On 11/2/2010 5:34 PM, Rich Kulawiec wrote:
Yes, there can still be accusations that the whitelist is taking
money from those they shouldn't to help their bottom line. But for
the most part, the people who _use_ the DNSWL and are big enough to
matter in the whitelist's bottom line will know if the DNSWL is
telling porkies (user complaints), and simply stop using it. We
know they will fire whitelists that tell porkies, and we know that
it will be noticed. A negative feedback self-correcting thing.
I'd like to agree with this; I really would, because it would be
great if things worked this way. But (a) I don't see it happening
in practice (today) and
I do. I know of at least one firing of a significant whitelisting
mechanism. I am constrained from providing details, other than to state
that it was big and someone's bottom line took a major hit.
(b) even if I did, I can still see plenty
of opportunities for DNSBLs and DNSWLs to engage in considerable
chicanery while remaining under the radar. (Of course they could
do that anyway, for a variety of reasons: caprice, bias, negligence,
etc. But I think fees pose much more of an issue than any of those.)
Agreed.
The BCP is only about DNS-based lists, so expanding its coverage
anywhere near that far _just_ for this would be, I think, vastly
overreaching ourselves.
Ah, that's one of the things I worded poorly. I wasn't suggesting
that the BCP coverage be expanded. I was trying to say that we could
use those additional ways of providing/presenting the same information
as examples while we tried to think our way through the ethical
considerations. That is, if we think something is ethical/unethical
when it's presented as a file or torrent or whatever, then for
consistency's sake we probably should think the same when it's
presented as a DNSBL.
Given that the same principles apply to things as far afield as
restaurant reviews ;-), I don't think much is to be gained from looking
at things which are directly equivalent to DSNBLs (lists by file, not DNS).
For John Leslie too: I'll rephrase it slightly to add "conflict of
interest". Yes, "conflict of interest" is often simply declared (and
the person recuses themselves from the decision where they may be in
conflict). But because of the nature, politics of DNSBLs, and the
cloaking they all wear to one degree or another, you couldn't really do
that.
Also remember it's probably going to be a "SHOULD NOT", which means that
a DNSBL could still do it and remain in compliance.
Further, if something golly-gee-whiz-bang shows up that makes that
clause silly, we can always revise it.
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg