-- some of these tactics were exposed in the Snowden
revelations. Anonymous participation could allow these groups to perform
such sabotage in untraceable ways, which is obviously not desirable.
I think this issue of anonymous participation is worth discussing.
-- Christian Huitema
On 4/17/2022
tions are only drafted in very vague terms in the draft. I really wonder
whether we should go define a complete pairing protocol. Is that in-charter
for DNS-SD? What about competing with existing solutions over Bluetooth,
Wi-Fi, and certainly many more?
-- Christian Huitema
___
of individual words, when
responses are grouped into themes, the largest block of answers ties to
concepts of security, safety, and protection. For many others, notions of
secrecy and keeping things 'hidden' are top of mind when thinking about
privacy.
-- Christian Huitema
This RFC defines an IP header option for security options. The options enable
hosts to mark their traffic as belonging to a particular security level.
Presumably, secure routers will ensure that traffic marked with a specific
security option is contained within a network that meets the
...@ietf.org] On Behalf Of
Christian Huitema
Sent: Wednesday, May 21, 2014 9:10 PM
To: ietf-privacy@ietf.org
Subject: [ietf-privacy] PPM Review of RFC 1108
This RFC defines an IP header option for security options. The options
enable hosts to mark their traffic as belonging to a particular security
one at random and write a provisional ticket in
https://trac.tools.ietf.org/group/ppm-legacy-review/wiki ?
-- Christian Huitema
___
ietf-privacy mailing list
ietf-privacy@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-privacy
providers make some
business by selling personal servers, or maybe personal virtual servers? Maybe
I am a dreamer, but hey, nothing ever happens if you don't dream of it!
-- Christian Huitema
-Original Message-
From: ietf-boun...@ietf.org [mailto:ietf-boun...@ietf.org] On Behalf Of Brian E
Carpenter
Sent: Thursday, September 19, 2013 9:55 PM
To: IETF discussion list
Subject: [Fwd: I-D Action: draft-carpenter-prismatic-reflections-00.txt]
I got my arm slightly twisted to
would allow distribution of data at multiple location, managed by
different commercial companies and covered by different legal authorities.
3) Require security sections of new RFC to include mass surveillance in their
threat model and consider mitigations.
-- Christian Huitema
Why bother with RFID tags, or badges? Simply register with your cell phone.
We can then scan your Wi-Fi and Blue-Tooth signals when you approach the mic.
-- Christian Huitema
'Simply'
What is this simple technology of which you speak? I find that the best we
can do with electronic
bother with RFID tags, or badges? Simply register with your cell phone. We
can then scan your Wi-Fi and Blue-Tooth signals when you approach the mic.
-- Christian Huitema
someone working full-time
on the IESG. Now, having to work full time is a bit much for a volunteer
position, and we may want to consider ways to remedy that.
-- Christian Huitema
sense to assess the filtering effect of each step
independently, and in particular to assess the nomcom by comparing the pool of
WG chairs to the selected nominees.
-- Christian Huitema
minute details, even though there are dozens of equally
good ways to achieve the same result. The net result of such over-specification
is that developers will discard the spec as arrogant, and implement what they
fell like implementing.
-- Christian Huitema
system meets certain condition, like
stable interface identifiers.
I would also explain the inherent issues that have to be solved, e.g., swapping
interfaces, or enabling multi-homed hosts. And I would observe that the DAD
problem cannot be solved ina reliable way.
-- Christian Huitema
guidelines than to merely mandate an implementation.
-- Christian Huitema
would certainly be much easier if the time commitment required
from volunteers was not so large.
-- Christian Huitema
if their connectivity happens to use IPv6.
-- Christian Huitema
Melinda is right about the gatekeeping role of the IETF. I have personally
experienced that several times. Negotiating that gatekeeping may well be the
hardest part of getting a work started. And it mostly has to do with one's
capacity to convince the relevant AD of the value of the work.
This
Memorials are for the living. The dead typically have ceased to care.
I don't know what a simple listing will achieve. The war monuments that Ted
mention sort of educate the living by reminding them of the massive sacrifices
that wars cause. Just listing a bunch of names will not help all that
Very useful document, certainly worth publishing. It is one of those documents
that needs frequent updates.
RFC 6052, IPv6 Addressing of IPv4/IPv6 Translators, makes reference to a
predecessor of this document, stating in section 3.1 that The Well-Known
Prefix MUST NOT be used to represent
to any hacker who
sneaks his way into our database?
5) How long do we keep the information? Why?
6) How do we dispose of the expired information?
These look like the right questions to the IAOC.
-- Christian Huitema
point out many avenues of
actions open to the area directors or the IESG. They can of course send the
offending draft standard to the WG. They can refuse publication. They can
change the WG leadership. They can even dissolve the WG. This is the point
where advice is useful.
-- Christian Huitema
that cover all hypothetical developments, I
would suggest a practical approach. In our process, disputes are materialized
by an appeal. Specific legal advice on the handling of a specific appeal is
much more practical than abstract rulemaking.
-- Christian Huitema
-Original Message
, but that is not a mechanism. Ergo, if we were to make that
allocation, it will become unusable for your stated purpose in a very short
time.
I think that's not a very good idea. I would rather not see that allocation
being made.
-- Christian Huitema
.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf
Do we have an official web page listing the timings of the ASCII text RFC
discussions? It ought to tell us something about the state of the IETF...
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf
that presentations are readable 50 years
from now, and do not embed some kind of malicious code, we might stick to ASCII
text, right?
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf
oversights.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf
I will be a bit more direct than Keith.
There is no such thing as no leakage. These addresses will leak, no matter
how well you believe you are isolated. Indeed, the issues posed by similar
leakage were one of the main argument developed in RFC 3879, Deprecating Site
Local Addresses.
We see
IPv4
to IPv6. I understand that many actors are anxious and waiting for some kind of
fix. This is a common scenario for making substantial mistakes...
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo
6rd addresses a different problem than 6to4.
6to4 is a global solution, that relies on pretty much every native IPv6
provider deploying 6to4 relays. If these relays were really well deployed and
reliable, 6to4 would allow any router with a native IPv4 address to provide
IPv6 connectivity to
and 3068 and
convert their status to HISTORIC. It will also contain a new section
describing what it means for RFCs 3056 and 3068 to be classified as HISTORIC.
The new section will say that:
I do not think this is a good idea, and I am certainly not part of the
consensus.
-- Christian
It seems that we have wide consensus to publish the advisory document, not so
much for the 6to4 historic part. Can we just publish the advisory and be done
with this thread?
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https
.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf
.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf
numbers may delay a competitor's
products. The best protection against shade is sunlight.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf
. It is now defined in relation to
the speed of light, itself set as 299,792,458 meters per second.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf
In the old days, you would get a bar BOF by rounding up a few buddies and
paying for the drinks. I suppose that you can still do that, and don't need to
get the secretariat involved!
-- Christian Huitema
-Original Message-
From: ietf-boun...@ietf.org [mailto:ietf-boun...@ietf.org
The issue would be a whole lot easier to resolve if we had an agreed upon
algorithm for the non security usages. CRC64 comes to mind.
-Original Message-
From: ietf-boun...@ietf.org [mailto:ietf-boun...@ietf.org] On Behalf Of Eddy,
Wesley M. (GRC-MS00)[ASRC AEROSPACE CORP]
Sent:
, or address+port pairs, are redefined as mere
lcators.
Obviously, this only works for new applications, or new application releases.
But if application developers really believe they will benefit from the split,
they can do it.
-- Christian Huitema
Classic:
IP over everything
(dog optional)
-Original Message-
From: ietf-boun...@ietf.org [mailto:ietf-boun...@ietf.org] On Behalf Of Mark
Nottingham
Sent: Monday, August 16, 2010 8:05 PM
To: Fred Baker
Cc: wgcha...@ietf.org; ietf@ietf.org
Subject: Re: IETF Logo Wear
That's going to
only. If we have a dark
colored shirt, then they only let printing on the front.
Can we make sure that the shirts are ASCII only?
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf
they really have something to hide will be conspicuous.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf
message, The job of a registry is to maintain the association of objects with
identities. If the WG wants to specify mandatory-to-implement functions or
algorithms, the proper tool is to write an RFC.
-- Christian Huitema
___
Ietf mailing list
Ietf
-03.txt ipr=trust200902
obsoletes=2765
Any idea why?
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf
: ietf-act...@ietf.org [mailto:ietf-act...@ietf.org]
Sent: Thursday, December 24, 2009 1:20 PM
To: Christian Huitema
Subject: Confirm:
ietf-act...@ietf.org:phQqLmSzPbBA:BttiZVJDKqxGAJxkqjzyRLPoJnA_T9FrS9ksVw
Confirmation of list posting -- confirmation ID: phQqLmSzPbBA
The ietf.org mailing-list
down the cost of the
transatlantic connection. Deregulation drove down the price of the French
connection. Deregulation also boosted the availability of the Internet in
France.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https
an authoritative answer. But that means using large
numbers instead of short friendly names, and thus is not very user-friendly.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf
with a domain, it
can memorize that domain's public key. This kind of peer-to-peer improvement
makes the domain-to-domain or host-to-domain DNSSEC service immune to attacks
by nodes higher in the hierarchy.
-- Christian Huitema
___
Ietf mailing list
to a specific IP address. Doing that ensures that packets sourced by the
application will use the specified address, will go out through the interface
corresponding to that address, and will use the default gateway associated with
that interface.
-- Christian Huitema
using the CHANGE-ADDRESS attribute, which does not have the
same potential for abuse. Besides, if you really want to send packets from
outside the local network towards arbitrary destinations, you can use TURN.
-- Christian Huitema
___
Ietf mailing list
, you can also use GUID,
essentially a 128 bit random number. Open extensibility with OID, URL or GUID
is, in my opinion, a better design than relying on registries for number
allocations.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https
...
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf
This discussion of IPR seems to be running in circle. Can't we switch to
something else, e.g. whether RFC could be written in some other format than
ASCII text?
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman
between identifiers and locators, the
business reality will still be there. We will end up with separate identifiers
for the different provider contracts, and applications, or the transport
layers, will have to arbitrage between these contracts.
-- Christian Huitema
not sure that
we should place too much emphasis on the name of physical entities like
Christian's laptop. What if the application process migrates from my laptop
to my desktop?
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https
written when you were working for ACC. This is a fairly
common situation among us. I have written RFC as an employee of INRIA,
Bellcore/Telcordia, and Microsoft. Just curious, did you check with whoever
bought ACC's intellectual property rights?
-- Christian Huitema
in the appendix of the previous rules, RFC 1310 published
in 1992.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf
...
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf
, not to
mention recognize cases of a single host using the same host ID on multiple
subnets.
Of course, Iljitsch points an interesting issue. If NAT66 behaves exactly like,
say, NAT 64, then why would the organization bother to use IPv6 rather than
sticking with net 10?
-- Christian Huitema
the organization bother to
use IPv6 rather than sticking with net 10?
Services like Microsoft DirectAccess?
Direct Access certainly does not require that enterprises deploy NAT66...
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https
setting body, hiding identities is not necessarily something we want to
encourage. What are the implications for our standard process? What about
copyrights and patents?
-- Christian Huitema
___
IETF mailing list
IETF@ietf.org
https://www.ietf.org
. This is causing a rift
in the working groups within the area. I would follow the area
consensus that we should outlaw rice in beer and thus my
appointment as new area director would achieve peace and
harmony within the area.
Why should such a statement be confidential?
-- Christian Huitema
to incorporate a large amount of document parsing code, and would most
probably become a target for their own parsing bugs. Of course, no amount of
electronics will protect against users intent on downloading a very special
media player...
-- Christian Huitema
: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Hallam-Baker,
Phillip
Sent: Friday, February 15, 2008 10:10 AM
To: Christian Huitema; Spencer Dawkins; Iljitsch van Beijnum; [EMAIL PROTECTED]
Cc: ietf@ietf.org
Subject: RE: IPv6 NAT?
Ok you tell me in less than a page how someone can use just
or business judgments from the IESG. After
all, one should assume that the participants who are expressing interest did
their homework, business plans and the like.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman
warnings like that to
get them to move.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
mail, file servers, or intranet
servers, and for external applications, mostly web based. It worked, but it had
to rely on a set of transport proxies for those internal applications that were
not yet IPv6 ready, and of course web proxies for internal access.
-- Christian Huitema
to a specified host and
port. This function is provided to allow a quick connection to a network
endpoint given a host name and port. This function supports both IPv4 and IPv6
addresses.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https
to dictionary attacks.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
. And in your own house, you might consider forms of social
control, as in OK, you hacked my computer, give me the keys of your
car...
Frankly, I don't see users managing subnets any time soon.
-- Christian Huitema
___
Ietf mailing list
Ietf
in the registries.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
, to a reactive body that mostly aims at
controlling evolution of the Internet. Is that really what we want?
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
with a pre-computed catalog. However, current dictionary
attacks do not need to rely on pre-computation, since a modern PC can
compute more than a million MD5 hashes per second. So, yes, DIGEST-MD5
has essentially the same issue.
-- Christian Huitema
-MD5 are simply too weak to be used on the Internet. They are
subject to dictionary attacks, which can retrieve the password in a very
short time. They don't deserve much more than documentation for
historical purpose.
-- Christian Huitema
___
Ietf
-Original Message-
From: Frank Ellermann [mailto:[EMAIL PROTECTED]
Sent: Thursday, September 07, 2006 7:49 PM
To: ietf@ietf.org
Subject: Re: RFC 2195 (Was: what happened to newtrk?)
Christian Huitema wrote:
both Steve Bellovin and I presented the issues with such
techniques
capabilities. In short, ASN.1 is vastly
more complex that the average TLV encoding. The higher rate of errors is
thus not entirely surprising.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
,
after all, only requires a layer of indirection. We can certainly
engineer that!
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
with the number of core routers.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
registration system, so application developers can
easily do the right thing, i.e. reserve a port and avoid collisions.
Note the emphasis on easily accessible: if there are too many hoops to
jump through, the developers will likely just pick a number at random.
-- Christian Huitema
to change over time, e.g. when templates change. You
want to archive the final result, not the initial input.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
revisions. An XML format is going
to be much less stable than the current status!
As a preparation tool, XML2RFC is probably OK. But it cannot be as
stable and future proof as ASCII text as a final product format.
-- Christian Huitema
___
Ietf mailing
they would not be breaking any regulation.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
interfaces, and not
through others. To be sure, systems end up sending the requests on
multiple interfaces.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
name as it move to
different locations. There were ample debates of this point in the
working group, and the decisions to not creating special names and
not linking names to topology do reflect WG consensus.
-- Christian Huitema
___
Ietf mailing list
Ietf
that use in applications.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
this knowledge in the local name servers, thus avoiding undue
traffic to the root servers without risking interop issues and name
conficts in local naming plans.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
?
For those interested in self training, I recommend the book Writing
Secure Code, Second Edition by Michael Howard and David LeBlanc
(http://www.microsoft.com/mspress/books/5957.asp).
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1
available for numbering both the hop by hop
and the end to end options. That makes for a grand total of 32, of which
three are assigned by basic IPv6 specs. So, there really are good
reasons to be somewhat conservative with the assignments.
-- Christian Huitema
should not lure clients to
accept challenges from unauthenticated servers.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
as more efficient
than complete fragmentation. On the other hand, there is no excuse for
delays created by bureaucratic processes and arbitrary pocket vetoes.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman
the best possible job for the duration of
your mandate, then voluntarily withdraw and let someone take the next
watch.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
, which in my
mind is too long. As you point out, in practice, people tend to not stay
much longer than 4 years -- and we should thank them for serving even
that long. There were a few examples of AD serving for 10 years or more,
it is not the case anymore, and that is very well.
-- Christian Huitema
of every country outside the European Union --
including the US. Do you see the parallel with the current US
legislation?
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
requires being a little bit more proactive. Keeping
the version number while changing the prefix is probably a good idea.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
, there
should be some kind of automatic exemption, maybe by allowing drafts to
use an N+1 version number.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
Could you please pursue this rather technical discussion on a
specialized list, rather than the main IETF list?
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
1 - 100 of 190 matches
Mail list logo
