Niels and all, At 2017-04-11 14:50:13 +0200 Niels ten Oever <[log in to unmask]> wrote: > Have you all followed the discussion around RPZ ? It is a > (proposed)protocol which allows for the blacklisting of certain > addresses, reportedly to address malware, but you can imagine how this > could be used differently. To be clear, this is not a proposed protocol, it is code running in production on many high-volume resolver installations. The IETF effort is an attempt to standardize this to insure interoperability between vendors. > https://tools.ietf.org/html/draft-ietf-dnsop-dns-rpz-00 > > https://dnsrpz.info/ > > http://www.circleid.com/posts/20100728_taking_back_the_dns/ > > Is this a discussion that has also been held in ICANN, or is this a > 'let's route around ICANN'-kind of solution? Certainly improved ability to block domains will impact ICANN's constituents, so it probably makes sense to follow the work and for interested ICANN participants to join any discussions in the IETF. However I believe that RPZ is outside of ICANN's remit. As such I don't believe that there is any direct role for ICANN in this, beyond the possible work of IANA in publishing any eventual RFC's that arise. Cheers, -- Shane