ietf-asrg
[Top] [All Lists]

Re: [Asrg] draft-irtf-asrg-bcp-blacklists-01 March 24, 2008

2008-04-03 19:38:26

On Apr 3, 2008, at 6:47 PM, Al Iverson wrote:

Wrong -- MAPS did not notify the network provider in many cases.  
This was never RSS policy back then, for example. Nor did MAPS go to  
great lengths to identify network providers for many RBL listings.  
Sorry, Doug, I was there before you and I personally observed it.

With respect to DUL, RSS, and OPS, you would be right.  RSS and OPS  
represent the difference between automated and manually generated  
lists.  This was the reason to differentiate between automatic and  
manually generated lists.  Of course, this draft might suggest re- 
scanning these types of list at some interval.  Automatic expiration  
would be hard to justify, especially due to their small size, and the  
extremely low number of complaints they generate.  Tony, not knowing  
about the automatic retest request, suggests this should function  
should have been more prominent.

Statements on network provider reputation was in response to a comment  
made by Chris Lewis that _no_ list currently is based upon network  
provider reputation.  While AS reports may have been in the hands of  
only a few, this does not mean they were not applied.  Be assured,  
this currently is the case.

Of course, even if correct, this is still out of scope, as BLs are  
not limited to IPs.


Please review the recommended changes.  None of the changes assume a  
listing is based upon the IP address.  These changes actually mitigate  
this assumption regarding the use of IP addresses such as "collateral  
damage" or automatic removal being a simple matter of adding back a  
few more IP addresses.   The error in this regard is found in the  
current draft.  The changes being recommended move in the direction  
you suggest.

-Doug



_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/asrg