[Top] [All Lists]

Re: [Asrg] Development of an object assessment format/protocol

2013-03-04 11:00:07
On 3/4/13 4:46 PM, Martijn Grooten wrote:
e protocol? Or is it a
mere consequence of the fact that sources have different things they
are willing and able to share?

I think the idea is nice. Whether such a format is really needed I'm
not sure. I can see how having more information available makes for
better decisions, but I am worried the accuracy gained isn't worth
the performance lost.

As someone who's been thinking and experimenting on this for maybe the
last 3 or 4 years: yes (IMHO) the protocol would be useful.

IMHO (read this post like I had filled it with "IMHO" all over the
place), the reason why a similar protocol won't be a big performance
loss is that probably DNS cache in DNSBL-like lookups is not as useful
as most people would expect...

The problem why it's not been built so far is that those who are mostly
interested in such a protocol being available (data providers, as they
have data they could provide through it) rarely have the resources to
create something like that.

Partly because creating protocols is not their main job.

Partly because they would have to provide both server and client
implementation, otherwise nobody will be able to use their data.

Partly because - to be as smart as DNS- the client needs to be as
"complex" as DNS: redundacy, load-balancing, lowest-latency server
selection, etc.: all the logic has to go in the client, not in the
servers layout (like in "let's run anycast and forget about the
client"), for several reasons

Partly because, if the rest of the industry doesn't follow their lead,
the service will be unusable for most users and will simply never get

Partly because there're lots of issues about providing/looking_up data
with extreme granularity (privacy, exposure, etc), so these data
providers are not sure the service would be so useful, after all, and
they prefer to just provide the data in a raw format to those who are
smart enough to figure out on their own how to use them.

Perhaps you can come up with examples of where such a protocol would
be useful?

Straight to the point: abusive URLs on legit domains
. There's no (easy/effective) way to encode an entire URL in a DNS request.
At least, that's the reason why I've been thinking about this topic for
the last 4 years... :-\

Asrg mailing list