Hi Joe, To further explain it. In my view SSL is the right protocol for this kind of transaction (we could use IPSec with BTNS too though). As the idea is to get the information from the right server, the client itself could be any one.
Thanks, Vishwas On Tue, Mar 4, 2008 at 7:27 AM, Vishwas Manral <[EMAIL PROTECTED]> wrote: > Hi Joe, > > > > I had no idea they were available over http. Everybody I know who uses > > them uses whois. > > > > As to "cannot build", that doesn't seem to be an opinion shared by the > > many ISPs who "have built". > The point I raise is about a guarantee of talking to the right server. > If the tools are already built and are not checking the certificate of > the site they are getting the information from, then that is another > weakness in the system, that is breakable. > > Thanks, > Vishwas > > > > On Tue, Mar 4, 2008 at 7:22 AM, Joe Abley <[EMAIL PROTECTED]> wrote: > > > > On 4-Mar-2008, at 10:14, Vishwas Manral wrote: > > > > > I was talking about the RIPE whois and other related tools that RIPE > > > provides, when I looked at the link given below: > > > http://www.ripe.net/news/study-youtube-hijacking.html > > > > > > As the tools cannot be accessed using https but using http, the tools > > > cannot be used in a guaranteed fashion. We cannot build scripts over > > > the tools and feel the information. > > > > I had no idea they were available over http. Everybody I know who uses > > them uses whois. > > > > As to "cannot build", that doesn't seem to be an opinion shared by the > > many ISPs who "have built". > > > > > > Joe > > > _______________________________________________ Sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
