On Tue, Jan 18, 2011 at 9:46 AM, John Levine <johnl(_at_)taugh(_dot_)com> wrote:
b) I have minor reservations but don't object to publishing it, OK for
ASRG partial consensus.
My minor reservation is that I would like to see a "why DNS?" section
that describes the characteristics of an information distribution
scenario that make DNS a good choice of technology. This comes up
often here, usually in the form of millennial rants prophesying
eventual replacement by public (or non-public) rsync servers or such,
more or less. The characteristics of the problem domains that DNSxL
technology has been applied to are implicit in the introduction, but
are not enumerated in such a way that one might come away from
https://datatracker.ietf.org/doc/draft-irtf-asrg-bcp-blacklists with
vocabulary allowing the reader to classify information distribution
problems in a way that she might be able to confidently answer the
question "Is a DNSxL the correct distribution technology?" when
selecting.
Towards drafting a section to satisfy this criticism, the
characteristics to enumerate would be the characteristics of DNS that
make DNS appropriate for this application, from which we must go
through the motion of enumerating the (currently implied)
characteristics of the application that make DNS a good fit for it.
These characteristics include, but are not limited to:
* setting of time-to-live -- variable time to cache, at record grain size
* data only transmitted on as-requested basis
* central administration, with possibility to explicitly delegate parts
* existing well-understood software infrastructure
The inclusion of such a section could elevate the document from the
specific to the general, and set an example as a model for a best
practice in the composition of best practices documents: before
getting down and dirty with details confusing to the newcomer, spend a
paragraph answering the "why?" behind the deer-in-the-headlights
glaze.
Currently all we have in this realm is "Due to the rising amount of
spam and other forms of network abuse on the Internet, many community
members and companies began to create, publish and maintain DNS-based
reputation systems (DNS-Based Lists) of IP addresses or domain names
and make reputation suggestions or assertions about email sourced from
these IP addresses or domain names."
I would like to see that paragraph expanded to explain what it is
about reputation data that makes DNS a good technology for
distributing it, and what it is about DNS that makes it a good
technology for distributing reputation data, or other data (aside
from, of course, name to number mappings and their reverse) that
makes, or might make sense, to distribute by DNS.
In conclusion, start reading a biography of Mark Twain first thing in
the morning and you'll be loquacious all day.
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg