On Tue, 20 Dec 2016 01:23:10 -0500
"Allan Liska" wrote:
> On 12/20/2016 at 12:31 AM, "ac" wrote:
> > If you wish to consider a physical analog, there may be a general
> > principle that one should not interfere with postal mail, but this
> is challeged by the existence of the unabomber or the ant
On Tue, 20 Dec 2016 06:12:42 +
Evan Hunt wrote:
> On Tue, Dec 20, 2016 at 07:30:43AM +0200, ac wrote:
> > You are quite correct, but the minute you answer questions for other
> > people the entire situation changes.
> Not if they've contracted with me to answer their questions in a way
> that
On 12/20/2016 at 12:31 AM, "ac" wrote:
> If you wish to consider a physical analog, there may be a general
> principle that one should not interfere with postal mail, but this
is
> challeged by the existence of the unabomber or the anthrax attacks.
>
In your example, you still require a court or
On Tue, Dec 20, 2016 at 07:30:43AM +0200, ac wrote:
> You are quite correct, but the minute you answer questions for other
> people the entire situation changes.
Not if they've contracted with me to answer their questions in a way
that protects them from malware, it doesn't.
> To rip the dam fro
On Tue, 20 Dec 2016 04:56:06 +
Evan Hunt wrote:
> On Tue, Dec 20, 2016 at 06:42:02AM +0200, ac wrote:
> > the reason why there is an ethical difference between Domain Names
> > and IP resources starts with the fact that domain names are other
> > people's actual intellectual (legal) property.
adding complexity in the middle of any system increases the size of an
attack surface. true for SMTP, Firewalls, and DNS. This draft formalizes
adding massive complexity throughout the DNS without a clear or crisp way
to debug and correct problems, particularly since resolution issues will
emerg
On Tue, Dec 20, 2016 at 06:42:02AM +0200, ac wrote:
> the reason why there is an ethical difference between Domain Names and
> IP resources starts with the fact that domain names are other people's
> actual intellectual (legal) property. There is also all the other
> considerations, for example DNS
In advance, I do apologize for me taking additional bandwidth
I received many interesting off list emails, many did not understand
why ethics regarding IP was different from that of names. I incorrectly
assumed that everyone simply knew that there are differences.
This may also be a basic consi
A new meeting session request has just been submitted by Tim Wicinski, a Chair
of the dnsop working group.
-
Working Group Name: Domain Name System Operations
Area Name: Operations and Management Area
Session Requester: Tim Wicinski
Numb
] From: Scott Schmit wrote:
] But it looks like the contents of this zone are intended to be kept
] secret from end-users.
Depending on one's view of end users, that notion conflicts with
the final paragraph of section 6 on page 18:
If a policy rule matches and results in a modified answer, t
I cannot reply to you, off list, as your email is broken. So, for the list, my
reply:
On Mon, 19 Dec 2016 11:34:16 +
Jim Reid wrote:
> > On 19 Dec 2016, at 09:50, ac wrote:
> > you are answering for something that has implied trust and that you
> > do not necessarily own or have any rights
On Mon, 19 Dec 2016 10:59:57 +
Tony Finch wrote:
> ac wrote:
> > To legitimize the telling of lies and to define protocols that hides
> > the truth from users, (deception) for whatever reason, is wrong.
> I agree.
> That is why, if you are deploying RPZ, you should do so in an ethical
> manne
> To be clear and to boil it down: This draft publishes a method to supply
> different answers to different users and to hide the truth of those lies to
> the same users.
So do for instance BIND views.
> Unless a registry, court or resource owner authorizes this, it is
> lying, cheating, "fraudy
Scott Schmit wrote:
>
> If the admin's goal is to block access to malicious sites, then they
> want to block the traffic, not falsify DNS. If the goal is to warn
> users away from bad places, they can publish the list as a filter for
> end-system firewalls.
Blocking traffic at a lower level is t
ac wrote:
>
> To legitimize the telling of lies and to define protocols that hides
> the truth from users, (deception) for whatever reason, is wrong.
I agree.
That is why, if you are deploying RPZ, you should do so in an ethical
manner. When someone connects to your network, you have an AUP or
s
On Mon, 19 Dec 2016 10:59:31 +0100
bert hubert wrote:
> On Mon, Dec 19, 2016 at 11:50:02AM +0200, ac wrote:
> Maybe the internet was a mistake then. But I don't think we'll
> convince you.
> Huge segments of the internet do think this is a good idea. And like
> other standards, this could be used
Moin!
On 19 Dec 2016, at 8:28, ac wrote:
On Mon, 19 Dec 2016 07:53:42 +0100
"Ralf Weber" wrote:
So if this is the IP of a phishing site or the IP of an command and
control host that tells its bot to execute criminal action you still
valid the accuracy of the answer higher then possible damage
On Mon, Dec 19, 2016 at 11:50:02AM +0200, ac wrote:
> > So please realise this is something that people need. Best that they
> > do it in a standardized fashion.
> >
>
> people also need tools to send out bulk emails. maybe bots. should we
> start RFC's for that?
We did in fact. All those things
On Mon, 19 Dec 2016 10:38:46 +0100
bert hubert wrote:
> On Mon, Dec 19, 2016 at 11:24:33AM +0200, ac wrote:
> > when there is an RFC that describers how to lie and then adds
> > deception, this is no longer something to negotiate or to discuss
> > much.
>
> By this token any firewall is censorshi
> On 19 Dec 2016, at 09:38, bert hubert wrote:
>
> So please realise this is something that people need. Best that they do it
> in a standardized fashion.
Indeed. And nobody’s putting a gun to Andre’s head to force him to “tell lies”
with RPZ (or whatever).
___
On Mon, Dec 19, 2016 at 11:24:33AM +0200, ac wrote:
> when there is an RFC that describers how to lie and then adds
> deception, this is no longer something to negotiate or to discuss much.
By this token any firewall is censorship and lies. Yet we still use them.
We have also documented ways to d
On Mon, 19 Dec 2016 10:11:11 +0100 (CET)
sth...@nethelp.no wrote:
> > The law does not say : send "Pirate Bay" to "example.com" to deceive
> > your users! it may instruct you to send coca-cola.org to
> > coca-cola.com
>
> The law instructs me to tell customers the lie that various Pirate Bay
> do
On Mon, Dec 19, 2016 at 09:09:42AM +, Evan Hunt wrote:
> On Mon, Dec 19, 2016 at 10:42:35AM +0200, ac wrote:
> > it still is never okay to lie and to deceive.
> > [...]
> > This is simply about ethics.
>
> I hereby, with full knowledge and prior consent, give my resolver (which
> I own) *perm
On Mon, Dec 19, 2016 at 10:42:35AM +0200, ac wrote:
> it still is never okay to lie and to deceive.
> [...]
> This is simply about ethics.
I hereby, with full knowledge and prior consent, give my resolver (which
I own) *permission* to falsely tell my browser (which I also own) that
malware domain
On Mon, 19 Dec 2016 09:16:28 +0100 (CET)
sth...@nethelp.no wrote:
> > > So if this is the IP of a phishing site or the IP of an command
> > > and control host that tells its bot to execute criminal action
> > > you still valid the accuracy of the answer higher then possible
> > > damage this could
On Mon, 19 Dec 2016 09:16:28 +0100 (CET)
sth...@nethelp.no wrote:
> > > So if this is the IP of a phishing site or the IP of an command
> > > and control host that tells its bot to execute criminal action
> > > you still valid the accuracy of the answer higher then possible
> > > damage this could
> > So if this is the IP of a phishing site or the IP of an command and
> > control host that tells its bot to execute criminal action you still
> > valid the accuracy of the answer higher then possible damage this
> > could do to your user?
> >
> yes.
>
> In your example, ethically, it is a pro
27 matches
Mail list logo