[ratelimits] I-D-ing rate limiting?
jay at nzrs.net.nz
Sun Apr 21 21:37:52 UTC 2013
On 19/04/2013, at 1:18 AM, Vernon Schryver <vjs at rhyolite.com> wrote:
>> From: =?iso-8859-1?Q?Patrik_Wallstr=F6m?= <pawal at blipp.com>
>> Isn't it a good idea then to document the three different implementations
>> and their differences, and then gather a set of requirements on DNS RRL?
> Documentation is good and I would like to see an RFC someday. However,
> a formal IETF requirement document would make sense only if this stuff
> depended on the let, leave, or hindrance of the IETF. This stuff is
> mostly about not putting bits on the wire, and so out of the practical
> reach of IETF WGs, IESG, IAB, etc. even if the IETF wanted to own it.
I agree. This is an implementation issue not a protocol issue. But there is a benefit to users of DNS servers knowing whether feature X on one implementation is identical, equivalent or similar to feature Y on another implementation. A role for a different standards body?
> Besides, the reflection DoS problem is too urgent to wait the years
> that IETF processes require.
> The important, relevant bits that are put on the wire are configuration
> file statements, as when a site with many DNS servers uses a
> configuration management system. Even if the IETF wanted to regulate
> DNS server configuration file syntax and even if it were not 30
> years too late for the IETF to take up named.conf syntax, that's
> simply not going to happen.
NSCP has been trying to achieve this for a while.
.nz Registry Services (New Zealand Domain Name Registry Limited)
desk: +64 4 931 6977
mobile: +64 21 678840
More information about the ratelimits