--On 4 June 2008 11:45:00 -0400 Chris Lewis <clewis(_at_)nortel(_dot_)com>
wrote:
I've just uploaded and authenticated/verified:
http://www.ietf.org/internet-drafts/draft-irtf-asrg-bcp-blacklists-03.txt
I'd appreciate people going through this carefully to make sure I've not
finger-fumbled anything. After a while you can't see the document for
the words to mangle a phrase.
s/rightness or wrongness/rights and wrongs/
I'm not sure about this: "DNSBL providers SHOULD NOT be held
accountable in any way for the consequences of use of a DNSBL applied
in an un-intended way."
The implication is that providers may or even should be held accountable
for consequences of use of a DNSBL applied in an intended way. There are
two problems with this: (a) it isn't clear whose "intent" is referred to -
though I guess we mean the intent of the provider not the user (b) many
DNSBLs don't list any "intended" use - they simply describe the listing
criteria. In fact, none of the RBLs that I use to block spam (by rejecting
smtp mail from listed IP addresses) explicitly say that they are intended
to be used for that purpose - at best they say that some people choose to
do so.
I think, therefore, accountability should only apply when the published
criteria don't match the real criteria for listing. Therefore, I'd prefer
the wording:
"DNSBL providers SHOULD NOT be held accountable in any way for the
consequences of any use of a DNSBL, provided the published listing criteria
match the real listing criteria." or even simply "DNSBL providers SHOULD
NOT be held accountable in any way for the consequences of any use of a
DNSBL.".
--
Ian Eiloart
IT Services, University of Sussex
x3148
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/asrg