Re: DANE of SMTP Survey

2021-06-11 Thread John Levine
It appears that Tom Ivar Helbekkmo via NANOG said: >John Levine writes: > >> I have signed all 300 zones on my DNS servers, but only about half of >> them have working DNSSEC because there is no practical way to install >> the DS records. > >Sounds like ICANN, havin

Re: Google uploading your plain text passwords

2021-06-11 Thread John Levine
then they have access to my plain text >passwords. Everything else is semantics. I tried it in Firefox. I can log into my Google account with my Google password and see the saved passwords but unless Firefox is doing some impressively sophisticated content snooping, it can't do anything with

Re: DANE of SMTP Survey

2021-06-11 Thread John Levine
It appears that Tom Ivar Helbekkmo via NANOG said: >Jeroen Massar via NANOG writes: > >> No, not even kidding. For many organisations DNSSEC is 'scary' and a >> burden as it feels 'fragile' for them. > >Unfortunately, yes. And those of us who use it know that this is a >myth. With modern

Re: QUIC, Connection IDs and NAT

2021-05-31 Thread John Levine
It appears that Robert Brockway said: >Does the existence of Connection IDs separate from IP mean that >the host/IP contention ratio in CGNAT can be higher? IE, can a single >CGNAT device provide Internet access for a greater number of end-users? No, QUIC runs over UDP which runs over IP.

Re: Malicious SS7 activity and why SMS should never by used for 2FA

2021-04-19 Thread John Levine
It appears that William Herrin said: >> If a key fob can be sent to them - preferably for free - that would help. > >Hint: carrying around a separate hardware fob for each important >Internet-based service is a non-starter. Users might do it for their >one or two most important services but yours

Re: Texas ERCOT power shortages (again) April 13

2021-04-14 Thread John Levine
an rest of the system but nontheless were providing slightly more power than Ercot expected while the grid collapsed. So, yeah, if you're in Texas, better make your own arrangments because the state is paralyzed. -- Regards, John Levine, jo...@taugh.com, Primary Perpetrator of "The Int

Re: Texas ERCOT power shortages (again) April 13

2021-04-14 Thread John Levine
It appears that Mark Tinka said: >On 4/14/21 13:35, Billy Croan wrote: >> Sounds like we all need to start keeping a few days reserve of energy >> on hand at home now because the utilities can't be trusted to keep >> their system online in 2021. If you're in Texas, yes, and for other reasons

Re: IP reputation lookup (prefix not single IP)

2021-03-26 Thread John Levine
It appears that Elvis Daniel Velea said: >There are a handful of blocklists that will list the whole block (that >may be a /24 or even a /16) - Spamhaus is an example. No, they don't. Spamhaus may expand a listing to a /24 or bigger when they see a pattern of abuse from a network but the SBL

Re: Perhaps it's not time to think about enhancements to the NANOG list...?

2021-03-20 Thread John Levine
It appears that Mike Hammett said: >-=-=-=-=-=- > >That seems like a reasonable proposal. NANOG-OffTopic, NANOG-Discuss, >NANOG-BizDev, NANOG-xyz, something (more more than one something). Having been around this barn a few times, I can promise you that won't work, because threads will never

Re: Newbie Question: Is anyone actually using the Null MX (RFC 7505)?

2021-02-26 Thread John Levine
In article you write: >Hmm right... Somehow I tought that having that special Null MX >will silently discard message... I dont know why... > >So, RFC 7505 is pretty much even pointless in my opinion. >You have to do more.. to pretty much achieve the same.. >Its just easier to not having MX on

Re: Newbie Question: Is anyone actually using the Null MX (RFC 7505)?

2021-02-26 Thread John Levine
In article you write: >1. Is there anyone actively using this Null MX? If so, may I please see >that actual record line (in BIND zone file format) just to satisfy myself >that I wrote mine correctly? Yes. services.net. 3600IN MX 0 . >2. Which one makes more sense from the

Re: Nice work Ron

2021-01-22 Thread John Levine
In article <2debf180-f514-4183-afa5-6e0cf9a73...@isc.org> you write: >If 40% of address are used in LACNIC, 30% in APNIC and 30% in RIPE then the >majority of addresses by region >are in the LACNIC region. Most of us would call that a plurality. Majority means more than half. What does this

Re: tiny gorillas, was opportunistic email encryption by the MTA (not MUA)

2021-01-15 Thread John Levine
In article you write: >It's a real pity that there appears to be no real-world >use/implementation of RFC8689. I implemented RFC8689 as soon as Jim proposed it. My MTA recognizes the REQUIRETLS option and then ignores it. A lot of people who really should know better imagine that they can

Re: Looking for hosted SMTP service for small ISP

2021-01-14 Thread John Levine
In article <670aea8b-ef34-6450-32f1-725ce6de7...@gmx.net> you write: >But a handful of customers rely on our SMTP server for outgoing e-mail. >Currently we host this our self with a physical box. But I would like to >have a hosted solution so that I don't have to worry about keeping up >with

Re: Re Parler

2021-01-14 Thread John Levine
In article <70e9-8be1-483c-8e49-e9cda6b4a...@beckman.org> you write: >Parler also has an excellent antitrust case, as the idea that three companies >would simultaneously pull the plug on >their services for a single common customer is going to be hard to explain to >a judge. Aw, come on.

Re: shouting draft resisters, Parler

2021-01-11 Thread John Levine
In article <35226213b6fcdc4a9c94f0bf30472...@mail.dessus.com> you write: > >That would make me wonder how many cases there have been of someone >"shouting fire in a crowded theatre" where there was no fire and at >least one person died as a result; ... Probably none. That metaphor was used by

Re: the tiny domain business, not a utility, was Parler

2021-01-11 Thread John Levine
in the ballpark of $5 billion/year. By comparison, that's about what Google makes every 10 days or what Apple makes every week. Verisign is a highly profitable fish in a tiny pool. -- Regards, John Levine, jo...@taugh.com, Primary Perpetrator of "The Internet for Dummies", Please conside

Re: more bad lawyering about Parler

2021-01-11 Thread John Levine
In article you write: >Well, for example, Oberdorf v. Amazon.com, No. 18-1041 (3rd Cir. July >3, 2019) which found that Amazon was a seller of goods and not merely >hosting information about a third party's sale, and thus subject to >product liability law for the product that was sold. But in

Re: more bad lawyering about Parler

2021-01-11 Thread John Levine
In article you write: >> Sigh. This is false. 100% false. It is the exact opposite of what 47 >> USC 230 really says. Also, it's the CDA, not the DMCA. > >Hi John, > >I conflated some of the DMCA safe harbor stuff with the CDA publisher >stuff. My bad. > >I stand by the gist of what I said

Re: more bad lawyering about Parler

2021-01-10 Thread John Levine
In article you write: >With private organizations it gets much more complicated. No >organization is compelled to publish anything. But then section 230 of >the DMCA comes in and says: if you exercise editorial control over >what's published then you are liable for any unlawful material which

Re: do we know what laws apply to Parler

2021-01-10 Thread John Levine
In article <2ab9a074-bb67-4e75-1db1-2c7fff87f...@rollernet.us> you write: >On 1/10/21 4:00 PM, Eric S. Raymond wrote: >> sro...@ronan-online.com : >>> While Amazon is absolutely within their rights to suspend anyone they want >>> for violation of their TOS, it does create an interesting >problem.

Re: Parler

2021-01-10 Thread John Levine
In article <474fe6a6-9aa8-47a7-82c6-860a21b0e...@ronan-online.com> you write: >When I actively hosted USENET servers, I was repeatedly warned by in-house and >external counsel, not to moderate which groups I hosted >based on content, less I become responsible for moderating all groups,

Re: not a utility, was Parler

2021-01-10 Thread John Levine
In article you write: >-=-=-=-=-=- >Unless the courts rule or the legislators enact legislation making them a >public utility. In legal circles there is a theory that >platforms like Facebook, messaging services, etc. might achieve such >importance to public life and discourse as to merit

Re: Parler

2021-01-10 Thread John Levine
In article <64d1fe99-a464-8867-92d5-8b1354963...@bryanfields.net> you write: >1. When should a contracted provider be able to discontinue service with >little to no notice to the customer if they find their content distasteful? Whatever the contract says, of course. >2. Where do we expect legit

Re: Parler and the total legality of content moderation

2021-01-10 Thread John Levine
In article <469b70b8-b1f5-bef7-5c03-b1e5d8b2c...@meetinghouse.net> you write: >-=-=-=-=-=- > >That's my understanding as well, from years of hosting email lists.  As >soon as one starts moderating, the rules change, and immunity goes away. Thanks for bringing it up, because that understanding is

Re: [External] Re: 10g residential CPE

2020-12-26 Thread John Levine
In article <653758700.2275.1608968920711.javamail.zim...@baylink.com>, Jay R. Ashworth wrote: >- Original Message - >> From: "John Levine" > >> They sure seem ready to take down the oopper. The installer was sad >> when I told him to leave my

Re: [External] Re: 10g residential CPE

2020-12-25 Thread John Levine
In article <5f11bc55-e3d1-006d-c4c4-0703ff63c...@mtcc.com> you write: >> The obvious guess is that their upstream bandwidth is >> underprovisioned, or maybe they figure 100/100 is all they need to >> compete in that particular market. > >What's weirder is that it's most likely not going to allow

Re: [External] Re: 10g residential CPE

2020-12-25 Thread John Levine
can get it goes to 940/880. The obvious guess is that their upstream bandwidth is underprovisioned, or maybe they figure 100/100 is all they need to compete in that particular market. -- Regards, John Levine, jo...@taugh.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. https://jl.ly

Re: [External] Re: 10g residential CPE

2020-12-25 Thread John Levine
In article you write: >I'm fine with "free stuff". But it seems we've hit saturation on a >number of front like camera and screen pixels, ghz of cpu, TB's of disk, >Gb's of netio for residential stuff. > >My provider on the other (Volcano Internet) doesn't seem to have got >this memo though.

Re: Don't need someone with clue @ Network Solutions.

2020-12-15 Thread John Levine
In article <20201215174646.ga970...@jurassic.vpn.malgudi.org> you write: >You or someone else who owns crocker.com appears to have created these >nameserver objects (these are not a part of DNS, except that they may >show up as glue) in the registry: Right. When I query the .COM zone servers,

Re: Changing DNS host records

2020-12-11 Thread John Levine
In article <20201211194255.gk2...@frotz.zork.net> you write: >Matthew Crocker writes: > >> I have many customers that have registered their domains against my >> authoritative servers (DNS-AUTH3.CROCKER.COM).I need to move that >> machine to a different >network/IP address.I’ve made the

Re: Weather Service faces Internet bandwidth shortage, proposes limiting key data

2020-12-10 Thread John Levine
f its data from the NWS, then uses its own methods to make their forecasts. So they want to cripple the front end of the NWS but not the data gathering back end. But I do agree that this problem sounds like one that could be solved with a couple of phone calls to Cloudflare or Akamai and very l

Re: att or sonic "residential" fiber service at a "nontraditional" residence.

2020-11-01 Thread John Levine
decided on the equities of the pricing.) You might want to check and see what the rules are. Here in NY, churches and I think some other non-profits get residential rates for phone service. -- Regards, John Levine, jo...@taugh.com, Primary Perpetrator of "The Internet for Dummies", Ple

Re: Vint Cerf & Interplanetary Internet

2020-10-22 Thread John Levine
In article <9ed99fde-19f1-96cc-1021-3420dc492...@mauigateway.com> you write: >More like IP to Nokia's new cell network on the moon: Ah, right. There was news about that earlier this week: https://www.theonion.com/nasa-builds-4g-tower-on-moon-tastefully-disguised-as-pi-1845414052 R's, John

Re: curious spam...

2020-09-14 Thread John Levine
In article you write: >I moved to Seattle. Today I found my grmail box subscribed to a >congressman's list from a nearby Washington jurisdiction. Not some >random congressman. And not any of the addresses I give out; my gmail >box's address which I don't. ... It's strange but I think it's not

Re: Softbank Contact

2020-09-13 Thread John Levine
In article <093aea2c-6174-42ed-bb5b-ef507fed1...@transitbroker.com>, Evan M. Gillman via NANOG wrote: >Hello, > >Can someone from Softbank sales contact me off list? I'm pretty sure Arm isn't for sale any more. Helpfully, John -- Regards, John Levine, jo...@taugh.com, Prim

Re: antispamcloud.com (SpamExperts) forensics reports format

2020-09-09 Thread John Levine via NANOG
lid. You're right, they're not following the DMARC spec that says the reports are sent in multipart/report ARF format. Followups to the mailop list, where people who know about this stuff are likely to read them. -- Regards, John Levine, jo...@taugh.com, Primary Perpetrator of "The Internet for Du

Re: Has virtualization become obsolete in 5G?

2020-08-01 Thread John Levine
In article <20200801143522.e25a8...@m0117164.ppops.net> you write: >--- ed...@ieee.org wrote: >From: Etienne-Victor Depasquale > >See, for example, Azhar Sayeed's (Red Hat) contribution here >@15:33.

Re: not really Contact at Ubiquiti Networks?

2020-05-27 Thread John Levine
In article you write: >On Wed, 27 May 2020 at 10:00, Mel Beckman wrote: > >Hertz car rental has the #1 product in its industry, even its major >> competitor Avis agrees (“We’re number two“:-), and yet Hertz stock is >> plunging towards zero even as we speak. ... >However Hertz depreciation is

Re: Huawei on Mount Everest

2020-05-01 Thread John Levine
In article you write: >-=-=-=-=-=- > >https://telecoms.com/504051/huawei-and-china-mobile-stick-a-5g-base-station-on-mount-everest/ > >Why dont we leave the Everest alone? OTOH, we can now have tiktok >videos and latest instagram posts from the summit. Given how dangerous the ascent is, I would

Re: dot-org TLD sale halted by ICANN

2020-05-01 Thread John Levine
In article you write: >Wasn't the price cap removal what started this mess in for first place? Not really. Under the old price cap the maximum price this year would be about $16 but in fact the actual price is $10. Competitive pressures are the important factor in setting registry prices.

Re: free collaborative tools for low BW and losy connections

2020-03-25 Thread John Levine
ding nanog and many other lists on my own NNTP server via a straightforward mail gateway for about a decade. Works great. I'm sending this message as a mail reply to a news article. -- Regards, John Levine, jo...@taugh.com, Primary Perpetrator of "The Internet for Dummies", Please cons

Re: Chairman Pai Proposes Mandating STIR/SHAKEN To Combat Robocalls

2020-03-09 Thread John Levine
In article <24166.56720.929382.920...@gargle.gargle.howl> you write: >I was thinking more in terms of millions of calls to congressional >offices per day, not individual requests for action. Who do you think has put the screws on the FCC to make STIR/SHAKEN happen?

Re: Chairman Pai Proposes Mandating STIR/SHAKEN To Combat Robocalls

2020-03-07 Thread John Levine
In article you write: > >Has encryption ever solved scams/fraud/spam? No, but signatures have helped so you can more easily identify known friends and concentrate the analysis on the rest. >DKIM signed email - Just pay a mail provider more money to blast email This must be some DKIM other than

Re: Tell me about AS19111

2020-02-07 Thread John Levine
In article <8930.1580963...@segfault.tristatelogic.com> you write: >>1800vitamins.org has a web site at 12.180.219.234 which looks like >>they would sell me vitamins should I or my dog need any. >> >>Routeviews tells me that IP is in AS19111, routed via AS7018. AS7018 >>is AT which isn't

Re: Tell me about AS19111

2020-02-05 Thread John Levine
hty about the site. -- Regards, John Levine, jo...@taugh.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. https://jl.ly

Tell me about AS19111

2020-02-05 Thread John Levine
, Confused -- Regards, John Levine, jo...@taugh.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. https://jl.ly

Re: ICANN extracts $20m signing fee for $1bn dot-com price increases and guess who's going to pay for it?

2020-01-08 Thread John Levine
In article you write: >El Reg is more of a tabloid than industry media, but you can read almost >the same views at domain industry blogs: >http://domainincite.com/25129-breaking-verisign-pays-icann-20-million-and-gets-to-raise-com-prices-again

Re: power to the internet

2020-01-02 Thread John Levine
In article you write: >-=-=-=-=-=- >It helps that we have a 2.6GW pumped storage generation facility near >Niagara Falls. :) It does, but all that power goes to the munis, not the commercial company that supplies me. We do import a lot of hydro power from Quebec. There's another power plant

Re: power to the internet

2020-01-02 Thread John Levine
In article <87y2up1vc4@mid.deneb.enyo.de> you write: >I found the connection rather puzzling (that is, how switching off >power distribution prevents wildfires or at least reduces their risk). >I found some explanations here (downed lines, vegetation contact, >conductor slap, repetitive

Re: power to the internet

2019-12-26 Thread John Levine
In article you write: >> run but are now showing their long term consequences, notably land use >> that encourages sprawl and construction in ill-suited areas > >If we stopped construction in all of the ill-suited areas, we'd stop >construction all together, and tear down much more. We have it

Re: power to the internet

2019-12-26 Thread John Levine
In article you write: >To reanswer the question posed though, is still the same ; $$$. If network >operators take the position that the electric utility supply should be more >reliable than it is, then they need to start influencing and lobbying for >ways for that to happen. If not, they will

Re: Fwd: urgent opening: Engineer-Transport - III

2019-12-17 Thread John Levine
In article you write: >-=-=-=-=-=- > >In case some is interested, Got this email today: Please, no. If we want help wanted ads, we know where to find them. This particular one is so specific that as likely as not it's a fake ad to justify and H1-B hire. R's, John

Re: Gmail email blocking is off the rails (again)

2019-12-04 Thread John Levine
egards, John Levine, jo...@taugh.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. https://jl.ly

Re: Comcast outages continue even in areas with PG power restored

2019-10-12 Thread John Levine
In article you write: >On 10/11/19 9:43 PM, Matt Hoppes wrote: >How distributed is the power on a typical HFC system in practice? I'm >sure I'm missing some of them, but having walked out most of a small-ish >(~2000 residences) city recently for a FTTx deployment, I think I only >saw 2-3

Re: worse than IPv6 Pain Experiment

2019-10-09 Thread John Levine
In article <23963.65395.763065.591...@gargle.gargle.howl> you write: >So I proposed we dump numeric addresses entirely and use basically >URLs in IP packets and elsewhere. > >I really meant something like 'IP://www.TheWorld.com' in the >source/dest addr, possibly more specific for multiple

Re: IPv6 Pain Experiment

2019-10-03 Thread John Levine
In article you write: >Doug Barton wrote: > >> Not if you configure your services (like DNS) with static addresses, >> which as we've already discussed is not only possible, but easy. Yup. >Automatic renumbering involving DNS was important design goal >of IPv6 with reasons. News flash:

Re: IPv6 Pain Experiment

2019-10-03 Thread John Levine
In article you write: >that gets me on to my small annoyance... /64 bit subnet masks for >local networks. really? Yup. > ALL of that address space and then throw such >a large range away on subnets commonly populated >with no more than a couple of hundred clients...maybe a few thousand >at

Re: This DNS over HTTP thing

2019-10-02 Thread John Levine
In article <6533015105f2d548812b4a445275b...@mail.dessus.com> you write: >Having unfiltered access to the malware installed by links in spam is a >self-limiting problem. Remove the DNS blocks and in >rather short order the problem will go away as all the idiots click their way >to oblivion. It

Re: This DNS over HTTP thing

2019-10-02 Thread John Levine
In article <804699748.1254612.1570037049931.javamail.zim...@baylink.com> you write: >Tools. Are. Neutral. > >Any solution to a problem that involves outlawing or breaking tools will. >Not. Solve. Your. Problem. I think in the outside world you'll find very little support for an argument that

Re: IPv6 Pain Experiment

2019-10-02 Thread John Levine
In article you write: >For a small organization with limited staff and small margins, I'm curious >where the actual burden in supporting IPv6 lies. In my experience, it's not >any more costly than deploying IPv4 is ... Right, but that means it doubles your deployment costs since IPv4 isn't

Re: IPv6 Thought Experiment

2019-10-02 Thread John Levine
In article <5dcae7a8-1d33-4ea2-bbb1-7a3e8132d...@gmail.com> you write: >What do you think would happen? Would it be the only way to reach 100% IPv6 >deployment, or even that wouldn’t be sufficient? If you have to impose an artificial tax to force people to use IPv6, you've clearly admitted that

Re: This DNS over HTTP thing

2019-10-02 Thread John Levine
In article <146431.1569964368@turing-police> you write: >-=-=-=-=-=- > >On Tue, 01 Oct 2019 16:24:30 -0400, Warren Kumari said: > >> "More concretely, the experiment in Chrome 78 will **check if the >> user’s current DNS provider** is among a list of DoH-compatible >> providers, and upgrade to the

Re: This DNS over HTTP thing

2019-10-01 Thread John Levine
In article <20191001074011.n4xjouqg6lhsv...@nic.fr> you write: >Note that the UK is probably the country in Europe with the biggest >use of lying DNS resolvers for censorship. No wonder that the people >who censor don't like anti-censorship techniques. Most UK ISPs use the Internet Watch

Re: DNS Recursive Operators: Please enable QNAME minimization (RFC7816) for the enhanced privacy of your users

2019-09-18 Thread John Levine
.60 IN A 185.199.109.153 use-application-dns.net.60 IN A 185.199.111.153 use-application-dns.net.60 IN A 185.199.110.153 I have this special-cased in my own resolver, of course. -- Regards, John Levine, jo...@taugh.com,

Re: What can ISPs do better? Removing racism out of internet

2019-08-06 Thread John Levine
In article <56cbb25e-9a53-4e5e-b2cb-3e769112f...@truenet.com> you write: >John, > >Seriously, just quote so people don’t have to look it up. Honestly, though >others are probably right in that case law usually will over-ride written law >due >to our legal structure. Well, kind of, but in this

Re: What can ISPs do better? Removing racism out of internet

2019-08-06 Thread John Levine
In article <6956e76b-e6b7-409f-a636-c7607bfd8...@beckman.org> you write: >Mehmet, > >I’m not sure if you understand the terms under which ISPs operate as “common >carriers”, and thus enjoy immunity from lawsuits due to the acts of their >customers. ISPs in the U.S. are not carriers and never

Re: any interesting/useful resources available to IPv6 only?

2019-05-06 Thread John Levine
In article <3ccd8c9a687b1a780c7f2e0f9e89b6d55ccdb2a7.ca...@interlinx.bc.ca> you write: >But the came I am making is to PHBs, not engineers and I am trying to >find a path of least resistance. Oh, then tell them that IPv4 addresses now cost (wave hands) ten bucks each while IPv6 addresses are

Re: any interesting/useful resources available to IPv6 only?

2019-05-06 Thread John Levine
In article you write: >Another provider offering discounted IPv6 only VPSes is gandi.net > >https://www.gandi.net/en/cloud -- the two cheapest options "XS-V6" and >"Small - IPv6" are IPv6 only. That's not very persuasive since even their v6 only prices are pretty high. Gandi charges $13.10 for

Re: Packetstream - how does this not violate just about every provider's ToS?

2019-04-26 Thread John Levine
In article <003d01d4fc27$ba0bb300$2e231900$@netconsultings.com> you write: >But isn't there a law in US that protects oblivious or outright simple-mined >population from falling for these type of "easy money" schemes by >prohibiting these types of business? If it became popular enough to be

Re: Packetstream - how does this not violate just about every provider's ToS?

2019-04-26 Thread John Levine
In article <44a32613-a255-44eb-a094-cee68b6d088a@Spark> you write: >-=-=-=-=-=- > >particularly "interesting" when someone downloads CP (or, as it now seems to >be called, CSAM) using their >ipaddr and causes them to become a Person of Interest. I was thinking the same thing, that'll do it. Or

Re: Packetstream - how does this not violate just about every provider's ToS?

2019-04-25 Thread John Levine
In article you write: >-=-=-=-=-=- > >feeling cranky, are we, job?   (accusing an antispam expert of spamming on a >mailing list by having too long a .sig?) >but it’s true!  anne runs the internet, and the rest of us (except for ICANN >GAC representatives) all accept that. > >to actually try to

Re: We have it here, including the conclusions (was Re: Special Counsel Office report web site)

2019-04-18 Thread John Levine
In article you write: >Oops..the link would be helpful, sorry! > >We have made the full report available here, including conclusions (full >report both embedded by iframe, and linked to the actual report at DOJ). The DOJ web site is hosted on Akamai's CDN. I don't think anyone's had trouble

Re: a detour DANE, was A Deep Dive on the Recent Widespread DNS Hijacking

2019-02-27 Thread John Levine
In article <20190227161327.ga27...@besserwisser.org> you write: >that is RFC 7208.[0] >[0] This document tries to deprecate RRTYPE 99 for SPF. By stating that >only TXT records can be trusted. ... This must be a very different RFC 7208 from the one that the IETF published. The IETF one says

Re: A Deep Dive on the Recent Widespread DNS Hijacking

2019-02-26 Thread John Levine
In article <3fd86d54-7fe4-4e1d-8c8d-a4d79f030...@pch.net> you write: >That’s the main reason for having a brand TLD at this point, from my point of >view. It’s the reason I’d get one in a heartbeat, if I could afford the fees. Well, actually, you can't get one. The 2013 round is still working

Re: A Deep Dive on the Recent Widespread DNS Hijacking

2019-02-26 Thread John Levine
In article you write: >Swapping the DNS cabal for the CA cabal is not an improvement. Right? They >are really the same arbitraging rent-seekers, just different layers. The models are different. If I want to compromise your DNS I need to attack your specific registrar. If I want a bogus

Re: DANE, was A Deep Dive on the Recent Widespread DNS Hijacking

2019-02-26 Thread John Levine
In article you write: >We need to get switched over to DANE as quickly as possible, and stop wasting >effort trying to keep the CA system alive with >ever-hackier band-aids. What's the DANE version of a green-bar cert?

Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking

2019-02-25 Thread John Levine
In article <24679.1551146...@turing-police.cc.vt.edu> you write: >So what registries/registrars are supporting 2FA that's better than SMS? Opensrs does TOTP. It's certainly not bulletproof, but it's tied to your actual phone rather than the phone number. (We careful folk put our TOTP keys on a

Re: A Deep Dive on the Recent Widespread DNS Hijacking

2019-02-24 Thread John Levine
In article you write: >You are right, if you can compromise a registrar that permits DNSSEC to be >disabled (without notification/confirmation to POCs >etc), then you only have a limited period (max of DS TTL) of protection for >those resolvers that have already cached the DS. As far as I can

Re: No IPv6 by design to increase reliability...

2019-01-17 Thread John Levine
t to be able to distinguish among the devices behind a v4 NAT so they can segment and market more precisely. -- Regards, John Levine, jo...@iecc.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. https://jl.ly

Re: plaintext email?

2019-01-15 Thread John Levine
> > Sudden plot-twist! > > > > A small elite group of NANOG participants have been using stenographic > > forms of > > encryption in the messages all along!� > >Did you mean steganographic? No, stenographic, like, you know, double rot13. R's, John

Re: plaintext email?

2019-01-14 Thread John Levine
In article you write: > >Isn't the underlying assumption with non-plaintext that: "I know what will >work better for you than you do" ... No, it's that every MUA in the world has handled html mail for a decade and it's a waste of time to piss into the wind. I send most of my mail as

Re: Enough port 26 talk...

2019-01-13 Thread John Levine
In article <871s5gpz1w@miraculix.mork.no> you write: >Yes. What is all the fuzz about? Email will be as dead as USENET in a >couple of years anyway. Funny, people have been saying that pretty much every year since the 1990s. What's different this time?

Re: yet another round of SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]

2019-01-12 Thread John Levine
In article you write: >What IETF Mailing list thinks? - "Implicit TLS doesn't offer any additional >security than a downgrade protected STARTTLS. Let's not waste a port." He's forum shopping. He's already take this to two IETF lists and we've explained to him why it's not a good idea. If you

Re: Unsolicited LinkedIn requests

2018-12-11 Thread John Levine
In article you write: >Agreed, and I do get unsolicited Linkedin requests quite often. >Sometimes, this is clearly the result of someone scraping a list like >NANOG in an effort to drum up new business/contacts. Those end up in the >bitbucket. When you turn down a connection there should be

Re: Bulk IP abuse reporting

2018-11-28 Thread John Levine
In article <87in0horr2@riseup.net> you write: >However, I am not finding a simple, or standardized way to look up the >abuse contacts for a specific IP. Does someone have a suggestion? The RIRs all have RDAP servers that will in theory give you the abuse contact for any IP address in an easy

Re: v6 DNSSEC fail, was Buying IPv4 blocks

2018-10-04 Thread John Levine
In article <60afb948-5f6d-8ea8-00c9-6d4d92ff0...@forfun.net>, Marco Davids via NANOG wrote: >> Even if you do have v6, some things like DNSSEC don't work very well >> if you can't do them over v4. > >Is that so? Yeah, V6 UDP fragmentation and anycast are bad news. You can sort of fix it by

Re: Buying IPv4 blocks

2018-10-04 Thread John Levine
In article you write: > >If is a new US business and you are working internationally why not go >simple and use IPv6 addresses? Just a guess, but it's probably because they would like for the large fraction of the net that is still v4 only to be able to contact them. Even if you do have v6,

Re: CloudFlare D.N.S. Resolvers... (1.1.1.1 & 1.0.0.1)

2018-09-26 Thread John Levine
In article <87in2sy5eh@pc8.berlin.quux.de> you write: >quick and dirty: > >jens@screen:~$ dig nanog.org @8.8.8.8 | grep "Query time" >;; Query time: 16 msec >jens@screen:~$ dig nanog.org @1.1.1.1 | grep "Query time" >;; Query time: 3 msec Yeah, that's super reliable: $ drill nanog.org

Re: Best practices on logical separation of abuse@ vs dmca@ role inboxes

2018-08-07 Thread John Levine
In article <627928051.4141.1533644391202.JavaMail.mhammett@ThunderFuck> you write: >Unless the e-mail is to the contact on file with the FCC, it isn't an official >DMCA take down request, so the request is garbage. It's not the FCC, it's the copyright office. The law also says that the

Re: Best practices on logical separation of abuse@ vs dmca@ role inboxes

2018-08-06 Thread John Levine
In article you write: >I'm very sorry to read that, as an ISP, you have to comply with a >para-judicial process that puts you in charge of censorship. Dealing with DMCA notices is a matter of statute law in the US, and it is a really, really bad idea to ignore them unread. It doesn't matter

Re: Confirming source-routed multicast is dead on the public Internet

2018-08-02 Thread John Levine
In article you write: >Multicast is being used in various private IP networks. It seems to work >very well for satellite content distribution because multicast doesn't >require ack's. Enterprise networks also use multicast. I would think it'd work fine on private networks, but since there's

Re: unwise filtering policy on abuse mailboxes

2018-07-24 Thread John Levine
In article you write: >I'm saying people who filter their abuse mailboxes need to stop doing so. See Canute, King. R's, John

Re: Anyone from Delta on list?

2018-07-13 Thread John Levine
In article <2d8e2754-662a-4029-b6fa-6714b1b6c...@semperen.com> you write: >-=-=-=-=-=- > >If so, can you contact me off list, please and thank you? Delta the airline? Delta the hotel chain? Delta the plumbing fixture maker? Delta the construction company? Signed, Baffled

Re: ICANN GDPR lawsuit

2018-05-30 Thread John Levine
In article you write: >http://www.circleid.com/posts/20180527_icann_files_legal_action_against_domain_registrar_whois_data/ Elliot said that if he had to choose between fighting ICANN and fighting governments, he'd fight ICANN. I can't blame him.

Re: SIP fax sending software?

2018-05-30 Thread John Levine
In article you write: >Have you considered paying the $0.50 per page to have the local copy >shop send the once-a-month faxes? Since the local copy shop is about a half hour drive from here, no. I don't really care if it's flaky. For one fax a month a few retries are not a big deal. But

Re: Whois vs GDPR, latest news

2018-05-27 Thread John Levine
In article <230722.1527374...@turing-police.cc.vt.edu> you write: >Now here's the big question - a *lot* of companies are targeting "anybody with >a freemail account like GMail and a valid Visa or Mastercard card" or similar >business models - does that count as "specifically targeting at EU", or

Re: GDPR outside Europe, was Whois vs GDPR, latest news

2018-05-24 Thread John Levine
In article <0bb31bbb-388d-4832-85dd-30c01c187...@jeffmurphy.org> you write: >There’s speculation that enforcement could occur via the FTC Privacy Shield >program. Privacy Shield is entirely optional. Joining it requires a lot of paperwork and a substantial administrative fee. If you don't do

Re: Whois vs GDPR, latest news

2018-05-23 Thread John Levine
No, but in the absence of a law that specifically bars the courts from doing so the will under current reciprocal treaty arrangements. No, really, what treaties? I understand treaties about domesticating a tort judgement but this isn't a tort, this is a regulation. R's, John PS: can

Re: Whois vs GDPR, latest news

2018-05-23 Thread John Levine
In article you write: >I asked one of the EU regulators at RSA how they intended to enforce GDPR >violations on businesses that don't operate in their jurisdiction and >without hesitation he told me they'd use civil courts to

  1   2   3   4   5   6   >