We all know that the weakest link of SSH is key management: if
you do not confirm by a secure out of band channel that the
public host key of the device you are connecting to is correct,
then SSH's crypto will not help you.
SSH implements neither a CA hierarchy (like X.509 certificates) nor
a web
On Mon, Oct 17, 2005 at 11:39:37AM +0100, [EMAIL PROTECTED] wrote:
> Here, the suggestion is that netblocks should
> be allocated to cities, not to providers. Within
I am a multihomed customer and my ISPs are in two different cities. What
are my IP addresses going to be?
This situation happens a
On Thu, Jul 28, 2005 at 03:27:58PM +0200, Bjørn Mork wrote:
> > Otherwise how can all my applications support IDN?
>
> Please read RFC 3490.
Thanks for the pointer.
It seems like a lot of work to do and much opportunity for it to be
done inconsistently from application to application. This shim
On Wed, Jul 27, 2005 at 01:47:14PM +, Fergie (Paul Ferguson) wrote:
> Mozilla Foundation has announced changes to Firefox concerning
> Internationalized Domain Names (IDN) to deal with homograph spoofing
> attacks.
Does anyone el
On Tue, Jul 12, 2005 at 09:35:37PM -0400, David Andersen wrote:
> samples to squeeze into a low bandwidth channel. Enter IP header
> compression, which is shockingly effective at compressing IP headers of
> all sorts... if you've dedicated 128 bits for the address, and it's
> still just as sta
On Wed, Jul 06, 2005 at 09:46:53PM +0200, Iljitsch van Beijnum wrote:
> It's getting better all the time, but there are still strange bugs in
> the applications, OSes and even the standards. IPv6 works very well
> for many things but not so well for others. Fortunately, there is
> still plen
Hi,
I'm looking for input about how other people deal with this problem:
We generate prefix filters for our customers from RADB using their AS
or as-set. Our upstreams do the same for us.
Our filters are generated with a simple WHOIS query and will pick up
objects not only from RADB but from t