Hallam-Baker, Phillip wrote:
There is a big difference between accreditation and
reputation. Lumping
them together like your draft does not seem to be a good idea.
Perhaps, but how do I know Yakov's reputation? I have to ask someone. And
they cannot tell me Yakov's reputation, they can only tell me their opinion
of his reputation.
Correct which is what the current blacklists do. It is upto you to
figure out whose opinions you trust. An accrediation service is vouching
for someone, a reputation service is stating an opinion of someone's
reputation. The two things are different.
Additionally, why resort to DNS if other possible ways are
possible for
retrieving such data. Some ISPs might even want to use bulk
methods.
This is possible and even likely. But I see that as an optimization rather
than a base protocol.
In the original spec I proposed supporting different access protocols and
folk said, no just try with one to start. Everyone seemed to think that
there would have to be a DNS scheme as a minimum.
The
DNS packet size might also be an issue if the reputation and
accreditation data is rather large. There is also no indication of what
the values measure. Multiple values are possible. If an ISP subscribes
or gets data from a specific reputation service like MAPS, then it is
very likely that other methods aside from DNS can be used.
That is the role of the meta-data record. Here it would be easiest if it was
possible to go to XML for the description.
Perhaps we should just discuss what goes into it first, before
discussing how its stored and queried.
Yakov
-------
Yakov Shafranovich / asrg <at> shaftek.org
SolidMatrix Technologies, Inc. / research <at> solidmatrix.com
"I want to know G-d's thoughts... the rest are details" (Albert Einstein)
-------
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg