<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/xhtml; charset=utf-8">
</head>
<body>
<div style="font-family:sans-serif"><div style="white-space:normal"><p dir="auto">On 3 Jan 2017, at 2:30, ox wrote:</p>
<blockquote style="border-left:2px solid #136BCE; color:#136BCE; margin:0 0 5px; padding-left:5px"><p dir="auto">When it becomes a "STANDARD" (ACCEPTABLE) and nefarious behavior is<br>
suddenly "the way things work" - then this is of serious concern.</p>
</blockquote><p dir="auto">You seem to be assigning intent to a tool. A hammer in the hands of an artist can produce a beautiful form of art while the same hammer can be used to hurt someone. It's not the hammer's fault. Besides, RPZ is not a requirement to implement the "walled gardens" you're describing. The same thing can be achieved by other, simpler means.</p>
<blockquote style="border-left:2px solid #136BCE; color:#136BCE; margin:0 0 5px; padding-left:5px"><p dir="auto">My objections are easy: Defining a clear standard on how DNS tells lies<br>
to users, and different lies to different users, depending on which<br>
user is doing the asking, and then hiding the truth of your lies from<br>
your users, is EVIL!</p>
</blockquote><p dir="auto">If you find the "lying" unacceptable, then this is what should be targeted, not the tools that are being used -- which BTW have positive uses that IMO far outweighs the abuse you're describing. Consider this use case: RPZ can be used to prevent a set of known DNS names from resolving, stopping the spread of computer malware. Moreover, it can also be used to alert operators of infected machines that their computers have been compromised.</p>
<p dir="auto">I'm at least hesitant to describe any of those as lies. It's just a protocol exchange -- my machine asked for a name-to-IP map and received a suitable response, even one that actually fitted better with my current situation.</p>
<p dir="auto">Granted, this is not the only use case. I dislike walled gardens, which is why I take measures to avoid them -- yet I won't attack the underlying technology because as I said, has far more positive uses.</p>
<p dir="auto">Best regards</p>
<p dir="auto">-lem</p>
<br></div>
<p style="font-family: 'Proxima Nova', Helvetica, Arial, sans-serif; font-size: 12px; line-height: 12px; color: rgb(0, 0, 0);">
<span style="font-weight: bold; color: rgb(0, 0, 0); display: inline;" class="txt signature_name-input sig-hide">Luis Muñoz</span>
<span class="address-sep break" style="display: inline;"><br></span>
<span style="color: rgb(30, 30, 30); display: inline;" class="txt signature_jobtitle-input sig-hide">Director, Registry Operations</span><br>
<span style="color: rgb(130, 130, 130); display: inline;" class="txt signature_jobtitle-input sig-hide">____________________________</span>
</p>
<p style="font-family: 'Proxima Nova', Helvetica, Arial, sans-serif; font-size: 10px; line-height: 14px;">
<a href="http://www.uniregistry.com" class="clink sig-hide logo-container">
<img src="http://static.uniregistry.net/assets/img/ur-logo@2x.png" alt="Uniregistry" border="0" class="sig-logo" height="40" width="165" />
</a>
</p>
<p style="font-family: 'Proxima Nova', Helvetica, Arial, sans-serif; font-size: 11px; line-height: 14px;">
<span style="color: rgb(0, 0, 0); display: inline;" class="txt signature_address-input sig-hide">2161 San Joaquin Hills Road</span>
<span class="address-sep break" style="display: inline;"><br></span>
<span style="color: rgb(0, 0, 0); display: inline;" class="txt signature_address-input sig-hide">Newport Beach, CA 92660</span>
<span class="website-sep break" style="display: inline;"><br></span>
<span class="address-sep break" style="display: inline; line-height: 8px;"><br></span>
<span style="color: rgb(0, 0, 0); display: inline;" class="txt signature_officephone-input sig-hide">Office +1 949 706 2300 x 4242</span>
<span class="address-sep break" style="display: inline;"><br></span>
<span style="color: rgb(0, 0, 0); text-decoration: none; display: inline;" class="txt signature_officephone-input sig-hide">lem@uniregistry.link</span>
</p>
</div>
</body>
</html>