[dns-operations] universal deployment of BCP38 and won't/can't semantics

Jo Rhett jrhett at netconsonance.com
Fri Feb 22 19:45:52 UTC 2013

On Feb 22, 2013, at 10:19 AM, Jim Reid <jim at rfc1035.com> wrote:
> There's no point arguing the semantics of "don't" and "can't". As Paul mentioned earlier, let's remain realistic. Universal deployment of BCP38 simply isn't going to happen, no matter how much you or I *really want* that. [And I do.] Get over it.
> Good luck getting an ISP in downtown Mogadishu (say) to sign up to BCP38 and sticking to it.

If their ability to pass traffic requires BCP38 and detected failures will lead to de-peering, it will happen. I've enforced BCP38 within both colocation facilities and large-scale peering. It can happen, and the "fight" has usually been much less than expected. My employers have been tentative about whether they'd risk a legal battle over it, but it has never come to that. And we lost zero, flat zero, opportunities over this unless you count some large spam operators that we turned away for multiple reasons.

Stop saying it won't happen, and push back just a little every day. If enough of us do this, it will come to be.

I am seriously looking for a great opportunity to sue a very large carrier for a failure to implement BCP38, since it very clearly meets the guidelines for "reasonable and expected" that the courts love to use. One very large carrier + one very large settlement, and the other carriers will notice.

It's not impossible. It is hard, but many hard things are worth doing.

More information about the dns-operations mailing list