Domain list exchange format
In this task, we want to select a format with which white or black lists can be exchanged between organizations/projects and Matrix. Matrix is to make the blocking and unblocking processes transparent and traceable.
The goal is to select an existing format, or to develop a new format which is universally applicable, in order to be able to exchange domain lists between projects, taking into account the traceability. The exchange itself should be possible via different ways (REST-API, EDIFACT, SMTP, GIT, DAV, FTP), but we do not commit to these in this task. External data of this format will then be converted by Matrix into the database format to be specified, before the (possibly versioned) data can be distributed e.g. as RPZ to DNS services. Authorized users should be able to block and unblock domains and also record reasons and "evidence" in this process. But there is a problem with transparency when it comes to integrating external data sources. In most cases, the domain is the only information transferred so far. In the community, it is standard practice to exchange text lists with one domain per line.In this case, however, it is not or only with difficulty comprehensible for outsiders and partly also for the respective project itself why a certain domain was blocked or unblocked. With the increasing popularity of a service like Matrix, the system also becomes a victim of attacks.This concerns not only technical attacks but also whitelisting for money under the table, or blacklisting for own opportunism to name just two more examples.
Who are the stakeholders? Why is this task important?
As a domain owner, I want to be able to easily determine if, why and by whom my domain has been locked and how to initiate an unlock process.
As a user, I would like to be able to understand which websites are blocked and why, so that I can gain trust in the project and actively support it or passively benefit from it.
As an operator of DNS services with lists of Matrix or carrier of Matrix I would like to achieve evidence security in competition law disputes, in order not to be able to be personally prosecuted.
As a contributor to the project, I would like to be able to trace which changes have taken place and when, in order to be able to weed out erroneous external sources.
As an external partner of the project, I need a standardized format that is time-stable and codified. At the same time, only data that I can deliver should be required.
Central questions for this task:
- What data do we need to design transparency even with future development of Matrix?
- What text format do we use?