On Fri, Sep 30, 2022 at 9:51 AM Paul Vixie <[email protected]> wrote: > > see inline. > > Carsten Bormann wrote on 2022-09-30 00:37: > > On 2022-09-30, at 09:25, Paul Vixie <[email protected]> wrote: > >> > >> what did you have in mind as an example of this, that i might not dislike? > > > > ... > > > > The part I do not understand is why this is always framed in terms of > > uncontrolled (unrestricted) visibility, i.e., everybody who manages to > > get hold of a packet has full visibility. > > i could live with uncontrolled visibility on my own VM server's internal > networks, or on my datacenter or home LAN. i am open to other ways to > achieve the nec'y visibility -- i don't require that it be uncontrolled. > > > ... > > > > Instead, I'd prefer to pursue something that I'd call Authorized > > Visibility (AV). Here, the communication actors explicitly provide > > visibility to additional justified parties, not simply to any > > eavesdropper that comes along. ... > > i'd be fine with this, as long as it was possible for my gateway to > determine at line rate whether each packet trying to get through was > participating in the Authorized Visibility regime you're describing.
In general my opinions match pauls, but I don't have the energy to wade in here. Anecdote: These days I pretty much block and log all udp traffic aimed at china. If any of you have ever bought a security camera made there, you'd understand why. > > Grüße, Carsten > and you. > > -- > P Vixie > -- This song goes out to all the folk that thought Stadia would work: https://www.linkedin.com/posts/dtaht_the-mushroom-song-activity-6981366665607352320-FXtz Dave Täht CEO, TekLibre, LLC
