On 10/30/2010 7:18 PM, John Leslie wrote:
Rich Kulawiec<rsk(_at_)gsp(_dot_)org> wrote:
I'm with you, for the most part, in the spirit of "MUST NOT" (charge
fees) for delisting/expedited delisting/delisting with extra pepperoni
in order to avoid both impropriety and the appearance of impropriety.
But...should this also mean that a DNSBL "MUST NOT" charge fees *to list*
a domain?
I say "yes".
A blocklist is generated for the benefit of receivers, and they work by
providing a negative reputation to someone who's not, er, "volunteered".
As such, it's at least conceptually a conflict of interest if not
outright protection racket to take money from the person they stepped
on. "Pay me, otherwise we break your (arm|mail server)".
On the other hand, I can't imagine people paying to be on a DNSBL,
unless that infers positive reputation (whitelist or something similar).
They're "volunteering", and it's for their benefit (and hopefully the
receiver's (the one who volunteers to _use_ the whitelist) benefit too).
Both of them are entering into the agreement.
If you follow who the benefit flows to in either case, you can see that
at least ethically, there's not a huge problem of _both_ the receiver
(user) and sender (whitelistee) to paying for listing. But with
negative reputation, the benefit of a listing goes only one way, to the
receiver.
Yes, there can still be accusations that the whitelist is taking money
from those they shouldn't to help their bottom line. But for the most
part, the people who _use_ the DNSWL and are big enough to matter in the
whitelist's bottom line will know if the DNSWL is telling porkies (user
complaints), and simply stop using it. We know they will fire
whitelists that tell porkies, and we know that it will be noticed. A
negative feedback self-correcting thing.
And let's extend this a bit, generalizing the concept of DNSBL: the
same data could be published as (a) a file (b) a torrent (c) a DNS RPZ
or other formats. I think if we're going to argue that some action
is appropriate/inappropriate when the data's in a DNSBL, we should
argue the same thing for that same action when the same data's
repackaged in a different form. So are we prepared to state that
delisting (OR listing) "MUST NOT" involve a fee in all of those cases?
I'm fine with that, by the way.
The BCP is only about DNS-based lists, so expanding its coverage
anywhere near that far _just_ for this would be, I think, vastly
overreaching ourselves.
"pay for delist from rsync'd but not DNSBL version" would be pretty
obvious bit of fluffery.
I dislike such fees as much as the next fellow -- I pretty much
refuse to pay them (instead renumbering the server in the two cases
where I've gotten blacklisted)...
But I really don't follow why documents like this must proscribe
business models.
It's not a business model that's being proscribed, it's conflict of
interest or the appearance of conflict of interest. At least with the
notion of paying for delisting from a block/negative reputation list.
Part of a BCP is providing an ethical guideline.
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg