As I understand it the argument here is that these IP addresses may expose
internal network topology -
Actually, at this point I don't understand what the IP address is supposed
to expose beyond the location of a server which generally tells you
nothing new about the location of the user. Perhaps Simon can clarify.
AOL: webmail discloses originating client IP, can't test submit due to
AOL brokenness
I managed to configure Pine to send AOL mail, it logs the IP in both the
Received: and X-AOL-IP headers. But it uses TLS both on submit and
outbound.
So I think it is fine to look at the issues and see where we might make
improvements, but it is a bad idea to rush to naive changes that don't
address real privacy issues but do cause real problems for operations and
security.
Agreed again.
Regards,
John Levine, [email protected], Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail.
_______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
