[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Asrg] draft-irtf-asrg-bcp-blacklists draft updated.
Chris Lewis wrote:
> I've just uploaded and authenticated/verified:
>
> http://www.ietf.org/internet-drafts/draft-irtf-asrg-bcp-blacklists-03.txt
In addition to the NITs I listed in another message, I suggest making
the following changes for grammatical cleanliness.
Tony Hansen
tony at att.com
130,131c130,131
< different ways, far beyond the designers' of DNS or DNS-based
< blocking IP lists imaginings. For example, today, the same basic
---
> different ways, far beyond the imaginings of the designers of DNS
or DNS-based
> blocking IP lists. For example, today, the same basic
134c134
< DNSWL listings of well-behaving email source IP addresses
---
> DNSWL listings of well-behaving email source IP/domain addresses
150,152c150,152
< informational purposes. For example, implementations that return
< results based on what geographic region an IP is putatively allocated
< in, implementations that translate an IP address into a ASN number
---
> informational purposes. For example, there are implementations
that return
> results based on what geographic region an IP/domain is putatively
allocated
> in, implementations that translate an IP/domain address into a ASN
number
175c175
< some DNSBLs in some areas, these areas will be mentioned as
---
> some DNSBLs in some areas, which will be mentioned as
191c191
< sources situated at static (unchanging) IP addresses. Due to the
---
> sources situated at static (unchanging) IP/domain addresses. Due
to the
207c207
< what they are. It is the responsibility of the DNSBL user to ensure
---
> what the criteria are. It is the responsibility of the DNSBL user
to ensure
229c229
< queries. See [DNSBL-EMAIL].
---
> queries. (See [DNSBL-EMAIL].)
255c255
< such evaluations depend on mail mix used as well as local
---
> such evaluations depend on the mail mix used as well as local
312c312
< document are to be interpreted as described in RFC 2119 [RFC2119].
---
> document are to be interpreted as described in [RFC2119].
325c325
< (ASRG) of the IRTF. As per section 3 of RFC 2014 [RFC2014]IRTF
---
> (ASRG) of the IRTF. As per section 3 of [RFC2014] IRTF
352c352
< A DNSBL SHOULD carefully describe the criteria which are the cause
---
> A DNSBL SHOULD carefully describe the criteria that are the cause
369c369
< relays only MUST NOT include IP addresses for any other reason. This
---
> relays MUST NOT include IP addresses for any other reason. This
384c384
< available (or shutdown). See Section 3.1.
---
> available (or shut down). See Section 3.1.
413c413
< making audit trail data public does not entail revealing all
---
> making an audit trail data public does not entail revealing all
428c428
< Examples: Some DNSBLs will IP ranges if there is reason to believe
---
> Examples: Some DNSBLs will list IP ranges if there is reason to
believe
441c441
< perfect, and that occasional mistake is inevitable no matter what is
---
> perfect, and that an occasional mistake is inevitable no matter
what is
455c455
< diligent administrator needs information about the these policies in
---
> diligent administrator needs information about these policies in
487c487
< need not ever get removed, just kept reasonably current.
---
> need not ever be removed, just kept reasonably current.
491c491
< long expiration intervals or only be removed on request after
---
> long expiration intervals or only be removed upon request after
515c515
< what the expiration policy is, even if its only "delist on request"
---
> their expiration policy is, even if it's only "delist on request"
547c547
< methods with low false positive rate as practical SHOULD be chosen.
---
> methods with as low of a false positive rate as practical SHOULD
be chosen.
555c555
< representative or domain owner) may make valid removal requests,
---
> representative or domain owner) may make valid removal requests.
564,565c564,565
< however, in many DNSBLs this is inadvisable because it requires
< impractical amounts of effort and hence NOT RECOMMENDED in most
---
> However, in many DNSBLs this is inadvisable because it requires
> impractical amounts of effort and hence is NOT RECOMMENDED in most
573,574c573,574
< listed IP address removed immediately, it does not prevent the DNSBL
< operator from re-listing the IP address at a later time.
---
> listed IP/domain address removed immediately, it does not prevent
the DNSBL
> operator from re-listing the IP/domain address at a later time.
592c592
< DNSBL operators and organizations whose IP addresses have been
---
> DNSBL operators and organizations whose IP/domain addresses have been
599c599
< relationship to the factors which were the cause of the addition to
---
> relationship to the factors that were the cause of the addition to
666c666
< Most IP-based DNSBLs follow a convention of entries for IPs in
---
> Most IP-based DNSBLs follow a convention of query entries for IPs in
678,679c678,679
< that the IP is listed. This appears to be a defacto standard. See
< [DNSBL-EMAIL]
---
> that the IP/domain is listed. This appears to be a defacto
standard. See
> [DNSBL-EMAIL].
698c698
< because it is generally prohibited in hostnames, and are highly
---
> because they are generally prohibited in hostnames, and are highly
732c732
< servers for the DNSBL. Popular DNSBLs are in use by tens of
---
> servers for the DNSBL. Popular DNSBLs are used by tens of
760c760
< inflicting a DDOS.
---
> inflicting a DDOS attack.
762c762
< 5. The base domain name SHOULD be registered indefinately, so as to
---
> 5. The base domain name SHOULD be registered indefinitely, so as to
768c768
< servers for the DNSBL to point at "TEST-NET" addresses (see RFC3330
---
> servers for the DNSBL to point at "TEST-NET" addresses (see
802,803c802,803
< Assumes DNSBL is named "dnsbl.example.com". Replace "example.com"
< and "dnsbl.example.com" as appropriate for the DNSBL
---
> This example assumes that the DNSBL is named "dnsbl.example.com".
Replace "example.com"
> and "dnsbl.example.com" as appropriate for the DNSBL.
810c810
< The DNSBL MAY list loopback, RFC 1918 [RFC1918], LINK-LOCAL class
---
> The DNSBL MAY list loopback, [RFC1918], LINK-LOCAL class
814c814
< As additional insurance against listings of space that should not be
---
> As additional insurance against listings of space that should not
be listed,
831c831
< This practise (scanning for vulnerabilities) can represent a risk in
---
> The practise of scanning for vulnerabilities can represent a risk in
867c867
< targetting conditions are no longer met.
---
> targetting conditions no longer being met.
886c886
< systems improperly for DNSBL queries. The consequences of error can
---
> systems improperly for DNSBL queries. The consequences of an
error can
906c906
< or 4.3.2.1.dnsbl.exmple.cm instead of 4.3.2.1.dnsbl.example.com)
---
> or 4.3.2.1.dnsbl.exmple.cm instead of 4.3.2.1.dnsbl.example.com).
910c910
< continuing to query public nameservers
---
> continuing to query the public nameservers.
917c917
< thus heavily increasing load on public nameservers
---
> thus heavily increasing load on the public nameservers.
922c922
< 6. Using the DNSBL incorrectly. e.g. Some DNSBLs are suitable only
---
> 6. Using the DNSBL incorrectly. E.g. some DNSBLs are suitable only
926,927c926,927
< While in many cases, it can be difficult detect such situations, to
< protect against such misconfiguration, it is RECOMMENDED that DNSBL
---
> While in many cases it can be difficult to detect such situations, to
> protect against such misconfiguration it is RECOMMENDED that DNSBL
964c964
< outlined in RFC 3833 [RFC3833]
---
> outlined in [RFC3833].
_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www.ietf.org/mailman/listinfo/asrg