Re: recommendation against publication of draft-cerpa-necp-02.txt
> I am writing to request that the RFC Editor not publish > draft-cerpa-necp-02.txt as an RFC in its current form, > for the following reasons: > 2. A primary purpose of the NECP protocol appears to be to > facilitate the operation of so-called interception proxies. Such > proxies violate the Internet Protocol in several ways: > 3. Aside from the technical implications of intercepting traffic, > redirecting it to unintended destinations, or forging traffic from > someone else's IP address - there are also legal, social, moral and > commercial implications of doing so. You will need to be far more specific here. I see absolutely nothing that is not legal, is not social, or is not moral. I do see commercial implications, but whether those are is "good" or "bad" is not a technical judgement. > In my opinion IETF should not be lending support to such dubious > practices by publishing an RFC which implicitly endorses them, even > though the authors are employed by major research institutions and > hardware vendors. I take the contrary position. The IETF ought to be encouraging the documentation of *all* practices on the net. It is far better that they are documented where people can find useful information when they see this kind of packet activity rather than have them known only to a few cognescenti. May I suggest that one treat this in its classical sense - as a Request for Comments and that those who have technical objections or technical enhancements publish those comments in an additional document rather than try to suppress the original one. Having a document trail that shows what paths and ideas have been found wanting is nearly as important has having a trail that show what paths have been found useful. --karl--
RE: Digital Copyright Law & Industrial Espionage 'Hacking'
Note: forwarded message attached. = Ben Davis [EMAIL PROTECTED] __ Do You Yahoo!? Talk to your friends online with Yahoo! Messenger. http://im.yahoo.com Attn: Mr.John Roemer; Reporter for the Pacific Standard and Ms. Donna Soto; VP for CyberSettle Lawyers: I am addressing you anonymously, as I believe that my Copyrighted works Registered at Library of Congress & other works in progress, some deriving from these and all original in their entire scope with what I believe to be the sole result of my efforts over many years-these I think have been subjected to compromising and/or intrusive liberties from Party of Parties Unknown, whom I suspect to be working in concert one with the other-a small group of teens & twenties aged boy 'gamers' who are most probably being assited by older 'businessmen' and all I believe reside close enough to me to share the same telephone junction box. Although I repeatedly tried to appeal to the Phone Co. and other authorites about this important matter ( the IMPORTANCE also was in that we have had what appears to be "FAUX PHONEMEN"... 'on the line' so to speak, for SEVERAL YEARS!) We tried US Immigration (INS) as these people all seem to be from the country we once referred to in our schools as 'Red China,' because we have NO IDEA WHATSOEVER as to the CITIZENSHIP of these people-we DO KNOW that these few blocks are a KNOWN AREA where many 'safe-houses' harbor these Illegal Alien Chinese, in fact we could say that as many as have come up into our neighborhood from Ocean Beach, the same amount and MORE of our Native-Born Citizens of Chinese-American descent seem to just 'DISAPPEAR!' We have NO IDEA what has become of the American Chinese or where that they've gone to? To continue-the adults in this neighborhood speak NO ENGLISH...their kids, ALMOST ALL are 15-year old boys, attending LOWELL HIGH SCHOOL, in the neighborhood, San Francisco's finest, and with a school newspaper over 100-years old, is also granted by the City of San Francisco a 'special charter' which maintains a strict RACIAL status quo... 98% CHINA MAINLAND BORN (Beijing)...and almost NO OTHER RACIAL MAKEUP to this school! As 'exposed' by TV reporter Emilio Guillermo on his PBS, KQED channel 9, show, "New California Media"...a show ABOUT minorities! And further, these kids' parents mostly got here about nine years ago from China, so the kids could possibly be CHINESE PASSPORTED ILLEGAL ALIENS! (Although speaking real good "GI JOE" ENGLISH!..ie, Rap Music,etc they are nevertheless NOT CITIZENS BY BIRTHand the PARENTS ARE MOST PROBABLY "WETBACKS"? So? Well, this old world can change till it's blue in the face- but the Copyright Laws which we created and upon which for instance the Swiss laws have their basis, and the 'new media' which we hear so much about-they're ALL in the end based on Library of Congress & US CONSTITUTION so it is in THIS MANNER in which AMERICA can best help the rest of the world, and cure the "Digital Divide!" However, NO ONE WANTS TO WORK FOR FREE...especially the truly gifted, as they are ALWAYS 'giving away freebies' here and there as they go along their merry way, at one point or other they must draw the line at PIRACY & INVASION of PRIVACY! I'm going to tell it "LIKE IT IS!" I am a US CITIZEN. My family has resided continuoulsy in this neighborhood for over a century. We helped in both the creation of this City, and pioneering the West we have NOTHING to "APOLOGISE FOR' to ANYONE! EVER! So, with that in mind, there are few things which honest people anywhere can tolerate, and one is ESPIONAGE...whether it be IDENTITY THEFT or stealing "SECRETS" concerning one's National Security, no one can stand such a sneak! But, it is all the more important that we nip the IDEA of this kind of "1984" in the bud immediately, as the whole INTERNET itself must be controlled by those who "OWN" it! YES, the 'Net is INDEED still "AMERICAN OWNED & OPERATED!" The only question is which portions are "PRIVATE" and which are "PUBLIC." Now, to the 'touchy' part of the message, and please understand this in the way it was intended for all to "grok" who are "REASONABLE!" What if ALL OF A SUDDEN...we got a new government? What if they said; "You can relax now, and forget all of that 'Politically Correct' NONSENSE!" Wouldn't you blow the old welcome 'sigh of relief?'"Wheew!" HONESTLY? Okay! Then believe me when I tell you, that that is ABOUT what may happen sometime soon, BECAUSE the "BUSINESS of the INTERNET"...CANNOT tolerate 'Computer Hackers!' And there is a storm gathering on the 'cyber-space horizon' where-in, the Clinton administration, with it's ineffectual & antiquated Federal 'Communications' Commission ( the guy that wrote 'The Godfather' has the same intitials! By coincidence, that 'says' ALOT!) and misunderstanding of the situation throughout the Far East, has built a house of Yellow Jackets, and will have to either com
Re: A thought about patents
John; > > We can have servers outside of US and there is no legislation (even > > under US laws. note that the servers can serve yet another countries) > > to make the servers illegal. > > Mmm...that sounds like a grey area. A company using patented tech to do > business in the US may be subject to US law even if the tech is not resident > in the US (under the same sort of theory used against Internet gambling). Legislation logic around patent does not allow US patents applicable to servers outside of US. If US tries to change its law, companies in US may be affected by US laws, which will drive servers and companies away from US. > Even if it's not true in the general case, a sufficiently expensive lawyer > might be able to convince the court that, since the Internet makes location > irrelevant, the location of the infringement is irrelevant. that US patents are applicable even if both servers, clients and network inbetween are all located outside of US? Masataka Ohta
[Fwd: RMONMIB WG interim meeting announcement]
Hi, The RMONMIB WG intends to hold an interim meeting to work on all aspects of the new charter. This includes: - Application Performance Monitoring (APM) - Transport Performance Metrics (TPM) - User-Defined TopN Monitoring MIB (UsrTopN) - DIFFSERV Monitoring MIB (DS-MON) Meeting Dates: Monday, May 15 9am - 6pm Tuesday, May 16 9am - 6pm Location: (Meeting Site TBD) San Francisco or San Jose, CA Sponsor: A sponsor or co-sponsors are needed to host this meeting. A hotel meeting room is preferred, but corporate facilities will be good enough. Please contact me at [EMAIL PROTECTED] if you can help.
RE: MPLS and Private Network
Title: MPLS and Private Network David Wang writes: A company consists of 2 remotely separated sites, A and B. A leased T1 line connects the networks on these 2 sites together. We generally call the company's network a private network since the connection between the 2 sites are private leased line. Now the service provider replace this leased T1 line with a 1.544 mbps MPLS LSP (Label Switched Path). Is this company's network still a private network? Is it still as secure as it was before ? why ? We know that the MPLS LSP has gone through many LSR (Label Switch Router) and has been manipulated by the service providers. But the leased T1 line has been manipulated by the service providers too. The signal may be multiplex into DS3, OC-3, OC-12, OC-48, OC-192 then de-multiplex back to OC-48, OC-12, OC-3, DS3, DS1. If the carrer backbone network is seggregated as before, the signalling or forwarding mechanism used in the core network shouldn't make any difference to you. Security and throughput should remain same. Cheers, --brijesh
recommendation against publication of draft-cerpa-necp-02.txt
I am writing to request that the RFC Editor not publish draft-cerpa-necp-02.txt as an RFC in its current form, for the following reasons: 1. The document repeatedly, and misleadingly, refers to NECP as a standard. I do not believe this is appropriate for a document which is not on the IETF standards track. It also refers to some features as "mandatory" even though it's not clear what it means for a non-standard to have mandatory features. 2. A primary purpose of the NECP protocol appears to be to facilitate the operation of so-called interception proxies. Such proxies violate the Internet Protocol in several ways: (1) they redirect traffic to a destination other than the one specified in the IP header, (2) they impersonate other IP hosts by using those hosts' IP addresses as source addresses in traffic they generate, (3) for some interception proxies, traffic which is passed on to the destination host, is modified in transit, and any packet-level checksums are regenerated. IP allows for the network to delay, drop, or duplicate IP packets, as part of a best effort to route them to their intended destination. But it does not allow the above practices. This document implicitly treats such behavior as legitimate even though it violates the primary standard on which all Internet interoperability depends. 3. Aside from the technical implications of intercepting traffic, redirecting it to unintended destinations, or forging traffic from someone else's IP address - there are also legal, social, moral and commercial implications of doing so. In my opinion IETF should not be lending support to such dubious practices by publishing an RFC which implicitly endorses them, even though the authors are employed by major research institutions and hardware vendors. 4. Furthermore, while any of the above practice might be deemed "morally" acceptable in limited circumstances (such as when the interception proxy is being operated by the same party as the one which operates the host being impersonated) in general these are very dangerous. There have been numerous cases where network elements employing practices similar to the above have been demonstrated to harm interoperability. (e.g. there is a widely-used SMTP firewall product which breaks SMTP extension negotiation, and a traffic shaping product was recently found to corrupt data in TCP streams generated by certain kinds of hosts) This document contains language touting the benefits of NECP but very little language describing the danger of using the above techniques which NECP was designed to support. Where the document does mention the problems, it is misleading or incomplete. For example, the Introduction says However, it [an interception proxy] can cause problems: users have no way to go directly to origin servers, as may be required in some cases (e.g., servers that authenticate using a client's source IP address). The proxy has a high-level understanding of the application protocol; it can detect these cases and decide which flows should be cut through to origin servers. The latter sentence is a false assertion - even though the proxy has a high level understanding of the protocol, the proxy is not generally able to determine when cut-through is required. For example, the service being impersonated by the interception proxy may have uses for the client's source address which are outside of the protocol being intercepted and for which the proxy cannot be knowledgable. Such uses may be both active (in that they involve attempts to establish other traffic between the origin server and the client, or between the client and other hosts on the network), or passive (in which the origin server uses the client's IP address without attempting to communicate with it), or even deferred (in which an attempt is made to communicate with the client's IP address at a later time). In addition, the *user* may have a requirement for his client to talk directly to an origin server, or the content provider may have a requirement for the origin server to talk directly to a client, simply because they expect communications integrity. By its very nature an interception proxy ignores the requirements of the user and/or the content provider. The document refers to two other documents which it says further describe the dangers of interception proxies: "Internet Web Replication and Caching Taxonomy" [reference 3], and "Known HTTP Proxy/Caching Problems". Both of these appear to be works in progress, and the latter document does not even have a reference. Until such documents are published, or at least until they are deemed ready for publication by their creators, it is impossible to evaluate whether they contain sufficient and accurate information to inform readers of the NECP document about the dangers of interception proxies. 5. While in one sense NECP is an attempt to alleviate some of the harm done by intercep
Re: A thought about patents
Masataka Ohta wrote: > We can have servers outside of US and there is no legislation (even > under US laws. note that the servers can serve yet another countries) > to make the servers illegal. Mmm...that sounds like a grey area. A company using patented tech to do business in the US may be subject to US law even if the tech is not resident in the US (under the same sort of theory used against Internet gambling). Even if it's not true in the general case, a sufficiently expensive lawyer might be able to convince the court that, since the Internet makes location irrelevant, the location of the infringement is irrelevant. -- /==\ |John Stracke| http://www.ecal.com |My opinions are my own.| |Chief Scientist |=| |eCal Corp. |Among animals, it's eat or be eaten. Among | |[EMAIL PROTECTED]|people, it's define or be defined. | \==/
Re: A thought about patents
Brijesh Kumar wrote: > Granting of patents only means that a person grated a particular patent > was first to make "a claim" about the novelty of an idea or technique > as far as the patent office knows on the basis of "previous claims submitted > to it.". At least in the US, at least sometimes, the examiners do at least some literature search. I remember being involved in a patent where the examiner sent it back with an article clipped from the trade press. -- /==\ |John Stracke| http://www.ecal.com |My opinions are my own.| |Chief Scientist |=| |eCal Corp. |Among animals, it's eat or be eaten. Among | |[EMAIL PROTECTED]|people, it's define or be defined. | \==/
MPLS and Private Network
Title: MPLS and Private Network Dear Friends, A company consists of 2 remotely separated sites, A and B. A leased T1 line connects the networks on these 2 sites together. We generally call the company's network a private network since the connection between the 2 sites are private leased line. Now the service provider replace this leased T1 line with a 1.544 mbps MPLS LSP (Label Switched Path). Is this company's network still a private network? Is it still as secure as it was before ? why ? We know that the MPLS LSP has gone through many LSR (Label Switch Router) and has been manipulated by the service providers. But the leased T1 line has been manipulated by the service providers too. The signal may be multiplex into DS3, OC-3, OC-12, OC-48, OC-192 then de-multiplex back to OC-48, OC-12, OC-3, DS3, DS1. Please help me if you know the answers. Thanks David
Re: Privacy & law
Salvador Vidal <[EMAIL PROTECTED]> wrote: >I think that as much conflicts that can be solved without the traditional >way: regulation + represion = burocracy + injustice, will be better for users. >But on privacy questions we can try first to give technical solutions, i.e. >ways to follow stamped data to oversee companies behavior and then inform >users about it automaticaly when they get in contact with these >companies,..., well I don´t know which utilities will work, but I think is >worthy to try some before being driven to legal solutions that only will be >able to reapir damages not to avoid them. I think that we are in front of the progress ´s victory over the politics 's ideas. See the advance of technology like a flood and the politics like a glass. The humanity is really in front of the product of the knowledge of some persons and is trying to save your houses of the flood with a small glass. That bring an inevitable break of the actually concepts about the limits and jurisdictions of the law. Some countries(goverments) are afraid to lose the domain on commerce and in a future they will take acctions(any action!!) to regulate all in this actually paradise of finances. Martin Montenegro
Re: A thought about patents
Check with the lawyers, but I think that you will find that this is strictly a US view of patents. In every other country any public disclosure anywhere immediately voids the right to patent. Even NDA disclosure can be tricky, because an offer for sale counts as a disclosure. Stewart Doug Royer wrote: > > "David L. Nicol" wrote: > > > > After publishing your idea somewhere, for public critique, you have > > a year to file your patent application. After that it becomes a > > public prior art. > > > > Am I wrong? > > Or if it is a little past a year, and you can show that you > have done your best - you can also get the patent. It's not > a hard set time limit. > > -Doug