ietf-asrg
[Top] [All Lists]

Re: [Asrg] Round one modifications to DNSBL BCP draft.

2008-04-01 11:49:04
Douglas Otis wrote:
Most black-hole/block lists are based upon the IP address where the  
octets are in reverse order.  The network provider can be noted by who  
advertised the address space.

See:
http://www.team-cymru.org

This technique depends upon ASNs observed in BGP announcements.  This  
information is often processed with a program like zebra, for example.

Or home grown stuff using routeviews.

The mechanics of doing this are well understood, however:

Determining the network provider helps establish their reputation,  
which should represent a significant factor in whether their  
advertised space can be trusted.

Very few existing (at least public) DNSBLs pay any attention whatsoever 
to this.  Those that do usually do little more than ad-hoc aggregate 
statistical reports, eg http://cbl.abuseat.org/country.html and 
http://cbl.abuseat.org/domain.html, or Spamhaus's country/provider top 
100 listings, or Cymru's or helping guide the manual escalation of 
manual listings...

Hence, it misses the "C" ("current") required for a BCP.

It may be the perfect reputational DNSBL design, but it's still not a 
_current_ one, and is hence not eligible for a BCP.

Secondly, it's DNSBL listing policy, not operational practise.  Thus, it 
is out of scope for the document at hand _even_ if such DNSBLs existed 
today.

So while this discussion might lead to ideas for new DNSBLs (I've gotten 
several ideas already - I already do most of the hard computations) with 
more advanced listing criteria, it's totally irrelevant to a DNSBL 
operational BCP.

As a discussion for future work in DNSBL/reputational systems it's a 
reasonable topic for ASRG.  But, it has _nothing_ to do with the BCP - 
this subthread diverged from relevance some time ago.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/asrg