On Thu, 5 Jan 2017 11:43:33 +0100 Thomas Mechtersheimer <thomasm@wupper.com> wrote:
On Thu, Jan 05, 2017 at 12:04:19PM +0200, ox wrote:
[...] But, you neglected to add - That is is not socially acceptable to define protocols for defrauding people, to tell lies, commit deception,
Who defines waht is socially acceptable?
Great point :) Society defines its own ethics, morals and values. For example it would be perfectly acceptable to eat other people if we were cannibals :) In modern societies, from African, to Eastern, To American, European, etc. I would argue that there are certain "baselines" For example, it is not acceptable to eat people, as it is also not acceptable to defraud and tell lies. Or do you not agree?
btw: most phishing pages use HTTP; HTTP is used for fraud and lies (probably more than RPZ will ever be...); but no one objects the use of HTTP as a protocol -- as the protocol by itself has no moral "value"; it's only the use of a protocol for fraud which is not acceptable.
Yes, and the but... Nowhere is there a protocol or defined method in RFC about http's that promotes deception and lies... So, it is not about the technology existing - as was recently pointed out, technology in itself cannot be unethical... It is about the publication of a process that is unethical and if leaved unopposed will, in all probability, lead to a "standard"
[...] Heck, if you are honest, and from the responses in this thread, it is already "best practise" and quite acceptable to use/apply RPZ - as apparently "many" are doing this and has been doing it for years.
Yes; mangling of DNS responses has been done for years; RPZ only defines a standard for this procedure (which is better than having many non-standard ways).
same as above
[...] That RPZ is DNS abuse, in itself, it is an abuse to Internet Society and it serves to promote Crime.
This is your point of view. Could you provide some evidence where RPZ promotes crime etc. (more than it helps preventing it)? Repeating "RPZ is Evil" again and again doesn't convice me, but as you said: we're in a post-truth world...
I did post an exact example, but here it is again: The clear objective issue with RPZ is that it is unethical. Can you maybe help me to formulate this in a non emotive manner? What I have is examples of what RPZ facilitates: In truth Google.com is at a.a.a.a (or ipv6 eq) If user1 asks resolver the IP number for Google.com, the resolver can send false answer of x.x.x.x If user2 asks the same resolver where Google.com is, the resolver can supply false answer of y.y.y.y because user2 is doing the asking If user3 asks the same resolver where Google.com is, the same resolver can answer a.a.a.a In all the above examples where fake (or any) answers were supplied, the resolver also hides the truth of the fake answer, to the user. Andre