On Tue, 5 Jun 2007, Dean Anderson wrote:
>
> > > The group has repeatedly rejected the claims in the draft that "you
> > > just edited" once it is detailed how the draft supports discredited
> > > claims.
> >
> > I am not sure what your evidence is for this claim (especially since
> > we have see
I urge people to support my draft (draft-anderson-reverse-dns-status).
My draft encourages Reverse DNS, improves understanding of Reverse DNS,
informs about discredited practices, and recommends good practices. My
draft accomplishes the purpose charted by the WG much better than the
Sullivan draft
Hi Dean,
On Mon, Jun 04, 2007 at 07:22:08PM -0400, Dean Anderson wrote:
> > but if others disagree with me, I will cheerfully include your
> > suggestions.
>
> It seems others disagree.
On the point in question, I have received not a single indication of
agreement with your proposed text. Unti
On Mon, 4 Jun 2007, Andrew Sullivan wrote:
> but if others disagree with me, I will cheerfully include your
> suggestions.
It seems others disagree.
> (By the way, I appreciate that you are willing to comment on the
> draft, since you said that there is no way it could be modified to
> address y
Hi Dean,
On Sat, Jun 02, 2007 at 03:31:36AM -0400, Dean Anderson wrote:
> No; I looked further into the context of that statement, and I cited
> that context to you in my previous message: The purpose of the TCP
> Wrappers tool was to provide _logs_ for programs which didn't produce
> logs and fo
On Mon, Jun 04, 2007 at 08:12:24AM -0400, Robert Story wrote:
> I think it's useful, but I also think you should have a concluding
> paragraph on why it's no longer a recommended practice. Something along
> the lines of "as attack became more sophisticated, they included
> spoofing reponses to rev
On Thu, 31 May 2007 17:24:48 -0400 Andrew wrote:
AS> We received a suggestion that a short section outlining the history of
AS> the use of reverse mapping in security contexts would be a good thing
AS> to add to the reverse-mapping-considerations draft. I have some
AS> proposed text to add. Befor
On Fri, 1 Jun 2007, Andrew Sullivan wrote:
> Hello Dean,
>
> On Fri, Jun 01, 2007 at 12:07:48AM -0400, Dean Anderson wrote:
> > On Thu, 31 May 2007, Andrew Sullivan wrote:
> > >
> > > The popular TCP Wrapper package was originally conceived to discover
> > > the network location of an attacker [
At 13:08 -0400 6/1/07, Russ Mundy wrote:
considered adequate by the government officials (even though I always
thought that it was a Really Dumb control!).
Well, you could (cynically) argue it was quite effective and
efficient. And we are speaking from operational experience and not
conjectu
I At 11:07 AM -0400 6/1/07, Edward Lewis wrote:
>At 23:41 -0400 5/31/07, Dean Anderson wrote:
>
>>I don't know of anyone ever using reverse DNS to enforce export control
>>of crypto software.
>
>We ("we" referring to my employer in 1997) did.
I can confirm Ed's point that reverse DNS lookup was th
At 23:41 -0400 5/31/07, Dean Anderson wrote:
I don't know of anyone ever using reverse DNS to enforce export control
of crypto software.
We ("we" referring to my employer in 1997) did.
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis
Hello Dean,
On Fri, Jun 01, 2007 at 12:07:48AM -0400, Dean Anderson wrote:
> On Thu, 31 May 2007, Andrew Sullivan wrote:
> >
> > The popular TCP Wrapper package was originally conceived to discover
> > the network location of an attacker [Venema1992].
>
> No. Early TCP wrappers just provided l
On Thu, 31 May 2007, Andrew Sullivan wrote:
>
> The popular TCP Wrapper package was originally conceived to discover
> the network location of an attacker [Venema1992]. It used the reverse
> mapping of a connecting host to provide the hostname of that host in
> its output.
No. Early TCP wrappers
On Thu, 31 May 2007, Olafur Gudmundsson wrote:
>
> I think this text is helpful, to understand where the 'requirement´
> for reverse DNS entries came from. This mechanism was used by ftp
> servers to keep logs and enforce export control on cryptographic
> software :-)
I don't know of anyone ever
I think this text is helpful, to understand where the 'requirement´ for
reverse DNS entries came from.
This mechanism was used by ftp servers to keep logs and enforce export
control on cryptographic software :-)
You may want to add a paragraph that the r* command use of reverse mapping
for secu
I think this background about the origin of "security" through
reverse lookup is helpful. Certainly not hurtful, which is what my
old rant about its use on UUnet's FTP server might be.
John
On May 31, 2007, at 5:24 PM, Andrew Sullivan wrote:
Dear colleagues,
We received a suggestion that
Dear colleagues,
We received a suggestion that a short section outlining the history of
the use of reverse mapping in security contexts would be a good thing
to add to the reverse-mapping-considerations draft. I have some
proposed text to add. Before I add it, I'd like to ask for comments.
I am
17 matches
Mail list logo