On Tue, 10 Oct 2006 17:10:50 -0700, Fleischman, Eric
[EMAIL PROTECTED] wrote:
I'm sorry to enter this fray, but I'd like to point out that while I
respect Todd's request to know who is accusing him and why, the rest of
us don't need to be copied that information. In fact, it is better that
we
Vidya:
I'm not sure that the charter actually needs to get into the modes at
all - I'm guessing what happens after NEA (i.e., what is done with the
results from NEA) has zero impact on any work being done in NEA itself.
So, why not simply state something like Once NEA is conducted on an
Just FTR (and changing the subject, since this is not about NEA at all):
I agree with the principle that the sergeants-at-arms are obliged to
make up their own minds about whether or not a posting is inappropriate,
and that they are responsible for their own decisions.
Complaints are a
From: Steven M. Bellovin [EMAIL PROTECTED]
it is better that we aren't copied because to do so would be unfair to
the complainer(s).
As much as I've sparred with Glassey in the past ... I think he's right
in this case. In my opinion, any sort of disciplinary action needs
I run a very closed network, ports are closed and not opened unless there is
a validated request, external drives are disabled etc etc. A contractor
comes in with a notebook and needs to work on some files located on our
internal secure network. A trusted staff member rings in with the
So then Ned you are saying that the Management of the IETF can say anything
they want to on a list about several 'supposed' complaints and then act upon
them without any due process or any recourse -
Let me ask, do I annoy you that much that you would be willing to give up
your rights to recourse
- Original Message -
From: Steven M. Bellovin [EMAIL PROTECTED]
To: Fleischman, Eric [EMAIL PROTECTED]
Cc: todd glassey [EMAIL PROTECTED]; [EMAIL PROTECTED];
ietf@ietf.org
Sent: Wednesday, October 11, 2006 7:09 AM
Subject: Re: [Nea] WG Review: Network Endpoint Assessment (nea)
On Tue,
In the past month or so I've run across two separate ISPs that are
apparently polluting the DNS by returning A records in cases where the
authoritative server would either return NXDOMAIN or no answers. The A
records generally point to an HTTP server that will display
advertisements, but I've
At 7:55 PM +1000 10/11/06, Darryl \(Dassa\) Lynch wrote:
I run a very closed network, ports are closed and not opened unless there is
a validated request, external drives are disabled etc etc. A contractor
comes in with a notebook and needs to work on some files located on our
internal secure
Hi Darryl,
Your email indicates that you would:
a) somehow require that a visitor's laptop run an NEA client,
b) expect the device to support PAs that the server requires to be
checked, and
c) trust data coming out of it,
rather than treat that endpoint as an unknown endpoint and do IDS/IPS
Russ - I agree that something like a global NEA is necessary - just not that
a new protocol is necessary to implement it. So let me ask...
So then why not pass a new configuration mode model with SNMP - the point is
that while the idea of some agent that could actually collect these separate
logs
Hi Russ,
-Original Message-
From: Russ Housley [mailto:[EMAIL PROTECTED]
Sent: Wednesday, October 11, 2006 7:19 AM
To: Narayanan, Vidya
Cc: [EMAIL PROTECTED]; iesg@ietf.org; ietf@ietf.org
Subject: RE: [Nea] WG Review: Network Endpoint Assessment (nea)
Vidya:
I'm not sure
On Wed, Oct 11, 2006 at 01:03:24PM -0400,
Keith Moore moore@cs.utk.edu wrote
a message of 28 lines which said:
In the past month or so I've run across two separate ISPs that are
apparently polluting the DNS by returning A records in cases where
the authoritative server would either return
To me this is fraud and unfair trade practice in addition to being
a security threat
I agree but I believe it may be difficult to have a rough consensus
on this one.
if we can't, that's a sad commentary on the state of IETF competence.
The RFC 4084 approach (naming things, in a standard
Vidya,
Thanks for your response. I think we may be getting closer to
understanding each other's perspectives. That's a good thing.
Let me respond to your comments inline below. I hope you won't
mind if I clip a bit since this thread is starting to get long.
Vidya Narayanan wrote:
A. Any
In the end, I believe all NEA can do is help good hosts stay good. Bad
hosts will stay bad, and may or may not be identifyable as such. Still,
the former ain't nothing. But I agree with Ted at least in part that a
standardization effort for the content within NEA is challenging. I do
not think
--On Wednesday, 11 October, 2006 21:59 +0200 Stephane Bortzmeyer
[EMAIL PROTECTED] wrote:
On Wed, Oct 11, 2006 at 01:03:24PM -0400,
Keith Moore moore@cs.utk.edu wrote
a message of 28 lines which said:
In the past month or so I've run across two separate ISPs
that are apparently
Brian E Carpenter wrote:
I run a very closed network, ports are closed and not opened unless
there is a validated request, external drives are disabled etc etc.
A contractor comes in with a notebook and needs to work on some
files located on our internal secure network. A trusted staff
Keith Moore wrote:
this is fraud and unfair trade practice in addition to being a security
threat (as people give their passwords when trying to connect to the
wrong site) and harmful to applications (either because they do connect
to a protocol engine on the wrong server, or they try to
Hello Ted
Comments inline as appropriate.
Ted Hardie wrote:
At 7:55 PM +1000 10/11/06, Darryl \(Dassa\) Lynch wrote:
I run a very closed network, ports are closed and not opened unless
there is a validated request, external drives are disabled etc etc.
A contractor comes in with a notebook
Hi Vidya
Comments inline as appropriate.
Narayanan, Vidya wrote:
Your email indicates that you would:
a) somehow require that a visitor's laptop run an NEA client,
b) expect the device to support PAs that the server requires to be
checked, and c) trust data coming out of it,
rather
I completely agree with Noel on every detail of these comments.
And, no, I was not one of the complainers either. :-)
--
Eric
-- -Original Message-
-- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
-- Sent: Wednesday, October 11, 2006 11:26 AM
-- To: ietf@ietf.org
-- Cc: [EMAIL
In the past month or so I've run across two separate ISPs that are
apparently polluting the DNS by returning A records in cases where the
authoritative server would either return NXDOMAIN or no answers. The A
records generally point to an HTTP server that will display
advertisements,
The IESG has approved the following document:
- 'Integrity Transform Carrying Roll-over Counter '
draft-lehtovirta-srtp-rcc-06.txt as a Proposed Standard
This document has been reviewed in the IETF but is not the product of an
IETF Working Group.
The IESG contact person is Russ Housley.
A
The Extended Incident Handling (inch) in the Security Area has concluded.
The IESG contact persons are Russ Housley and Sam Hartman.
The mailing list will remain active.
The Inch working group was chartered to facilitate exchange of
incident handling information. It failed to meet its
A new Request for Comments is now available in online RFC libraries.
RFC 4705
Title: GigaBeam High-Speed Radio Link Encryption
Author: R. Housley, A. Corry
Status: Informational
Date: October 2006
Mailbox:[EMAIL
26 matches
Mail list logo