[Asrg] draft-irtf-asrg-bcp-blacklists draft updated.
Seth Breidbart
sethb at panix.com
Fri Jun 6 06:14:14 PDT 2008
On Fri, June 6, 2008 5:49 am, Ian Eiloart wrote:
> --On 5 June 2008 13:34:37 -0400 Chris Lewis <clewis at nortel.com> wrote:
>> John Levine wrote:
>>>> I'm not sure about this: "DNSBL providers SHOULD NOT be held
>>>> accountable in any way for the consequences of use of a DNSBL
>>>> applied in an un-intended way."
> Oh, well in these cases, the intent referred to is that of the user, not
> the provider! That's the opposite of what I assumed was required.
> It might be useful to try to think of situations in which you _would_ want
> the provider to be held accountable for a problem. I can only think of a
> few situations:
> (c) failing to adequately document the listing criteria,
What does that mean? Inaccuracy is one thing, but could you give an
example of listing criteria that are accurate but inadequate? I think "IP
addresses that annoy Seth" is a perfectly adequate listing criteria.
> (d) substantially changing the listing criteria (because there is no
> mechanism for alerting users - perhaps there should be) - instead, a new
> list should be created.
That's a form of inaccuracy. (How big a change is "substantially"?)
> Perhaps the wording should read "DNSBL providers SHOULD NOT be held
> accountable in any way for the consequences of use of a DNSBL, as long as
> the DNSBL meets the standards of this RFC". Or perhaps that's implicit.
"Responsibility for the consequences of the use of a DNSBL (or any other
configuration option) belongs to whoever decided to use that DNSBL (or
other option)." If someone chooses to use dnsbl.noprimes.org to block
mail, the responsibility is the chooser's.
Seth
More information about the Asrg
mailing list