ietf-asrg
[Top] [All Lists]

Re: [Asrg] What is Reputation Service

2011-01-25 19:18:37
On Tue, Jan 25, 2011 at 5:06 PM, Dotzero <dotzero(_at_)gmail(_dot_)com> wrote:


But that brings me back to my original question. If reputation doesn't
prevent a site from getting throttled or blocked when it goes bad,
what does reputation mean? It doesn't particularly protect the site
from the immediate consequences of going bad. It appears that the
responses are authoritative (this domain or IP is currently emitting
badness) rather than reputational (this site has a good reputation so
I will accept badness from it on the presumption they are going to
address it). I will grant that there may be some small slack cut based
on reputation but does it really extend that far?


Hi Mike,

if you recall my presentation at ISOI 8 in Pasadena [1], I gave a
presentation (specifically) on domain reputation, followed by Eric
Ziegast of ISC on DNS RPZ [2].

One of the main points I was trying to make in that presentation is
that there should be specific distinctions made between reputation
"policy" and reputation "technical implementation". Each individual
organization -- both the ones that provide the "reputation", and the
ones that decide to "implement" it -- should determine for themselves
what their policies are. The technical implementation should, in my
opinion, should be "standardized" (for whatever your definition of
standardized may be), such that many different policies can be
implemented in the same fashion.

That's one reason I'm a big fan of DNS RPZ for implementing domain
reputation -- each implementing organization can choose for themselves
which reputation providers they choose to implement (e.g. Spamhaus,
SURBL, etc.).

Let's not get sucked in to a long drawn-out discussion of policy. It
generally spirals into a meaningless quagmire. :-)

- ferg

p.s. Of course, this doesn't necessarily address spam, per se, but
more broadly the distinction between policy & technical
implementation.

[1] http://www.isotf.org/isoi8.html
[2] http://www.isc.org/community/blog/201007/taking-back-dns-0

-- 
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawgster(at)gmail.com
 ferg's tech blog: http://fergdawg.blogspot.com/
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg