On Mon, May 30, 2011 at 8:48 AM, Gert Doering <gert@xxxxxxxxx> wrote:
I have no idea what a "v6 DNS ACL" should be, except maybe an ACL that
protects which IPv6 clients are allowed to talk to a DNS server.
ACL is the wrong term. Saying it's an ACL makes it easy to make the argument that whoever is implementing this is denying access to a particular resource (the AAAA record).
In fact, the opposite is true - by electing not to return an AAAA record, the implementer is able to allow access to a particular resource (the content that the user wants to reach) instead of publishing the resource over IPv6 where some users can't usefully reach it.
Which is of course, the root of the problem here. It is the reason why many large website operators have either implemented whitelisting (Google, Facebook) or have announced that they will be implementing whitelisting (Yahoo, Akamai). And it is the reason why said website operators are not contributing to this document.
_______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf