NCSG-DISCUSS Archives

NCSG-Discuss

NCSG-DISCUSS@LISTSERV.SYR.EDU
Options: Use Forum View

Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: RPZ & content control
From:
Niels ten Oever <[log in to unmask]>
Reply To:
Niels ten Oever <[log in to unmask]>
Date:
Tue, 11 Apr 2017 18:05:35 +0200
Content-Type:
text/plain
Parts/Attachments:
text/plain (88 lines) 
Hi Milton,

Great you're following this. I think the design of a system can have
some properties that makes is harder or easier to infringe on rights. To
make the analogy to spam: when I receive spam in my spamfolder, I can
still read it. Spam that is blocked, I cannot read.

With RPZ I think there is a risk that content get's blocked because
people don't like it, not because it's malware. And it does so without
the consent of the user, or even without informing them.

Why could the system not be designed similar to the warnings with TLS in
the browser so there would be a red screen: THE LINK YOU'RE FOLLOWING IS
PROBABLY MALWARE (only continue if you verified the source) ?

I think that might strike a better balance.

Cheers,

Niels



On 04/11/2017 05:43 PM, Mueller, Milton L wrote:
> Good for you for flagging this, Niels.
> 
> I've been watching Vixie and RPZ in connection with my research on Internet 'fragmentation' for  a couple of years. 
> For the most part, RPZ is proposed as a method that individual name server administrators can use to block domains that _they_ consider to be harmful. As such it is an expression of the flexibility and distributed control that the internet makes possible. It is a reputation-based method similar to the spam block lists (not technically, but in terms of the principle of an individual AS filtering). And like all technologies, it could be used in ways that rights advocates would not like, e.g. by governments as part of a more comprehensive censorship strategy. 
> 
> So it is best for us to keep an eye on it, but keep in mind that it is not the standard or technology per se that matters, but the purposes it is used for. 
> 
> Dr. Milton L Mueller
> Professor, School of Public Policy
> Georgia Institute of Technology
> Internet Governance Project 
> http://internetgovernance.org/ 
> 
> 
>> -----Original Message-----
>> From: NCSG-Discuss [mailto:[log in to unmask]] On Behalf
>> Of Niels ten Oever
>> Sent: Tuesday, April 11, 2017 8:50 AM
>> To: [log in to unmask]
>> Subject: RPZ & content control
>>
>> Hi all,
>>
>> Have you all followed the discussion around RPZ ? It is a (proposed)protocol
>> which allows for the blacklisting of certain addresses, reportedly to address
>> malware, but you can imagine how this could be used differently.
>>
>> https://tools.ietf.org/html/draft-ietf-dnsop-dns-rpz-00
>>
>> https://dnsrpz.info/
>>
>> http://www.circleid.com/posts/20100728_taking_back_the_dns/
>>
>> Is this a discussion that has also been held in ICANN, or is this a 'let's route
>> around ICANN'-kind of solution?
>>
>> Cheers,
>>
>> Niels
>>
>> PS Sorry if I have missed earlier discussions on this.
>>
>>
>>
>> --
>> Niels ten Oever
>> Head of Digital
>>
>> Article 19
>> www.article19.org
>>
>> PGP fingerprint    8D9F C567 BEE4 A431 56C4
>>                      678B 08B5 A0F2 636D 68E9

-- 
Niels ten Oever
Head of Digital

Article 19
www.article19.org

PGP fingerprint    8D9F C567 BEE4 A431 56C4
                     678B 08B5 A0F2 636D 68E9

ATOM RSS1 RSS2