Multicast with VPN
hi, Does any one have any idea if we can use IPSec with multicast address. In RFC-2401 I have read "In principle, the Destination Address may be a unicast address, an IP broadcast address, or a multicast group address. However, IPsec SA management mechanisms currently are defined only for unicast SAs." they have explained how to use multicast address in IPSec SA, in principle. but this RFC was published in 1998. nothing changed till now? thanks __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/
Re: where can free download ITU-T recommendation V.24
-Original Message- From: Yang, Lei <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] <[EMAIL PROTECTED]> Date: 30 March 2001 06:24 Subject: where can free download ITU-T recommendation V.24 Please unsusribe me from this E-Mail subscription
Decoration Board(wood)
Dear Sir / Madam, It is a great honour to have the chance to introduce our company(Huaguang Decoration Board Co.Ltd.) and our main products. Huaguang Decoration Board Co.Ltd is located in Guangdong province mainland China.It is a professional manufcturer on decoration boards(wood) ,with six series:Plywood Board,High Grade Finished Surface Board ,Big Core Board,Fibre Board of Medium Density,Compound Floor Board of High Density,etc. It is the largest decoration board producing enterprises in Southeast Asia Region. with 10.000 workers and a factory area of more than 1,050,000 sqm. Purchased in Malaysia nearly 100,000 hectares of forest in .purchased in New Zealand 100,000 hectares of manually planted forsts . It has own wharf with the handing capacity of 5 million tons a year.and has own ocean-going freight fleet with the freight capacity totaling 150,000 tons a year. We have been exproting our products to Southease Asia ,the Middle East,America etc. we have the authentication of ISO9002 if you are interested in our products, please contact us without hesitate. yours truely Pang Li Huaguang Decoration Board Co.Ltd Tel: £º86-757-6236612 Fax:86-757-6336141 E-mail:[EMAIL PROTECTED] Contact person: Pang Li
Re: Fwd: Indianz.com NEWS BRIEFS: APRIL 1, 2001
On Wed, Apr 04, 2001 at 09:15:56AM +0700, Rahmat M. Samik-Ibrahim wrote: > * RFC 3093 on Firewall Enhancement Protocol > http://www.faqs.org/rfcs/rfc3093.html > > Internet Transparency via the end-to-end architecture of the Internet > has allowed vast innovation of new technologies and services [1]. > However, recent developments in Firewall technology have altered this > model and have been shown to inhibit innovation. We propose the > Firewall Enhancement Protocol (FEP) to allow innovation, without > violating the security model of a Firewall. With no cooperation from > a firewall operator, the FEP allows ANY application to traverse a > Firewall. Our methodology is to layer any application layer > Transmission Control Protocol/User Datagram Protocol (TCP/UDP) packets > over the HyperText Transfer Protocol (HTTP) protocol, since HTTP > packets are typically able to transit Firewalls. I was disappointed in this RFC, since it doesn't actually work; typically the user who is trapped on the inside of the firewall only can initial HTTP connections, and so you have to play some polling games (and ideally encapsulate multiple packets as part of the HTTP GET response for efficiency's sake) in order to process packets from the outside of the firewall making it back into inside-firewall user. Of course, in order to be practical you'd also want to add some encryption plus some varying steganography so that you can evade firewall vendors trying to detect and prevent such http tunnelling requests. I had talked about this with a few folks a year or two ago as a possible April 1st RFC, but we had wanted to back it up with real, live running code which demonstrated something which could actually work. ah, well, so many interesting projects, so little time - Ted
Re: Multicast with VPN
Hi, Yes, IPsec allows for a Class D address (multicast) with no change. As far as a multicast receiver is concerned, the packet will be an IPsec packet that will be treated in the usual IPsec manner. The IPsec indexing triplet remains the same. The problem is that IKE is a pairwise key/SA establishment protocol, which cannot be used as is within a group/multicast context. The MSEC WG is working precisely on this topic. Their drafts can be found on www SecureMulticast.org. cheers, thomas -- At 4/4/01||12:58 AM, you wrote: hi, Does any one have any idea if we can use IPSec with multicast address. In RFC-2401 I have read "In principle, the Destination Address may be a unicast address, an IP broadcast address, or a multicast group address. However, IPsec SA management mechanisms currently are defined only for unicast SAs." they have explained how to use multicast address in IPSec SA, in principle. but this RFC was published in 1998. nothing changed till now? thanks __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/
Re: IESG Response to Copyright appeal
http://groups.yahoo.com/group/ietf-announce/message/167 > In doing this, you leave the ISOC copyright there, which asserts that the > ISOC has your permission to publish the document in the RFC archive, and > protects it from unauthorized modifications or claims. Doing so, according > to our counsel '...is as close to a "contribution to the public" that we > can get'. Dear honest lawyers, counsels, et. al.: May I know, how close to a "contribution to the public"; the GNU Free Documentation License is? See also http://gnux.vlsm.org/copyleft/fdl.txt regards, -- Rahmat M. Samik-Ibrahim - VLSM-TJT - http://rms46.vlsm.org --- The Kappa likes getting cucumber --- Budum... Budum...
Re: IESG Response to Copyright appeal
On Thu, 05 Apr 2001 09:48:00 +0700, "Rahmat M. Samik-Ibrahim" said: > May I know, how close to a "contribution to the public"; the GNU Free > Documentation License is? See also > http://gnux.vlsm.org/copyleft/fdl.txt Not very. At least it's not as viral as the GPL, and they don't require you (in section 3) to *personally* distribute sources for 3 years if you ship binaries of GPL programs (which irked me no end when building installable packages for AIX - even though I made *no* source changes, I asked (and was told) that just pointing at ftp.gnu.org for the source wasn't acceptable). You only need take "prudent steps" for one year to ensure the place you point people stays there. Remember that the GNU crowd has an agenda, and their licensing is written to enforce that agenda. Valdis Kletnieks Operating Systems Analyst Virginia Tech
Re: IESG Response to Copyright appeal
[EMAIL PROTECTED] wrote: >> May I know, how close to a "contribution to the public"; the GNU Free >> Documentation License is? See also >> http://gnux.vlsm.org/copyleft/fdl.txt > Not very. >From the preamble: "The purpose of this License is to make a manual, textbook, or other written document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others." I have no problem with that. However; since I am not a lawyer, I am just wondering if there are hidden catches that I am not aware of. > At least it's not as viral as the GPL, and they don't > require you (in section 3) to *personally* distribute sources for > 3 years if you ship binaries of GPL programs (which irked me no end > when building installable packages for AIX - even though I made *no* > source changes, I asked (and was told) that just pointing at ftp.gnu.org > for the source wasn't acceptable). You only need take "prudent steps" > for one year to ensure the place you point people stays there. Section 3 of GPL http://gnux.vlsm.org/copyleft/gpl.txt has three options, "a" (accompany with source code) , "b" (three years commitment to distribute), and "c" (providing pointers). So, what is the problem to choose one of them? regards, -- Rahmat M. Samik-Ibrahim - VLSM-TJT - http://rms46.vlsm.org --- The Kappa likes getting cucumber --- Budum... Budum...
Re: IESG Response to Copyright appeal
On Thu, 05 Apr 2001 11:53:14 +0700, "Rahmat M. Samik-Ibrahim" said: > > for the source wasn't acceptable). You only need take "prudent steps" > > for one year to ensure the place you point people stays there. > > Section 3 of GPL http://gnux.vlsm.org/copyleft/gpl.txt has three > options, "a" (accompany with source code) , "b" (three years commitment > to distribute), and "c" (providing pointers). So, what is the problem > to choose one of them? The problem is that now I have a directory on the server that has a bunch of *.tar.gz files identical to the ones on ftp.gnu.org, that are *only* there because the GNU people said I have to distribute source, and that the fact that there are probably 327 GNU mirrors that are more likely to be there 3 years from now than the server I set up is irrelevant to the GNU people. And having distributed anything, I now get to keep track of *every package*, and whenever I remove that package (for instance, if I package GNU Make 3.78 to replace 3.77) I have to keep BOTH .tar.gz's. I've now got a make-3.77.tar.gz that I'm stuck with for another 2 1/2 years, a make-3.78.tar.gz I;'m stuck with for a bit longer, a make-3.78.1.tar.gz, and I can't get rid of make-3.79.1.tar.gz for 3 years still. If I had built a 3.79 I'd be stuck with that one too... The problem is that when you take *that* stuff into account, I've spent (or have committed to spending) *more* time trying to comply with the GPL than I have actually making useful things available. I quit after building only about 1/3 of the install kits for AIX that I could have, mostly because I was digging a maintenance issue. The problem is that people won't get the benefit of the other tools, just because I can't say "as built from source available at ftp://ftp.gnu.org/pub/gnu/foobar/foobar-1.3.tar.gz". So in this case, the GPL has worked against its intent - rather than set up a possible non-compliance 2 years from now because I may not *be* there anymore, I've respected the GPL's wishes by not distributing software. Anyhow, this has gotten far enough afield, and it's late... Valdis Kletnieks Operating Systems Analyst Virginia Tech
