ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Balancing the Process (Was: Obsoleting SPF RRTYPE)

2013-05-02 21:48:40
from [Mark Andrews] [Permanent Link] 

In message 
<8D23D4052ABE7A4490E77B1A012B63077516DFAD(_at_)mbx-01(_dot_)win(_dot_)nominum(_dot_)com>,
 Ted Lemon writes:

On May 2, 2013, at 9:56 PM, Mark Andrews <marka(_at_)isc(_dot_)org> wrote:

How do we deal with sites?
How do we deal with vendors that ship such product?


I say we punch 'em.

Seriously, the IETF doesn't have an enforcement arm.   It's up to buyers
to check to see that what they are buying is protocol compliant, and
often they either fail to even try, or don't really know how.


When the literature says it is a DNS server how is the buyer to
know it isn't a complete DNS server?  And even if they know it is
not a complete DNS server would they know the impact of deploying
it?


What you can do as a DNS vendor, if you want to beat up other vendors
with non-compliant products, is to produce a validation test suite and
start promoting it.   Is there a vendor that does this now?   If so, you
could just use theirs, assuming it's free.   Start boasting in your
advertising that your product is standards compliant.


Which just adds more noise.  Now if a recognised standards body was
to do the tests then it might have some effect.

Should we be using RFC 1033's complaint's procedures?  How can
we get TLDs to do step 5 when steps 1 though 4 fail?

COMPLAINTS

   These are the suggested steps you should take if you are having
   problems that you believe are caused by someone else's name server:


   1.  Complain privately to the responsible person for the domain.  You
   can find their mailing address in the SOA record for the domain.

   2.  Complain publicly to the responsible person for the domain.

   3.  Ask the NIC for the administrative person responsible for the
   domain.  Complain.  You can also find domain contacts on the NIC in
   the file NETINFO:DOMAIN-CONTACTS.TXT

   4.  Complain to the parent domain authorities.

   5.  Ask the parent authorities to excommunicate the domain.



Now that you're done with that, get started on all the middleboxes that
are made by vendors who are not "DNS vendors".


Middle boxes are a little easier to deal with as they are usually at the
client end not the server end.
 

The good news is that the ocean is warmer than it was even ten years ago,
so boiling it is somewhat less work than it used to be.


-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka(_at_)isc(_dot_)org
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: call for ideas: tail-heavy IETF process, Jari Arkko
Next by Date:  Re: [spfbis] [dnsext] Obsoleting SPF RRTYPE, Randy Bush
Previous by Thread:  Re: Balancing the Process (Was: Obsoleting SPF RRTYPE), Ted Lemon
Next by Thread:  Re: [IETF] Re: Balancing the Process (Was: Obsoleting SPF RRTYPE), Warren Kumari
Indexes:  [Date] [Thread] [Top] [All Lists]