On Tue, May 31, 2011 at 6:17 AM, Livingood, Jason
jason_living...@cable.comcast.com wrote:
While you have not contributed text per se (by sending it directly), I
try to be a good listener and items you and other Googlers have raised have
been included in the document around motivations and
On May 30, 2011, at 11:09 PM, Lorenzo Colitti wrote:
On Mon, May 30, 2011 at 8:48 AM, Gert Doering g...@space.net wrote:
I have no idea what a v6 DNS ACL should be, except maybe an ACL that
protects which IPv6 clients are allowed to talk to a DNS server.
ACL is the wrong term. Saying it's
On May 30, 2011, at 11:48 PM, Lorenzo Colitti wrote:
On Mon, May 30, 2011 at 11:20 PM, Joel Jaeggli joe...@bogus.com wrote:
But you've contributed to this document, so have others from that list.
I don't want to contribute to the document because - in my opinion, and
speaking only for
On 5/31/11 2:48 AM, Lorenzo Colitti
lore...@google.commailto:lore...@google.com wrote:
On Mon, May 30, 2011 at 11:20 PM, Joel Jaeggli
joe...@bogus.commailto:joe...@bogus.com wrote:
But you've contributed to this document, so have others from that list.
I don't want to contribute to the
Hi,
On Mon, May 30, 2011 at 08:34:21AM -0700, Dave CROCKER wrote:
ACL or V6 DNS ACL or V6 resolver ACL now seem to me quite good
labels. They provide useful, direct and precise meaning, while avoiding the
various referential and denotational problems of a loaded term like whitelist.
I
On Mon, May 30, 2011 at 8:48 AM, Gert Doering g...@space.net wrote:
I have no idea what a v6 DNS ACL should be, except maybe an ACL that
protects which IPv6 clients are allowed to talk to a DNS server.
ACL is the wrong term. Saying it's an ACL makes it easy to make the argument
that whoever
On Mon, May 30, 2011 at 11:20 PM, Joel Jaeggli joe...@bogus.com wrote:
But you've contributed to this document, so have others from that list.
I don't want to contribute to the document because - in my opinion, and
speaking only for myself - I don't think it can be made into a balanced
Gert Doering g...@space.net wrote:
Whitelisting, on the other hand, is the term that Google introduced for
this kind of thing and people seem to clearly understand what this
is about. You are on my white list of people that I like talking to!.
I think it's OK to refer to it as whitelisting.
On 5/31/11 12:00 PM, Tony Finch d...@dotat.atmailto:d...@dotat.at wrote:
Speaking of confusing, the first sentence of the abstract and introduction
in the current revision of the draft is an abomination that should be
taken out and shot.
[JL] Great feedback – I just did it. Here's the updated
Dave - Thanks for the additional feedback. Any changes noted below will be made
soon in a -06 update. See inline comments.
Regards
Jason
On 5/30/11 11:34 AM, Dave CROCKER
d...@dcrocker.netmailto:d...@dcrocker.net wrote:
(I see that you've posted -05. This response is for completeness.)
On
(I see that you've posted -05. This response is for completeness.)
On 5/29/2011 7:54 PM, Livingood, Jason wrote:
[JL] Duly noted in my previous emails. I'm keeping the naming as an open issue
in the –04 and will be seeking WG and WG co-chair guidance one way or the other.
One of the reasons
Thank you for your thorough review, Dave. Changes will be made in an upcoming
–04 revision. Some more specific comments can be found inline below.
Thanks!
JL
PS – I have at least one other email from you in my queue for this I-D – I've
not forgotten about it. :-)
On 4/29/11 7:32 PM, Dave
Hi John - Thanks for the detailed review. I'm planning a -04 update soon, FWIW.
Specific responses inline below.
Thx,
Jason
On 5/2/11 7:44 PM, John Leslie j...@jlc.netmailto:j...@jlc.net wrote:
Livingood, Jason
jason_living...@cable.comcast.commailto:jason_living...@cable.comcast.com
wrote:
Hi – Thanks for the feedback and see a few selected responses inline below. A
–04 update is coming soon.
Thanks
JL
On 5/3/11 4:43 AM, SM s...@resistor.netmailto:s...@resistor.net wrote:
Hi Jason,
At 11:48 02-05-2011, Livingood, Jason wrote:
In any of the various IPv6 fora (including v6ops at
On Tue, May 17, 2011 at 05:45:54AM +0200, Fred Baker wrote:
Personally, I think this discussion is getting a little strange. It
reminds me of a rabbi's discussion of what constitutes work and
therefore may not be done on the sabbath.
I agree. Next thing you know, they'll be telling us that
Scott Schmit i.g...@comcast.net wrote:
Personally, I don't have this problem. I've always understood whitelists
and blacklists to be generic problem-solving tools that happen to be
applied to the spam filtering problem. I'm confident that people who
didn't before will quickly adjust to the
On May 16, 2011 11:41 PM, sth...@nethelp.no wrote:
How much longer does this list need to be to justify choosing better
labels for this v6 dual-stack transition hack?
returning different sets of resource records on the basis of the orgin
of a query ala split horizon is not exactly new
How much longer does this list need to be to justify choosing better labels
for this v6 dual-stack transition hack?
returning different sets of resource records on the basis of the orgin of a
query ala split horizon is not exactly new ground.
By my observation, what is being done,
On 5/17/2011 8:27 AM, Cameron Byrne wrote:
On May 16, 2011 11:41 PM, sth...@nethelp.no mailto:sth...@nethelp.no
wrote:
How much longer does this list need to be to justify choosing
better labels for this v6 dual-stack transition hack?
returning different sets of resource records
Joe Touch wrote:
On 5/17/2011 8:27 AM, Cameron Byrne wrote:
On May 16, 2011 11:41 PM, sth...@nethelp.no mailto:sth...@nethelp.no
wrote:
How much longer does this list need to be to justify choosing
better labels for this v6 dual-stack transition hack?
returning different sets of
Dave CROCKER wrote:
On 5/16/2011 6:44 PM, Joel Jaeggli wrote:
Will we be revising dkim rfc 4871 to explictly define whitelist as dns
name based whitelist thereby replacing the existing two usages of the term
(which involve explicitly allowing delivery on the basis of orign), or was
the
On May 11, 2011, at 5:25 PM, Joe Touch wrote:
Hi, all,
Although this is a minor point, it's also easy to address:
On 5/4/2011 4:56 PM, Doug Barton wrote:
...
Meanwhile, the discussion about whether or not to call this
whitelisting is pointless. The term is already well-established.
On 5/16/2011 5:27 PM, Joel Jaeggli wrote:
For the terms in this doc, alternatives that do not require explanation
(and aren't potentially racially charged) include permit list and deny
list.
the blacklist originates with charles the 2nd. it has no racial connotations
in that context.
see
On May 16, 2011, at 2:37 PM, Dave CROCKER wrote:
On 5/16/2011 5:27 PM, Joel Jaeggli wrote:
For the terms in this doc, alternatives that do not require explanation
(and aren't potentially racially charged) include permit list and deny
list.
the blacklist originates with charles the
On 2011-05-11, at 20:25, Joe Touch wrote:
FWIW, the Los Angeles County banned the terms in 2003 when used for various
purposes - including technology, preferring primary and secondary, in
specific. The terms don't even appear in the ATA spec after version 1.
I believe that story may be
On 5/16/2011 6:08 PM, Joel Jaeggli wrote:
On May 16, 2011, at 2:37 PM, Dave CROCKER wrote:
1. Changing times often call for changed vocabulary.
which is fine, the rational stated is false to fact.
But you do not seem to be refuting the point /I/ am making, which that the fact
that the
Hi Dave,
I take no position on whether it's in good taste to use the word whitelist in
this particular instance or in general, but
On 2011-05-16, at 18:21, Dave CROCKER wrote:
1. It is not previously standardized and I believe it is not documented in an
RFC.
the term appears to have some
On 5/16/2011 6:28 PM, Joe Abley wrote:
Hi Dave,
I take no position on whether it's in good taste to use the word whitelist in
this particular instance or in general, but
On 2011-05-16, at 18:21, Dave CROCKER wrote:
1. It is not previously standardized and I believe it is not documented in
On 2011-05-16, at 18:33, Dave CROCKER wrote:
2. It is typically a split-DNS private/public mechanism.
No.
No doubt you can point to IETF documentation or other related, formal
documentation of this?
No, and I'm not sure why that's relevant. There's no shortage of examples of
addresses
On May 16, 2011, at 3:21 PM, Dave CROCKER wrote:
1. It is not previously standardized and I believe it is not documented in an
RFC.
2. It is typically a split-DNS private/public mechanism.
The draft is quite clear about exploring this topic in order to pursue common
behaviors.
On 5/16/2011 6:44 PM, Joel Jaeggli wrote:
By my observation, what is being done, satisfactorily meets the dictionary
definition of a whitelist. the term was uncontroversial in the dicussion
The working group is what statistical research methodology calls a biased
sample...
Will we be
At 15:44 16-05-2011, Joel Jaeggli wrote:
Will we be revising dkim rfc 4871 to explictly define whitelist as
dns name based whitelist thereby replacing the existing two usages
of the term (which involve explicitly allowing delivery on the basis
of orign), or was the term appraise in 2009 but
On 5/16/2011 8:34 PM, SM wrote:
Maybe this could be called DNS Seal Team 6.
Well, apparently that would be /actual/ trademark infringement, with Disney.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
___
Ietf mailing list
On May 17, 2011, at 12:49 AM, Dave CROCKER wrote:
On 5/16/2011 6:44 PM, Joel Jaeggli wrote:
By my observation, what is being done, satisfactorily meets the dictionary
definition of a whitelist. the term was uncontroversial in the dicussion
The working group is what statistical research
Hi, all,
Although this is a minor point, it's also easy to address:
On 5/4/2011 4:56 PM, Doug Barton wrote:
...
Meanwhile, the discussion about whether or not to call this
whitelisting is pointless. The term is already well-established.
That's true, but equally true that the terms for disk
Hi Doug,
At 16:56 04-05-2011, Doug Barton wrote:
Blessed is rather strong. There are a non-zero number of people in
both groups (of which I am one) who don't like the draft, and don't
agree that documenting bad ideas is its own virtue.
If I have to go by the document shepherd write-up, only
On 05/03/2011 01:43, SM wrote:
I am stupid but I am not that stupid to go and argue about a draft that
has been blessed by DNSOP and v6ops.
Blessed is rather strong. There are a non-zero number of people in
both groups (of which I am one) who don't like the draft, and don't
agree that
Hi Jason,
At 11:48 02-05-2011, Livingood, Jason wrote:
In any of the various IPv6 fora (including v6ops at the IETF) DNS
Whitelisting is how this practice is typically labeled. When writing the
draft I felt this could be confusing outside of IPv6 circles and so
lengthened it to IPv6 DNS
I'm having a hard time thinking of adequate alternatives terms (but
this purely a personal failing, I'm sure). Recommendations for other
words?
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf
Of
Livingood, Jason
Sent: Monday, May 02, 2011 11:55 AM
To: John Leslie; Richard L. Barnes; Dave CROCKER
Cc: v6...@ietf.org; IETF Discussion
Subject: Re: [v6ops] Review of:
draft-ietf-v6ops-v6--whitelisting-implications-03
As I read it, this says that certain DNS servers will be configured
On 3 May 2011 04:48, Livingood, Jason jason_living...@cable.comcast.comwrote:
In any of the various IPv6 fora (including v6ops at the IETF) DNS
Whitelisting is how this practice is typically labeled. When writing the
draft I felt this could be confusing outside of IPv6 circles and so
On May 2, 2011, at 08:28 , Erik Kline wrote:
I'm having a hard time thinking of adequate alternatives terms (but this
purely a personal failing, I'm sure). Recommendations for other words?
The word enclave springs to mind. We are talking about the use of DNS
enclaves for serving
Hi Dave,
At 16:32 29-04-2011, Dave CROCKER wrote:
Review:
Title: IPv6 DNS Whitelisting Implications
I-D:draft-ietf-v6ops-v6--whitelisting-implications-03
I have this document on the list of assignments to be made. I
generally avoid doing a review of a document on which I have
I disagree that whitelisting is a reserved trademark of the anti-abuse
community. It's a general term for a list of things that are granted
something. Likewise with blacklist and deny. Which means it's perfectly
appropriate for this document.
http://en.wikipedia.org/wiki/Whitelist
On Apr
On 5/2/2011 7:32 AM, Richard L. Barnes wrote:
I disagree that whitelisting is a reserved trademark of the anti-abuse community. It's a general
term for a list of things that are granted something. Likewise with blacklist and
deny. Which means it's perfectly appropriate for this document.
Search on whitelist ipv6. Results are topical. What's the conflict here?
On May 2, 2011, at 5:01 PM, Dave CROCKER wrote:
On 5/2/2011 7:32 AM, Richard L. Barnes wrote:
I disagree that whitelisting is a reserved trademark of the anti-abuse
community. It's a general term for a list of
Richard,
Oh, right. Sorry, I thought the reference to had to do with the DNS.
Clearly, since it will only be used in the context of v6, it won't cause any
confusion.
My own having mistaken the title of the document as being the longstanding use
of the term for DNS Whitelisting of
Richard L. Barnes rbar...@bbn.com wrote:
Search on whitelist ipv6. Results are topical.
Indeed, folks are talking about ipv6 whitelist right now; and I
guess they're referring to the same thing this I-D discusses...
What's the conflict here?
What does ipv6 whitelist mean to the
In any of the various IPv6 fora (including v6ops at the IETF) DNS
Whitelisting is how this practice is typically labeled. When writing the
draft I felt this could be confusing outside of IPv6 circles and so
lengthened it to IPv6 DNS Whitelisting in the title.
In any case, I don't like what
As I read it, this says that certain DNS servers will be configured
to _not_ return records to queries by default.
This strikes me as a really-strange transition mechanism.
Depends on a number of factors for a content provider. The more traffic a
domain receives the more likely
On Mon, May 02, 2011 at 01:08:38PM -0400, John Leslie wrote:
As I read it, this says that certain DNS servers will be configured
to _not_ return records to queries by default.
Yes, that's what the trick does.
This strikes me as a really-strange transition mechanism.
Indeed.
On May 2, 2011, at 12:12 PM, Andrew Sullivan wrote:
That this is a completely unscalable answer to the problem that a tiny
percentage of computers on the Internet are misconfigured is something
the people pushing this whitelisting acknowledge. They're going to
jump off that bridge when they
On Mon, May 02, 2011 at 12:23:54PM -0700, J.D. Falk wrote:
Perhaps the document could include the arguments for and against this
practice? That way, someone who is new to IPv6
deployment theory can quickly get up to speed.
On my reading, it does. Whether people unfamiliar with the
Perhaps the document could include the arguments for and against this
practice? That way, someone who is new to IPv6
deployment theory can quickly get up to speed.
I'm very much in favor of documents which say don't do this -- but if
you have to, here's how. But they have to include enough
Livingood, Jason jason_living...@cable.comcast.com wrote:
To: John Leslie j...@jlc.net...
As I read it, this says that certain DNS servers will be configured
to _not_ return records to queries by default.
This strikes me as a really-strange transition mechanism.
Depends on a
Review:
Title: IPv6 DNS Whitelisting Implications
I-D:draft-ietf-v6ops-v6--whitelisting-implications-03
By: D. Crocker dcroc...@bbiw.net
Date: 29 April 2011
Summary:
This draft is a discussion of a technique for resolving a dual-stack problem
between IPv4 and IPv6,
56 matches
Mail list logo
