On May 2, 2013, at 9:56 PM, Mark Andrews <marka(_at_)isc(_dot_)org> wrote:
How do we deal with sites?
How do we deal with vendors that ship such product?
I say we punch 'em.
Seriously, the IETF doesn't have an enforcement arm. It's up to buyers to
check to see that what they are buying is protocol compliant, and often they
either fail to even try, or don't really know how.
What you can do as a DNS vendor, if you want to beat up other vendors with
non-compliant products, is to produce a validation test suite and start
promoting it. Is there a vendor that does this now? If so, you could just
use theirs, assuming it's free. Start boasting in your advertising that your
product is standards compliant.
Now that you're done with that, get started on all the middleboxes that are
made by vendors who are not "DNS vendors".
The good news is that the ocean is warmer than it was even ten years ago, so
boiling it is somewhat less work than it used to be.