ietf-asrg
[Top] [All Lists]

Re: [Asrg] draft-irtf-asrg-bcp-blacklists draft updated.

2008-06-06 06:14:40
On Fri, June 6, 2008 5:49 am, Ian Eiloart wrote:
--On 5 June 2008 13:34:37 -0400 Chris Lewis <clewis(_at_)nortel(_dot_)com> 
wrote:
John Levine wrote:
I'm not sure about this: "DNSBL providers SHOULD NOT be held
  accountable in any way for the consequences of use of a DNSBL
  applied in an un-intended way."

Oh, well in these cases, the intent referred to is that of the user, not
the provider! That's the opposite of what I assumed was required.

It might be useful to try to think of situations in which you _would_ want
the provider to be held accountable for a problem. I can only think of a
few situations:

(c) failing to adequately document the listing criteria,

What does that mean?  Inaccuracy is one thing, but could you give an
example of listing criteria that are accurate but inadequate?  I think "IP
addresses that annoy Seth" is a perfectly adequate listing criteria.

(d) substantially changing the listing criteria (because there is no
mechanism for alerting users - perhaps there should be) - instead, a new
list should be created.

That's a form of inaccuracy.  (How big a change is "substantially"?)

Perhaps the wording should read "DNSBL providers SHOULD NOT be held
accountable in any way for the consequences of use of a DNSBL, as long as
the DNSBL meets the standards of this RFC". Or perhaps that's implicit.

"Responsibility for the consequences of the use of a DNSBL (or any other
configuration option) belongs to whoever decided to use that DNSBL (or
other option)."  If someone chooses to use dnsbl.noprimes.org to block
mail, the responsibility is the chooser's.

Seth


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/asrg