Javascript disabled? Like other modern websites, the IETF Datatracker relies on Javascript. Please enable Javascript for full functionality.

Overview of Best Email DNS-Based List (DNSBL) Operational Practices
draft-irtf-asrg-bcp-blacklists-10

Yes

(Jari Arkko)

(Pete Resnick)

(Robert Sparks)

(Ron Bonica)

No Objection

(Adrian Farrel)

(Dan Romascanu)

(Gonzalo Camarillo)

(Peter Saint-Andre)

(Russ Housley)

(Stephen Farrell)

(Stewart Bryant)

(Wesley Eddy)

Note: This ballot was opened for revision 10 and is now closed.

Jari Arkko Former IESG member

Yes

Yes () Unknown

Pete Resnick Former IESG member

Yes

Yes () Unknown

Robert Sparks Former IESG member

Yes

Yes () Unknown

Ron Bonica Former IESG member

Yes

Yes () Unknown

Adrian Farrel Former IESG member

No Objection

No Objection (2011-09-22) Unknown

I was surprised that this document did not seek to make any disclaimer wrt the legality of applying blacklists beyond the scope of entirely private systems. I would not want the IRTF to appear to condone practices that may be of dubious legality in some jurasditctions.

Dan Romascanu Former IESG member

No Objection

No Objection (2011-09-22) Unknown

I support Russ's DISCUSS.

Gonzalo Camarillo Former IESG member

No Objection

No Objection () Unknown

Peter Saint-Andre Former IESG member

No Objection

No Objection (2011-09-21) Unknown

Overall I think this is a helpful set of guidelines. Herewith a few comments.

1. I concur with the DISCUSS from Russ Housley. Note that Sections 1.2 
and 3.6.1 include the term "BCP".

2. The abstract states:

   This document is a product of the Anti-Spam Research Group and
   represents the consensus of that group.

Section 1.4 states:

   NOTE:  This document is a product of the Anti-Spam Research Group
      (ASRG) of the IRTF.  As per section 3 of [RFC2014] IRTF groups do
      not require consensus to publish documents.  Therefore readers
      should be aware that this document does not necessarily represent
      the consensus of the entire ASRG.

Those two statements appear to be in conflict.

3. With regard to DoS attacks, consider adding a reference to RFC 4732.

4. The security considerations seem a bit thin to me given that DNSBLs 
are used in ways different from "normal" DNS servers (e.g., RFC 3833 talks
about denial of service attacks on DNS servers, but not malicious use of
DNS-based services to poison the behavior of email servers and the like).

5. Please expand relevant acronyms on first use and provide appropriate 
citations (e.g., "IRC").

Russ Housley Former IESG member

(was Discuss) No Objection

No Objection () Unknown

Stephen Farrell Former IESG member

No Objection

No Objection (2011-09-22) Unknown

I agree with the other discusses to date

Stewart Bryant Former IESG member

No Objection

No Objection () Unknown

Wesley Eddy Former IESG member

No Objection

No Objection () Unknown

Overview of Best Email DNS-Based List (DNSBL) Operational Practices draft-irtf-asrg-bcp-blacklists-10

Overview of Best Email DNS-Based List (DNSBL) Operational Practices
draft-irtf-asrg-bcp-blacklists-10