karl and paul, expostulating

> I operate a cooperative resource. I will not have it used against me.
> This is not negotiable. I pay for my part of the Internet and anyone
> who wants their traffic to traverse it has to make sure that I derive
> similar value, in the aggregate, to theirs when they send me traffic.

No argument -- as long as a public root server isn't there. If it wasn't
I'd be SUPPORTING your black-hole list. But it is, and as such I'm not.

  for the record, i believe in what paul is doing as i am one of the
people taking the black-hole feed from him. that said, this seems to
be the primary arguement that people are using against paul black-holing
spammers. it makes no sense to me.

  you are saying paul is blocking access to a public service ( a
single root name server) but *you* and 99.9% of the rest of the
internet are not being blocked. on the other hand, people that are
*stealing* (and yes, i agree with paul that it's theft) resources from
his network are being blocked. that is, their access to *one* of 15,
or whatever the number is now, public root nameservers is blocked.

  i would understand this argument if the server paul ran were the
*only* publicly available root name server on the internet but there
are many more. so it's likely that name service for the spammer is
not affected in *any* way due to redundancy. and the rest of you
merrily go on resolving "." queries with no trouble.

  so i guess you are advocating that it's ok if a spammer decides to
mail bomb paul, clogging up his network with bogus mail, and slowing
down access to a root name server, possibly denying valid queries to
that root name server at all? that's ok with you, but blocking the
very small percentage of thieves from accessing one root nameserver is
a bad thing.

> same protection I work so hard to give myself, and I am donating that
> protection to anyone who wants it.

The point is, you can do that, hurt the spammers even more, and still find
ways to distribute the file (it IS only a flat file Paul) on an automated
basis, rapidly, if you want.

AND, you don't cut off a non-related resource (a root nameserver) in the

  the *resource* (root name service) is *not* being cut off. even to
the spammer. one server i that provides redundancy *for* the resource
happens to be. something i'd think most are willing to live with to
stop theft of resources on their networks and to/from their customers.
i certainly am.