Chris Lewis wrote:
I've just uploaded and authenticated/verified:
http://www.ietf.org/internet-drafts/draft-irtf-asrg-bcp-blacklists-03.txt
In addition to the NITs I listed in another message, I suggest making
the following changes for grammatical cleanliness.
Tony Hansen
tony(_at_)att(_dot_)com
130,131c130,131
< different ways, far beyond the designers' of DNS or DNS-based
< blocking IP lists imaginings. For example, today, the same basic
---
different ways, far beyond the imaginings of the designers of DNS
or DNS-based
blocking IP lists. For example, today, the same basic
134c134
< DNSWL listings of well-behaving email source IP addresses
---
DNSWL listings of well-behaving email source IP/domain addresses
150,152c150,152
< informational purposes. For example, implementations that return
< results based on what geographic region an IP is putatively allocated
< in, implementations that translate an IP address into a ASN number
---
informational purposes. For example, there are implementations
that return
results based on what geographic region an IP/domain is putatively
allocated
in, implementations that translate an IP/domain address into a ASN
number
175c175
< some DNSBLs in some areas, these areas will be mentioned as
---
some DNSBLs in some areas, which will be mentioned as
191c191
< sources situated at static (unchanging) IP addresses. Due to the
---
sources situated at static (unchanging) IP/domain addresses. Due
to the
207c207
< what they are. It is the responsibility of the DNSBL user to ensure
---
what the criteria are. It is the responsibility of the DNSBL user
to ensure
229c229
< queries. See [DNSBL-EMAIL].
---
queries. (See [DNSBL-EMAIL].)
255c255
< such evaluations depend on mail mix used as well as local
---
such evaluations depend on the mail mix used as well as local
312c312
< document are to be interpreted as described in RFC 2119 [RFC2119].
---
document are to be interpreted as described in [RFC2119].
325c325
< (ASRG) of the IRTF. As per section 3 of RFC 2014 [RFC2014]IRTF
---
(ASRG) of the IRTF. As per section 3 of [RFC2014] IRTF
352c352
< A DNSBL SHOULD carefully describe the criteria which are the cause
---
A DNSBL SHOULD carefully describe the criteria that are the cause
369c369
< relays only MUST NOT include IP addresses for any other reason. This
---
relays MUST NOT include IP addresses for any other reason. This
384c384
< available (or shutdown). See Section 3.1.
---
available (or shut down). See Section 3.1.
413c413
< making audit trail data public does not entail revealing all
---
making an audit trail data public does not entail revealing all
428c428
< Examples: Some DNSBLs will IP ranges if there is reason to believe
---
Examples: Some DNSBLs will list IP ranges if there is reason to
believe
441c441
< perfect, and that occasional mistake is inevitable no matter what is
---
perfect, and that an occasional mistake is inevitable no matter
what is
455c455
< diligent administrator needs information about the these policies in
---
diligent administrator needs information about these policies in
487c487
< need not ever get removed, just kept reasonably current.
---
need not ever be removed, just kept reasonably current.
491c491
< long expiration intervals or only be removed on request after
---
long expiration intervals or only be removed upon request after
515c515
< what the expiration policy is, even if its only "delist on request"
---
their expiration policy is, even if it's only "delist on request"
547c547
< methods with low false positive rate as practical SHOULD be chosen.
---
methods with as low of a false positive rate as practical SHOULD
be chosen.
555c555
< representative or domain owner) may make valid removal requests,
---
representative or domain owner) may make valid removal requests.
564,565c564,565
< however, in many DNSBLs this is inadvisable because it requires
< impractical amounts of effort and hence NOT RECOMMENDED in most
---
However, in many DNSBLs this is inadvisable because it requires
impractical amounts of effort and hence is NOT RECOMMENDED in most
573,574c573,574
< listed IP address removed immediately, it does not prevent the DNSBL
< operator from re-listing the IP address at a later time.
---
listed IP/domain address removed immediately, it does not prevent
the DNSBL
operator from re-listing the IP/domain address at a later time.
592c592
< DNSBL operators and organizations whose IP addresses have been
---
DNSBL operators and organizations whose IP/domain addresses have been
599c599
< relationship to the factors which were the cause of the addition to
---
relationship to the factors that were the cause of the addition to
666c666
< Most IP-based DNSBLs follow a convention of entries for IPs in
---
Most IP-based DNSBLs follow a convention of query entries for IPs in
678,679c678,679
< that the IP is listed. This appears to be a defacto standard. See
< [DNSBL-EMAIL]
---
that the IP/domain is listed. This appears to be a defacto
standard. See
[DNSBL-EMAIL].
698c698
< because it is generally prohibited in hostnames, and are highly
---
because they are generally prohibited in hostnames, and are highly
732c732
< servers for the DNSBL. Popular DNSBLs are in use by tens of
---
servers for the DNSBL. Popular DNSBLs are used by tens of
760c760
< inflicting a DDOS.
---
inflicting a DDOS attack.
762c762
< 5. The base domain name SHOULD be registered indefinately, so as to
---
5. The base domain name SHOULD be registered indefinitely, so as to
768c768
< servers for the DNSBL to point at "TEST-NET" addresses (see RFC3330
---
servers for the DNSBL to point at "TEST-NET" addresses (see
802,803c802,803
< Assumes DNSBL is named "dnsbl.example.com". Replace "example.com"
< and "dnsbl.example.com" as appropriate for the DNSBL
---
This example assumes that the DNSBL is named "dnsbl.example.com".
Replace "example.com"
and "dnsbl.example.com" as appropriate for the DNSBL.
810c810
< The DNSBL MAY list loopback, RFC 1918 [RFC1918], LINK-LOCAL class
---
The DNSBL MAY list loopback, [RFC1918], LINK-LOCAL class
814c814
< As additional insurance against listings of space that should not be
---
As additional insurance against listings of space that should not
be listed,
831c831
< This practise (scanning for vulnerabilities) can represent a risk in
---
The practise of scanning for vulnerabilities can represent a risk in
867c867
< targetting conditions are no longer met.
---
targetting conditions no longer being met.
886c886
< systems improperly for DNSBL queries. The consequences of error can
---
systems improperly for DNSBL queries. The consequences of an
error can
906c906
< or 4.3.2.1.dnsbl.exmple.cm instead of 4.3.2.1.dnsbl.example.com)
---
or 4.3.2.1.dnsbl.exmple.cm instead of 4.3.2.1.dnsbl.example.com).
910c910
< continuing to query public nameservers
---
continuing to query the public nameservers.
917c917
< thus heavily increasing load on public nameservers
---
thus heavily increasing load on the public nameservers.
922c922
< 6. Using the DNSBL incorrectly. e.g. Some DNSBLs are suitable only
---
6. Using the DNSBL incorrectly. E.g. some DNSBLs are suitable only
926,927c926,927
< While in many cases, it can be difficult detect such situations, to
< protect against such misconfiguration, it is RECOMMENDED that DNSBL
---
While in many cases it can be difficult to detect such situations, to
protect against such misconfiguration it is RECOMMENDED that DNSBL
964c964
< outlined in RFC 3833 [RFC3833]
---
outlined in [RFC3833].
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/asrg