On Mon, May 30, 2011 at 8:48 AM, Gert Doering <gert(_at_)space(_dot_)net> wrote:
I have no idea what a "v6 DNS ACL" should be, except maybe an ACL that
protects which IPv6 clients are allowed to talk to a DNS server.
ACL is the wrong term. Saying it's an ACL makes it easy to make the argument
that whoever is implementing this is denying access to a particular resource
(the AAAA record).
In fact, the opposite is true - by electing not to return an AAAA record,
the implementer is able to allow access to a particular resource (the
content that the user wants to reach) instead of publishing the resource
over IPv6 where some users can't usefully reach it.
Which is of course, the root of the problem here. It is the reason why many
large website operators have either implemented whitelisting (Google,
Facebook) or have announced that they will be implementing whitelisting
(Yahoo, Akamai). And it is the reason why said website operators are not
contributing to this document.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf