Re: Context specific semantics was Re: uncooperative DNSBLs, was several messages

[John Levine <johnl at iecc.com>]

>The whole approach here is "An A record in this zone has a meaning
>different from the meaning in other zones".  That creates a DNS
>context for the RRTYPE based on the zone of the query, which is not
>what the DNS currently uses for disambiguating the types of
>requests/responses.

Didn't that plan go out the window in 1996 with RFC 2052?

> Using a different RR type puts you back into the standard way of
> doing things.

Hypothetically speaking, I sort of agree with you.  But considering
that to a rough order of magnitude, all the MTAs on the net use DNSBLs
the way they work now, you'd expect the ground to be littered with
bodies if reusing A records caused actual damage.

The only damage I've seen, and I think the only damage anyone else has
seen, is when a speculator puts a wildcard on an abandoned DNSBL
domain.  That's why I documented the pair of test addresses, to defend
against that.  It's certainly a band-aid, but like real life band-aids
it does the job without making things worse and easily enough that
people are actually likely to do it.  What you're proposing is a skin
graft, which would be more elegant if it happened, but it won't.

Regards,
John Levine, johnl at iecc.com, Primary Perpetrator of "The Internet for Dummies",
Information Superhighwayman wanna-be, http://www.johnlevine.com, ex-Mayor
"More Wiener schnitzel, please", said Tom, revealingly.
_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www.ietf.org/mailman/listinfo/ietf