On May 30, 2011, at 11:09 PM, Lorenzo Colitti wrote:
On Mon, May 30, 2011 at 8:48 AM, Gert Doering <gert(_at_)space(_dot_)net>
wrote:
I have no idea what a "v6 DNS ACL" should be, except maybe an ACL that
protects which IPv6 clients are allowed to talk to a DNS server.
ACL is the wrong term. Saying it's an ACL makes it easy to make the argument
that whoever is implementing this is denying access to a particular resource
(the AAAA record).
In fact, the opposite is true - by electing not to return an AAAA record, the
implementer is able to allow access to a particular resource (the content
that the user wants to reach) instead of publishing the resource over IPv6
where some users can't usefully reach it.
Which is of course, the root of the problem here. It is the reason why many
large website operators have either implemented whitelisting (Google,
Facebook) or have announced that they will be implementing whitelisting
(Yahoo, Akamai). And it is the reason why said website operators are not
contributing to this document.
But you've contributed to this document, so have others from that list.
_______________________________________________
v6ops mailing list
v6ops(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/v6ops
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf