On Tue, 9 Sep 2008, Ron Bonica wrote:
> > Your assertion that false statements, contrived attacks, discredited
> > sources, and lack of evidence of harm, are somehow not legitimate
> > reasons to dispute a document is also without basis, and indeed is
> > refuted by IESG actions in TLS-AUTHZ.
>
> I stand by my previous statement. This is a technical argument and not
> an argument about the moral status of any group or individual.
We agree! Well, probably not: I haven't made any argument based on the
moral status of any individual. The existance of false statements,
contrived attacks, discredited sources, and lack of evidence of harm,
are technical issues concerning the actual state of the world. They are
not moral issues; I offer no moral judgements.
> > The fabrications made for this document amount to fraud on the public.
>
> Be careful about this kind of statement. In any interesting technical
> discussion, we all run the risk of being wrong. I'm wrong sometimes and
> I am sure that you are wrong sometimes, too.
>
> When you make this kind of statement and you end up being wrong, you
> have committed a grave offense!
I've studied the law on the subject of defamation in detail. Truth is
an absolute defense.
> > It appears that proponents of this document are _encouraging_
> > exploitation of open recursors in the Rapid Enumeration Tool. (see
> > www.dnssec.net/software) The 'recursors-are-evil' document is just
> > a fraudulent scheme to sell DNSSEC software.
>
> You can't have it both ways. On one hand, you are saying that the
> vulnerability isn't significant because it is easily mitigated and on
> the other hand you are complaining about those bad guys who aren't
> keeping it low enough profile. If it's so easy to mitigate, why do you
> care whether knowledge of the vulnerability goes public?
Actually, its you who are trying to have it both ways. Proponents claim
that the attack is a real threat, but in fact, they are encouraging
people to conduct the attack. Lawyers call that "solicitation". The
"attacks" using open recursors are contrived, SOLICITED, by the people
advocating the closure of open recursors, and SELLING DNSSEC software.
My position is consistent: Even though proponents are soliciting the
attacks, the attacks are still easily mitigated, and in fact do not
represent a real threat that requires special handling.
--Dean
--
Av8 Internet Prepared to pay a premium for better service?
www.av8.net faster, more reliable, better service
617 344 9000
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
