Mark Smith;
I'll continue reading, although I'm happy enough that my original
understanding was correct.
Let's agree that you are as correct as PMTUD.
If you have further comments, do so offline.
Masataka Ohta
looks good to me - one suggestion of clearer language and a potential
addition
o Documents for which special rules exist, including IAB documents
and April 1st RFCs, and republication of documents from other SDOs
- the IESG and the RFC Editor keep a running dialogue on which
On 5/10/2004 3:02 AM, RL 'Bob' Morgan wrote:
So a secure ports only policy has very little to do with security and
very much to do with organizational power relationships, and making
your computing environment dysfunctional.
Somebody check my math on this please, but it seems to me that the
--On Monday, May 10, 2004 9:33 AM -0400 Scott Bradner
[EMAIL PROTECTED] wrote:
looks good to me - one suggestion of clearer language and a
potential addition
o Documents for which special rules exist, including IAB
documents and April 1st RFCs, and republication of
documents from other
--On Monday, May 10, 2004 10:57 AM -0400 Scott Bradner
[EMAIL PROTECTED] wrote:
note that I just used the words that were there - do you
suggest leaving teh words as they are? if not, maybe you can
suggest something better
I guess that, before, the text was sufficiently muddy that I
didn't
fwiw - this works for me
---
From: John C Klensin [EMAIL PROTECTED]
To: Scott Bradner [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Re: Last Call: 'The IESG and RFC Editor documents:
Procedures' to BCP
--On Monday, May 10, 2004 10:57 AM -0400 Scott Bradner
[EMAIL
On 5/10/04 at 10:54 AM -0400, John C Klensin wrote:
--On Monday, May 10, 2004 9:33 AM -0400 Scott Bradner [EMAIL PROTECTED] wrote:
looks good to me - one suggestion of clearer language and a
potential addition
o Documents for which special rules exist, including IAB
documents and April 1st
At 9:38 AM -0500 5/10/04, Eric A. Hall wrote:
On 5/10/2004 3:02 AM, RL 'Bob' Morgan wrote:
So a secure ports only policy has very little to do with security and
very much to do with organizational power relationships, and making
your computing environment dysfunctional.
Somebody check my math
John Rudd wrote:
The problem with the STARTTLS strategy is: you can't guarantee at the
network level that a client will use SSL/TLS.
Guaranteeing that the client will use TLS is worthless anyway, since TLS
includes the None encryption option.
--
/==\
On Mon, 10 May 2004, Masataka Ohta wrote:
Dean Anderson;
I recommend that, to avoid long initial delay and intermediate
lack of communication after path changes of, PMTUD should turnd
off by default and should be activated only on extreme
conditions.
Just the opposite, unless you want
On May 9, 2004, at 19:33, Dean Anderson wrote:
I have only heard that those that block ICMP echo have had
problems.
Nothing to do with ICMP echo. It's blocking ICMP unreachable,
fragmentation needed that causes problems.
ICMP unreachables related to known connections should be allowed
through
On May 10, 2004, at 10:38, Eric A. Hall wrote:
Using an encrypted port just means an attack can only produce failure,
rather than inducing fallback.
Clients generally default to using the unencrypted port.
Clients generally default to accepting non-STARTTLS connections.
Both require
Mark Smith;
A number of commercial
products and applications do rely on PMTU to work, and will
do an PATH MTU discovery, and send the MTU sized packets with
DF (don't frag).
and send packets larger than MTU expecting to receive ICMP
errors in vain.
Read the original mail of the thread on the
Dean Anderson;
There were (still are?) number of web servers that wanted to send
big packets with DF turned on, because PMTUD was turned on on the
servers but ICMP errors were filtered.
There still are such apps. I ran into this recently, last winter.
So, that is the reality. Note that we run
On May 10, 2004, at 15:25, Masataka Ohta wrote:
Sensible people should block PMTUD, too.
Why? Do you just enjoy breaking random things?
___
Ietf mailing list
[EMAIL PROTECTED]
https://www1.ietf.org/mailman/listinfo/ietf
From: Dean Anderson [EMAIL PROTECTED]
If you look at the message, you will note that it is a bounce from the
WG co-chair's _personal_ email address, directly to your email address.
it was a bounce to a message Mr. Austein posted on DNSOP.
I assume you mean it was a bounce to
On Tue, 11 May 2004 03:48:57 +0900
Masataka Ohta [EMAIL PROTECTED] wrote:
Mark Smith;
A number of commercial
products and applications do rely on PMTU to work, and will
do an PATH MTU discovery, and send the MTU sized packets
withDF (don't frag).
and send packets larger than MTU
Mark Smith;
I'm keen to
find out if my understanding of PMTUD purpose and operation is
incorrect.
Read the RFC or my quotation of it.
Masataka Ohta
___
Ietf mailing list
[EMAIL PROTECTED]
On Tue, 11 May 2004 13:44:16 +0900
Masataka Ohta [EMAIL PROTECTED] wrote:
Mark Smith;
I'm keen to
find out if my understanding of PMTUD purpose and operation
is incorrect.
Read the RFC or my quotation of it.
Ok, well, I haven't got far into it, and it seems to correspond
to what
Point of order, please
It seems that WG co-chair has begun to use an email address that is
defaming Av8 Internet, Inc by returning business email to users of Av8
Internet claiming that Av8 Internet has hijacked some address space.
Av8 Internet hereby demands that the IETF immediately end this
On May 10, 2004, at 14:17, Dean Anderson wrote:
It seems that WG co-chair has begun to use an email address that is
defaming Av8 Internet, Inc by returning business email to users of Av8
Internet claiming that Av8 Internet has hijacked some address space.
That may or may not be, but since you
Dean Anderson wrote:
It seems that WG co-chair has begun to use an email address that is
defaming Av8 Internet, Inc
How is it defamation if the only one that gets the message is Av8?
--
/===\
|John Stracke |[EMAIL PROTECTED]
On Mon, 10 May 2004, Ken Raeburn wrote:
On May 10, 2004, at 14:17, Dean Anderson wrote:
It seems that WG co-chair has begun to use an email address that is
defaming Av8 Internet, Inc by returning business email to users of Av8
Internet claiming that Av8 Internet has hijacked some address
On Mon, 10 May 2004, John Stracke wrote:
Dean Anderson wrote:
It seems that WG co-chair has begun to use an email address that is
defaming Av8 Internet, Inc
How is it defamation if the only one that gets the message is Av8?
Av8 customers get it. DNSOP and IETF list members have gotten
On Sun, 9 May 2004, Masataka Ohta wrote:
Back to the original problem, PMTUD depends on the capabilities
of intermediate systems on a path to generate certain ICMP,
generation of which is as complex as fragmentation itself,
that it is not very end to end.
That is, PMTUD is a broken concept.
John:
There is actually a list for discussion of this topic,
[EMAIL PROTECTED], though it hasn't seen much traffic for quite a
while.
Your note is a reminder that this issue, while much-debated on the various
apps-protocol lists a few years ago when the decisions to invent and
promote STARTTLS
26 matches
Mail list logo