[11:37:50] any news on the webcast? [12:07:17] webcast will be at http://media1.icann.org/ramgen/broadcast/oarc.rm [12:07:31] excelent! thanks [12:07:52] starting at 13:30 PDT = 20:30 UTC [12:39:36] *keith has set the topic to: OARC Workshop starts at 13:30 PDT on http://media1.icann.org/ramgen/broadcast/oarc.rm [15:48:27] Also there's an audio only feed at rtsp://media1.icann.org/broadcast/oarc.ram [16:11:18] where in the hotel is the meeting? [16:11:34] There's a hallway by the cafe [16:11:37] "Bel Air" [16:11:43] Close to the front doors [16:11:44] thanks [16:28:57] ah, i have video now [16:32:14] there's a nasty hum in the sound... [16:33:00] humm is not fixable. It's in the hotel's sound system. [16:33:02] Sorry. [16:33:20] ok, it's audible.. [16:33:49] mmm, ground loop [16:34:06] starting in about 5 mins [16:34:31] Yes, ground loop.[16:34:50] I don't have control of their sound system. I've been told hands off. [16:35:30] I'll see if I can get it fixed during a break. [16:35:33] If not, it should be fixed for tomorrow. [16:55:11] Is it useful to show the slides. We don't have a scan converter, so it's just a camera pointing at the screen. Not very nice, but I can put slides up if its useful. [16:55:29] They are pdf'd on the web site [16:55:35] I'll skip it then. [16:55:48] http://public.oarci.net/oarc/workshop-2007/agenda/ [16:55:54] Most presentations appear to be uploaded [16:56:01] Thanks. [16:58:33] repaet question in mic please.. [16:59:26] Request has been relayed. [17:04:39] http://public.oarci.net/files/workshop-2007/Damas-DLV.pdf [17:14:10] *keith has set the topic to: OARC Workshop on http://media1.icann.org/ramgen/broadcast/oarc.rm [17:24:17] Questioner is Duane Wessels [17:24:46] Please can people asking questions identify themselves to mic [17:26:01] may be worth repeating out loud for those physically but not virtually here [17:26:25] Any remote qns for Paul ? [17:26:35] Questioner is Roy Arends [17:27:10] Jason - will do once I get my hands on mic again :-) [17:27:33] btw, thanks for pasting names here. [17:27:59] apologies for lack of name badges again [17:30:42] Peter Koch [17:31:33] aha, now he's on, a bit delay...:-) [17:31:59] question from Sam Weiler [17:32:18] rather answer [17:34:06] There is about a 30 second delay is due to player buffering. [17:36:13] http://public.oarci.net/files/workshop-2007/Wessels-Heatmaps.pdf [17:37:21] Is that annoying background music getting through to webcast ? [17:37:46] no, only the ground loop [17:42:08] zoom on screan please [17:42:17] animation is not in presentation [17:42:38] no, will upadlod file later [17:42:41] upload [17:42:45] ok [17:43:12] http://maps.measurement-factory.com [17:43:30] any questions for Duane ? [17:43:36] Roy question again [17:44:36] April Lorenzen has done work with 3D representation [17:44:41] available on OARC member-only website [17:46:21] Rick Wesson [17:48:08] Maps of abuse data [17:51:47] Comment: Jay Daley, Nominet [17:52:53] 330M advertiser clicks [17:53:00] over ~1 mo. [18:27:20] Restarting after coffeeee [18:28:14] Will upload slides in a sec.. [18:28:51] Can I get confirmation that remote listeners are getting audio and video? [18:29:08] video ... yes [18:29:09] yep [18:29:13] thanks. [18:29:28] audio is mute... (in another mtg) [18:29:46] I have audio[18:31:14] http://public.oarci.net/files/workshop-2007/Vixie-SIE.pdf [18:41:52] QN: Rick Wesson [18:45:31] Last questioner was John Schnizlein, Cisco [18:46:38] The last question was from John Schnizlein, FYI [18:46:57] d'oh, I missed that keith said that already, sorry [18:49:01] questions for Paul ? [18:50:14] QN was Rick Wesson again [18:53:03] [raises hand from Ottawa] [18:53:17] me y [18:53:21] too [18:53:22] there won't be a jabber scribe at dinner, sorry. :) [18:53:49] i'll just have to PIN you periodically to ask how many drinks you've had! [18:53:50] there doesn;t seem to be a jabber scribe now... :) [18:54:29] sorry - fire away [18:54:52] roy, antoin ? [18:54:59] I think they wanted dinner.. [18:55:20] I just wanted dinner [18:55:50] sorry - misunderstood [18:56:19] mime-type: factory/cheesecake [19:02:02] still on SIE or something else? [19:02:17] http://public.oarci.net/files/workshop-2007/Boggs-DNSPERF.pdf [19:02:17] moved to DNS performance testbed [19:02:42] thank you [19:03:00] pg 4 [19:03:12] Logical diagram [19:10:13] Rick Wesson [19:13:06] Doug Barton [19:14:36] For those who can't hear (since he's not near a mic), Peter says he believes the debugging was left on in the FreeBSD 7 tests, but Boggs is the only one who would know for sure. [19:14:48] louder please :-) [19:15:03] FOR THOSE WHO CAN'T HEAR... [19:15:08] :D [19:15:20] duh :-) [19:16:49] Rick Wesson [19:17:08] Rick asks, "Did you use 'huge' tables?" [19:20:37] RickW again [19:25:10] QN: Russ Mundy [19:27:06] any questions/.suggestions for Paul ? [19:30:27] Previous questioner was John Schnizlein, Cisco [19:34:24] Last comment from KC Claffy, CAIDA [19:34:35] Now Russ Mundy [19:35:44] KC again [19:36:57] Russ says, "Yeah, the reproducibility comes not from having exactly the same zone to test with, but from having a clear enough description of the methodology to be able to reproduce the test with any zone/software." [I'm paraphrasing][19:37:32] If anyone is interested, our testing of BIND and some others is detailed here https://www.centr.org/docs/2006/10/nameserver-perf.pdf [19:38:32] Thanks [19:38:41] thanks Jay, that'll be really useful [19:39:54] what matt said [19:40:06] :D [19:41:38] Rick: "Could you go a little bit more into the operating system differences, and speculate as to why?" [19:43:04] This is a pretty good place to start to find an answer to Rick's question: http://www.kegel.com/c10k.html [19:47:55] http://public.oarci.net/files/workshop-2007/Wessels-DNS-survey.pdf [19:52:59] no nsd ? [19:53:19] yeah, that's surprising [19:53:45] I did't realize their "market share" was so low [19:54:51] yeah, I am surprised as well [19:57:59] http://www.measurement-factory.com/surveys/ for more details [19:58:48] any qns ? [20:04:30] Russ Mundy presenting DNS monitoring tool he's working on - no slides [20:05:14] perhaps on camera ? [20:06:03] http://www.measurement-factory.com/surveys/ - 404 not found [20:06:12] slides on camera now. [20:06:56] Doug, is the FreeBSD 6.x resolver dnssec aware? [20:07:00] ok [20:08:02] Matt P: we have stock bind 9.4 in what will be 7.x-release/stable, and 8-current [20:08:14] the dnssec options are not on by default however [20:08:27] okay. so the stock resolver code in 6.x doesn't do dnssec? [20:08:36] (oh, and stock 9.3.x in 6-release/stable [20:09:03] ah okay [20:09:06] well, it could, but if you really want to do dnssec you should use 9.4 [20:09:12] thanks doug. [20:09:40] no problem, dougb@freebsd.org if you have any questions or suggestions [20:09:48] sorry, should be http://dns.meaaurement-factory.com/surveys/ [20:10:06] (URL in Duane's slide deck) [20:10:11] I didn't think you had incorporated the BIND resolver into the OS in 6.x. cool [20:10:36] freebsd has had BIND in the base since day 1 [20:10:41] http://public.oarci.net/files/workshop-2007/Arends-NSEC3.pdf [20:12:41] We're done ! [20:12:51] Start again tomorrow @09:30 PDT [20:12:57] Thanks everyone stable, and 8-current [20:14:24] *keith has set the topic to: OARC Workshop restarts @09:30 PDT tomorrow on http://media1.icann.org/ramgen/broadcast/oarc.rm [20:15:28] russ, when do you leave? [11:58:08] No audio yet. Stand by. [12:02:44] Audio should be good now. When the meeting starts, feedback reports on audio levels are welcome. [12:24:50] *keith has set the topic to: OARC Workshop restarts @09:30 PDT http://media1.icann.org/ramgen/broadcast/oarc.rm [12:25:13] for those on the room but not on the mailing list, we are planning to do a PGP signing key during the first minutes of the lunch. [12:25:32] Doug Barton set up a key repository at https://biglumber.com/x/web?ev=77060 [12:26:20] Select "This event has a keyring" [12:26:55] and then go to the botton and add your key, either uploading the armored key file or pasting the content. [12:31:39] starting in a couplemof minutes.. [12:35:00] folks, I got hung up at home this morning, but I'm going to be on my way soon. If people who want to do the key signing can upload their keys, I'll print out the keyring page for everyone before I leave. [12:35:19] bbiab [12:36:38] someone yesterday asked about number of NSD nameservers in my survey.... [12:37:01] Of 386,779 fingerprintable nameservers in the "5% sample", 26 NSD were NSD. [12:37:10] Of the 306,649 authoritative nameservers that could be fingerprinted, 78 were NSD. [12:37:12] Starting. [12:38:10] Who is taking the presentations? [12:38:31] slides that is. [12:39:16] keith? [12:39:32] also, I realized that the most recent survey page is not yet linked so here is the URL: http://dns.measurement-factory.com/surveys/200710.html [12:40:08] e-mail presentations to , please :-) [12:40:20] http://public.oarci.net/files/workshop-2007/Otis-SPF-ddos-threat.pdf [12:40:40] Thanks. [12:41:48] i missed that-- why did maawg cut douglas off? [12:42:10] basically because several people have disagreed with him about the DoS issue [12:42:24] what's a "r-PTR"? [12:42:24] and people have asked him not to talk about it any more, but he did [12:42:33] so they cut off the discussion [12:43:03] at least, that was my (I think disinterested) impression of the decision [12:43:24] scratches head, you mean they disagreed with his interpretation of raw data, and was there a reasoned counter-interpretation, or is it something that has nothing to do with interpretation of measurements? [12:43:49] I think it was a disagreement [12:43:58] that people decided was never going to yield fruit [12:44:13] and some thought the continued discussion was wasting itme [12:44:15] time, even [12:44:24] morning. :-) [12:44:29] and asking people not to discuss any more was regarded as the least bad option [12:44:42] or, wasn't going to yield any more fruit this time than it has the last N times [12:44:45] (I did not participate in any of this, please note, but I have watched it on and off) [12:44:46] Is it a DKIM vs. SPF debate, or a case of too much "the sky is falling"? [12:44:58] I think maybe "yes" [12:45:00] :-/ [12:45:38] more informed people will be able to give a better synopsis [12:45:51] but I don't think there's a _technical_ reason for the decisions one way or the other [12:48:16] If there's some running code out there, one would think this should be pretty easy to prove/disprove. [12:49:18] I've only tuned into the spf-is-evil discussion occasionally, but I've never heard anyone take apart the argument. [12:49:40] You have to dig into the archives to see the old counterarguments [12:49:52] I think they were early in the design, really [12:50:04] and people decided that the objections were wrong [12:50:16] and so then "objection" started to look like "cranky guy" [12:50:28] and so now actually attacking this argument just Isn't Done [12:50:44] whether it should be, I dunno -- others can probably speak better to that than I [12:51:30] *nod* If the majority opinion of the wg is that this isn't a real issue, I can see how they would decide to just stop talking about it. Much the way we've dealt with the anycast dissenters. [12:52:11] would really love to see a scientific peer reviewed paper on this, using data sources considered legitimate by oarc. is it possible? or has it been tried and falied? [12:52:41] I don't know if it's been tried. but this looks provable with a simple lab setup. [12:53:32] Maybe that's a good alternate use of the hardware Paul has for performance measurements [12:53:38] The problem is not SPF specific and it might be easier to comprehend just if all the anti-SPF sentiment hadn't poisoned the ground ... [12:53:48] I agree with Peter [12:53:56] this is a much more generic issue [12:54:01] Yes,,, [12:54:08] DKIM will have it too, and so for that matter will DNSSEC [12:54:26] How will DNSSEC have it? [12:54:29] it is about _applications_ potentially sucked into generation unlimited amounts of DNS queries [12:55:05] I don't see the connection between this and dnssec either. DKIM yeah.. [12:55:23] what I said ... [12:55:33] DNSSEC has it in a different way -- the large records give you a way of issuing large numbers of small queries that result in large numbers of big responses [12:55:52] if an application can be convinced to ask such questins [12:55:57] questions, even [12:55:57] yeah, just a generic amplification attack. no chaining or expansion of queries [12:56:05] Somewhere in namedroppers there is a thread called "Why Doug Otis scares me" based on his presentation to DNSEXT, I think in Montreal (summer 06). It wasn't Doug, per se, but the idea that DNS is being used for "slapped on" security in some protocols. I'm not certain Doug is right, but I don't know. [12:56:06] then you can cause it. [12:57:24] more generic analysis of this issue would be even better. what passes for scientific research in this space is a pretty low bar, see two articles in feb cacm http://info.acm.org/cacm/toc/2007/february_toc.html [12:57:41] San Diego IETF: http://www3.ietf.org/proceedings/06nov/slides/dnsop-2/sld1.htm [12:58:40] Also, notes of ensuing discussion: http://www3.ietf.org/proceedings/06nov/minutes/dnsop.txt [12:59:55] kc: What are you wanting more generic analysis of? Amplification attacks or SPF / Sender-ID? [13:01:05] the effectiveness of counter-spam mechanisms and practices. according to the best available data. [13:01:14] any questions for Doug ? [13:01:41] kc: effectiveness of counter-spam mechanisms is a fast moving target. [13:01:49] including but not limited to technology, legislative, and educational mechanisms [13:02:39] My message was to dnsop, not namedroppers, but I can't locate archives for DNSOP [13:03:36] I'm going to be printing out the keyring for the pgp key signing in a few minutes folks, so if you have a key to upload please do it sooner rather than later. :) Not being on the paper list will not prevent your participation, but it's easier if you are. [13:04:10] kc: to what ends? [13:04:42] we've seen what spammers do in the face of effective counter-measures -- turn up the juice, attack via alternate vectors, etc. [13:04:44] nods fast-moving, but that means we shouldn't archive analysis of which types of countermeasures are more effective over time, because it's irrelevant to future behavior, or helps the spammers more than it helps those trying to stop them [13:04:57] Doug- I'll make a final announcement to submit keys at the end of this talk ? [13:05:00] kc: your latter point is my concern.... [13:05:09] nods davidu, ok, just want to know what to tell researchers who want to study spam. pick another topic? [13:05:10] keith, that'll be fine [13:05:20] gracias [13:05:47] Surely "pick another topic" is worse than "might help spammers" [13:05:50] davidu: I would think spammers already know what does and doesn't work as they can measure success/click rates. [13:05:51] kc: no, spam is still worth studying, of course.... [13:06:05] Finally found a link..http://www1.ietf.org/mail-archive/web/dnsop/current/msg04922.html [13:06:30] agreed.... it'd be nice if we didn't keep playing arms race games with spammers (bad guys in general)... [13:06:46] Maybe they'd agree to a cease fire? :-) [13:06:56] I can't buy 100GE ports yet, and the bad guys are starting to match my connectivity abilities. :-( [13:07:18] I think Doug's very late point is an interesting one [13:07:34] give up on trying to authenticate and filter[13:07:44] and change the delivery mechanisms and promises [13:07:55] buf of course, that means "throw away SMTP" [13:08:32] Getting rid of smtp isn't a new idea. But it's going to take a while to gain any traction [13:08:43] SMTP is long since due for replacement, but like many things, we're stuck with it for now. [13:08:56] roy: like DNS? ;-) [13:08:59] Matt P: Just use facebook messages. :-) [13:09:05] I've said it before "don't break DNS to save SMTP!" [13:09:34] asullivan: at least DNS doesn't cause significant grief to end-users (most of the time) [13:09:38] yes amconcerned th that according to best available data (?) spammers seem to be winning the arms race, and at least the u.s.taxpayers continue to spend hundreds of millions of dollars per year on network research activities that don't seem to be helping you guys fight this fight at all. (can insert a dozen other fights here and same concern, but this talk is about spam, so...) [13:13:00] kc: how much research do you think postini does to actually get rid of spam? (just guess, it's a relatively binary question) -- that's why there is still a lot of value in having smart students study spam. :-) [13:15:03] If the SPF wg is moving ahead despite acknowledging that their protocol can blow up DNS, then perhaps this is the time for the DNS directorate to step in and make a statement. [13:16:23] there is no SPF WG. That came out of MARID, which was shut down. The SPF RFC contains Security Considerations ... [13:17:40] hi kids... hows the DNS today? [13:17:53] delightful [13:18:39] http://www3.tools.ietf.org/html/draft-iab-dns-choices-04 [13:19:06] random query.... whats the pushback on replies w/ packet size larger than 4k? [13:20:09] Ahh, yea, something the IAB never finished (iab-choices). I presented that at the MARID Interim Meeting in summer 05? and got hit with a lot of tomatoes. It would have been nice if the IAB delivered that document. [13:20:16] splash - zzzt! [13:20:27] http://public.oarci.net/files/workshop-2007/Sato-DNSSEC.pdf [13:20:38] hope my expletive didn't get 'cast.. [13:21:06] keith: did you get power? [13:21:21] dunno - need to let things dry out first :-( [13:22:06] need more than one outlet? you can take my (single) plug, I can run off battery or plug in behind me [13:22:25] I think it should be okay, thanks [13:23:37] can he speak up a bit, or at least in the mic ? [13:24:06] I asked [13:30:49] Since I'm half a minute behind, I'll ask my question for after the presentation: There's a big difference in integrity checks when you do dynamic updates as you don't have your complete zone. What kind of integrity checking do you do ? [13:30:49] what slide is sato-san on? [13:31:01] 17 [13:31:03] conclusions/summarty of the R&D [13:31:05] 17 [13:31:07] thanks [13:31:12] *waves at andrew* [13:32:04] I am home on my own with three kids, ages 1, 2 and 7. None of them have yet rebelled against their afternoon's mind-growing activities being rather oarc-centric [13:32:05] :-) [13:32:47] So your plan is to grow three mini-jabley DNS people? [13:33:00] actually I was trying to make them all go to sleep [13:33:01] :-) [13:33:05] I think this is a radical new approach to "individuals don't scale" [13:33:25] Want to induce sleep? bring'em to ICANN. [13:33:32] *salues jabley for forming the OARC Youth* [13:33:35] surely that would induce death [13:33:37] jabley: the 7 year old is 4 years too old for the pattern in the ages to scale out properly. [13:33:41] err 3 years [13:33:49] but then you've allready published.. [13:34:17] so you might have published errors... [13:35:45] I'll ask Shinta next time.. [13:36:15] I saw a kid in the hotel here yestrday and thought "this is an ICANN meeting - that's no place for kids !" [13:36:58] Why not, doesn't the hotel have a swimming pool ? [13:38:10] surely the swimming pool is already full of dead lawyers [13:38:22] no, bored to death techies [13:38:31] Good swimming pool then ! :-) [13:38:34] it does tend to fill up over the course of the week [13:39:00] /mw waves his unbricked, unlocked, upgraded iphone at matt [13:39:07] bastard [13:39:11] heh [13:39:16] matt: your iphone is bricked? [13:39:35] matt: send the phone to me, I'll fix it [13:39:38] yeah. failed the 1.1.1. upgrade on wed night [13:40:25] I was hoping upgrading to 1.1.1 would fix teh fact that the phone can't identify its own phone number from the Rogers SIM I fed it [13:40:38] this isn't really DNS operational talk though... later. :) [13:40:44] heh [13:43:03] anyone running dsniff? [13:43:42] slides not online? [13:43:51] slides are there [13:44:08] he's on the exploding garrison now [13:44:18] 8 [13:44:31] http://public.oarci.net/files/workshop-2007/Sullivan-Commons-vandals.pdf [13:45:38] this will be a good segue into my talk, as it turns out. :-) [13:47:34] it is absurd! Buy some Force10 stock (or eval their gear and short it.) [13:52:33] Are these talks being recorded also? [13:52:40] I'd like a copy of Andrew's talk... [13:52:48] keith said yes [13:53:07] but it might take a little while to get them published [13:53:13] jabley: Thanks! No worries. [13:54:41] did he say noone is going ot put any more money in this? what did he mean by that? [13:55:28] I think the point was that propping up the infrastructure using money doesn't scale, since the money has to come from somewhere [13:55:38] kc: ask him, but since he's talking a lot about what we're doing at OpenDNS -- I can say we're putting money and resources in this area, but more effort to developing the tools and features to start putting more intelligence in the traffic we handle and the responses we answer and how we answer them. [13:55:52] we're not putting more money than needed in keeping our infrastructure up. [13:58:41] arrangements that create coercian, we call "policy based routing." :-) [13:58:54] 'bashing people on the head', man you guys will say /anything/ to avoid the r-word. hilarious. [13:59:06] what's the r-word? [13:59:09] research? [13:59:51] rutabaga? [14:00:10] regulation. (how we protect commons in meatspace). cute. [14:00:58] regulation doesn't work in the space where 1) people can hide who they are 2) people are doing "bad things" that they know violate the rules and they know they can do 1. [14:01:16] matt p: good point. [14:01:36] this doesn't sound like regulation, though. this is encouraging transitive reputation services whereby people can act indepdently, but with effects that are globally useful [14:01:38] andrew already said that's the first thing we have to give up to protect the commons.. [14:01:38] matt p: that's why he is talking about reputation systems... which is like a loose whitelist. [14:01:50] rather than a blacklist strategy [14:01:53] *nod* [14:02:09] QN: Doug Otis [14:02:09] guys, c'mon, he kept quoting hardin, i.e., The social arrangements that produce responsibility are arrangements that create coercion, of some sort. Garrett Hardin, “The Tragedy of the Commons” [14:02:16] this speaker didn't identify himself! [14:02:17] the irony! [14:02:25] "we" that doug is saying is Trend Micro [14:02:46] kc: social coercion is different than regulation I think. At least, the modern definition of regulation [14:03:00] reputation system is the means to the end. coercion is the end. (ok, protecting the commons is the end) [14:03:21] yep [14:03:28] matt,i'm talking about the english definitions [14:03:37] kc: so how do you effect coercion on the net? [14:03:50] regulation is a bad word to use because it carries implications of government involvement, new laws, etc. [14:04:04] matt p: please google "coolio regulate" [14:04:28] neihborgoods can be effectively protected by a neighborhood watch, but that creates these islands. [14:04:36] hans: if i had answers i would have written them up. i'm just pointing out that andrew is dancing around this word. [14:04:41] if you don't know someone in your neighborhood, you block 'em. [14:04:47] kc: call him on it [14:04:54] matt -- words have all sorts of implications. so does spam and phishing. [14:04:54] ask him why he doesn't use the word "regulation" [14:05:06] yep. I would use shame in fleshspace to coerce. spammers are shameless so that doesn't work. [14:05:07] (assuming you're in the room :-) [14:05:53] call him on it, i agree with every word he said, including the fear of the word regulation! i'm just not sure denial about it is helping us [14:06:42] i'm not sure how to disagree with his conclusion: "protecting the commons is a problem we can't solve: we don't have the (legal) technology, we don't have the legitimacy". does anyone in the room disagree w that? [14:06:59] checkmate? [14:06:59] (and if they do, what data do they base their disagreement on?) [14:07:09] Questioner is Ed Lewis [14:07:27] wait, ed thinks we know what andrew wants to do? i have no idea what andrew wants to do. [14:07:35] what does he want to do? [14:07:39] oh reputation system. [14:07:42] in concrete terms, he's said nothing [14:07:47] he's discussing issues. [14:09:40] there are some very successful protocols which have reputation considerations at their core [14:09:43] bittorrent seems like an obvious example [14:09:45] i guess i need it a little more fleshed out how a reputation system replaces the role of the nation state (or international treaties) in protecting meatspace commons. maybe it does. does it work on ebay? [14:09:58] clients who behave to the benefit of the collective gain improved performance [14:10:56] i don't think i can make it to Tim Horton's and back in 5 minutes :-( [14:10:58] nods jabley/BT, little nervous about an example where 90+% of the payload is likely illegal copyrighted material to model the 'save the internet' plan on, but i'm listening. :) [14:11:11] gah, look at you all, with your break times and your cookies and your lack of children hanging off you [14:11:34] you could have cookies too. but no break time, not with kids.. [14:11:59] kc: have you seen any measurement exercises which attempt to classify p2p traffic according to whether the material is being shared legally? [14:12:21] seems like an impossible task to do completely, but perhaps there are some clues and approximations that could help [14:12:42] I'm always wary of statements of the kind "90% of the payload is likely illegal copyrighted material" [14:13:07] not all copyrighted material is illegal to distribute for personal use, for example. [14:14:26] but anyway, in a protocol designed to facilitate data transfers, those that contribute the most towards the goal of the content being widely-distributed get better performance [14:15:02] this is likely a poor example of the general-case complexity since the goals and rewards are much easier to identify with file transfers than with other protocols [14:15:10] but it seems like the right kind of approach [14:15:44] ok, multiple screaming children [14:15:46] afk :-) [14:19:53] http://public.oarci.net/files/workshop-2007/Ulevitch-OpenDNS.pdf [14:20:26] joe: measurement 'exercises', yes, your friendly neighborhood NBC filed comments with FCC insisting the 'vast majority (perhaps 90% of more)" of the 'as much as 60-70% of traffic on the Internet' that is p2p is 'in knowing and flagrant violation of our nation’s copyright laws and threaten the viability of U.S. businesses that depend on copyright protection.' http://www.publicknowledge.org/pdf/nbc-fcc-noi-20070615.pdf -- if you mean do i know of any objective scientific researchers done measurement analysis to try and inject some reality into this conversation that will take even more free speech away from us?, then the answer is no, because researchers can't get access to data to do such studies. so, NBC's word is what FCC and Congress will use to 'regulate' (sorry) p2p usage. [14:22:40] see also similar unhelpful non-evidence based p2p generalisation at http://news.bbc.co.uk/2/hi/technology/7059881.stm [14:24:58] Are there any TLD or root operators out there who blacklist these people so they cannot contact your authoritative servers? [14:25:52] We have blocked addresses for short periods of time [14:25:58] or rather, [14:26:13] they have been blocked on the sayso of a network engineer [14:26:37] jay: which people? [14:26:38] they tend to come back rather quickly [14:26:46] OpenDNS[14:27:06] oh, then no [14:27:49] Their DNS server is responding with javascript?[14:27:57] I don't get that either [14:28:15] ask for details [14:28:29] but I think what they do is capture these well-known patterns [14:28:32] and resolve it [14:28:42] and if the client goes to the resolved site [14:28:47]