gbs of data) is simply unacceptable.


We do not need DNSSEC, we just need a notice in the DNS.
It would be a relatively easy task to walk the .com zone
and dump out a list of all the zones which contain a 
'do not spam' TXT property record.

This has the secondary advantage that it is not necessary 
to actualy consult the list, the authoritative information 
is in DNS.


There's a scalability problem that has to be solved,
which is how to prevent a DOS-by-signing-up-too-many-addresses attack.

I do not expect that to be a problem, that would be a
problem for the contractor. Limit the number of direct
registrations from a particular IP address within a given
time interval.

It is likely to result in the cost of the system being 
considerably more than the cost of a couple of mid range
servers and some software. This is not a new phenomena.


                Phill

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



<Prev in Thread] Current Thread [Next in Thread>