RE: Rogers Outage Canada

2022-07-09 Thread Keith Medcalf
>I can't either, but the reality right now seems to be that 911 calls are >failing for anyone on a Rogers cellphone. This is par for the course. These people chose to deal with Rogers despite knowing the consequences. It is like if you bought a Rogers Snowblower and it did not work. That wo

RE: ICANN

2022-07-09 Thread Keith Medcalf
On Friday, 8 July, 2022 19:02, Karl Auerbach said: >Spammers are a scourge and I hope you get that $trilliion. But ICANN >will fairly easily deflect most legal efforts based on a claim that >ICANN bears responsibility. Years ago I proposed a solution from King >Croesus as described by Herodotus

ICANN

2022-07-08 Thread Keith Medcalf
Does anyone have contact information (or address for service of legal documents) for ICANN? There web site does not appear to contain contact information. ICANN apparently promulgates a policy which requires clickage on spam links in e-mail. I intend to sue them for trillions of dollars for th

RE: FCC to Consider New Rules to Combat International Scam Robocalls

2022-04-27 Thread Keith Medcalf
>With AT&T and perhaps others, you can forward the message to 7726 >(spells SPAM on the keypad) and they'll reply asking for the originating >phone number or email address. This is, of course, the root of the problem. The recipient of the spam does not know either the originating phone number

RE: S.Korea broadband firm sues Netflix after traffic surge

2021-10-10 Thread Keith Medcalf
On Sunday, 10 October, 2021 14:21, Mark Tinka wrote: >They are looking at the aggregate Gbps or Tbps of traffic that >BigContent is seeking to deliver across their network, for "no $$". This is blatantly incorrect. The bits were payed for by the requestor. BigContent does not "send bits" to n

RE: SITR/SHAKEN implementation in effect today (June 30 2021)

2021-07-09 Thread Keith Medcalf
>On Friday, 9 July, 2021 16:32, K. Scott Helms wrote: >Robocalls really aren't a product of the legacy PSTN. Today almost none >of them originate from anywhere but VOIP. Now, you can certainly say >that if SS7 had robust authentication mechanisms that we could then trust >caller ID (more) but

RE: SITR/SHAKEN implementation in effect today (June 30 2021)

2021-07-01 Thread Keith Medcalf
>On Wednesday, 30 June, 2021 13:53, Michael Thomas wrote: >From an automated standpoint, I really don't care about whether a phone >number is authentic, I care about the domain that onramped it so I can >theoretically punish it. It's the people who are allowing the spoofing >that is the real pr

RE: Google IP Geolocation

2021-04-10 Thread Keith Medcalf
Does nothing. Does it require permitting the unfettered execution of arbitrary untrusted and untrustworthy code perchance? -- Be decisive. Make a decision, right or wrong. The road of life is paved with flat squirrels who could not make a decision. >-Original Message- >From: NANOG

RE: 10 years from now... (was: internet futures)

2021-03-28 Thread Keith Medcalf
Net to mention, of course, that the Low Orbit constellation would need to be "parked" over China (or where-ever you want to access it). I am quite sure that "shooting down" such low orbit stationary vehicles would not be too difficult. And if they are owned by an adversary who has no permiss

RE: Hosting recommendations ... ?

2021-01-19 Thread Keith Medcalf
>Is nested virtualization really a thing? Real Computers have been running VMs inside VMs for about 50 years. Bringing this technology to "bitty boxes" is a recent thing. -- Be decisive. Make a decision, right or wrong. The road of life is paved with flat squirrels who could not make a dec

RE: Re Parler

2021-01-14 Thread Keith Medcalf
On Thursday, 14 January, 2021 10:02, Mel Beckman wrote: >I, however, do know that this is the contract that was in force. Because >I read the lawsuit, and the contract, which I’ve verified is identical to >the one posted online, is included as an exhibit (although the courts >managed to get the

RE: Re Parler

2021-01-14 Thread Keith Medcalf
On Thursday, 14 January, 2021 04:53, adamv0...@netconsultings.com wrote: >https://aws.amazon.com/agreement/ >7.2 Termination. >(a) Termination for Convenience. You may terminate this Agreement for any >reason by providing us notice and closing your account for all Services >for which we provide

RE: Re Parler

2021-01-14 Thread Keith Medcalf
I thought y'all yankee doodles had this thing called the Communication Decency Act section 230 that prevented a "service provider" from being responsible for the content of third-party's -- whether or not they were acting as a publisher; and, also the principle of law that an agreement to viol

RE: Parler

2021-01-11 Thread Keith Medcalf
ssage- >From: Rod Beck >Sent: Monday, 11 January, 2021 05:13 >To: Keith Medcalf >Subject: Re: Parler > >Hi, > > >Your distinction sounds specious. The Courts have consistently that the >1st amendment protects free speech from government retaliation in many >i

RE: Parler

2021-01-10 Thread Keith Medcalf
>The first amendment deals with the government passing laws restricting >freedom of speech. It has nothing to do with to whom AWS chooses to sell >their services. It is also not absolute (fire, crowded theater, etc.) You are correct and incorrect. The First Amendment prohibits the Government fro

RE: Parler

2021-01-10 Thread Keith Medcalf
Laszko >Sent: Sunday, 10 January, 2021 15:07 >To: Keith Medcalf >Subject: RE: Parler > >Which ones are the Nazi’s? > > > > > >James > > > >From: NANOG On Behalf Of >Keith Medcalf >Sent: Sunday, January 10, 2021 1:59 PM >To: nanog@nanog.org >Cc: n

RE: Parler

2021-01-10 Thread Keith Medcalf
>It's amazing how far the world has stumbled that "fomenting violent >insurrection and calling for the murder of elected officials" now >falls under standard T&Cs against abusive behaviour where this used >to be perfectly fine a year ago. The world is now a different place with the election of t

RE: Parler

2021-01-10 Thread Keith Medcalf
That all only matters if you (the oppressor) believes that your victim (the oppressed) has the means to "bring peace to their enemy" either by wielding devices of War and Destruction or through the Legal System. This is the case with all "habitual criminals" such as AWS, Twitter, Facebook, Google

RE: NDAA passed: Internet and Online Streaming Services Emergency Alert Study

2021-01-03 Thread Keith Medcalf
>I think the challenge here is that there's a category of people >who don't have cell phones, who don't have cable TV, but >receive content over their internet connection. I happen to >live with someone like that, so I know it's a non-zero portion >of the population. I pay for my Internet connect

RE: 10g residential CPE

2020-12-28 Thread Keith Medcalf
On Monday, 28 December, 2020 10:48. Darin Steffl wrote: >The "Free" service doesn't cover your cost of support which is much >higher for residential than any business customer. Our residential >customers call at least 15x more often compared to business customers >compared on a 1:1 ratio. Are y

RE: [External] Re: 10g residential CPE

2020-12-27 Thread Keith Medcalf
On: Sunday, 27 December, 2020 03:26, Mark Tinka wrote: >In the end, and for various reasons, I settled on renewables. Me too. On top of that, diesel and gasoline are pretty reliable. Though some people may argue about "renewables" the fact is that it is all a matter of time-frame. Solar po

RE: [External] Re: 10g residential CPE

2020-12-26 Thread Keith Medcalf
>If the operator wants to keep bufferbloat low you will not be able to >utilise your 1 Gbps to that speed when downloading from distant servers. >But with the same bufferbloat measured in milliseconds you will still >have a 10x bigger buffer and thus 10x bigger bandwidth delay product. >That transl

RE: Are the days of the showpiece NOC office display gone forever?

2020-12-23 Thread Keith Medcalf
On Tuesday, 22 December, 2020 22:42, Wayne Bouchard wrote: >On Wed, Dec 23, 2020 at 02:58:32PM +1000, Robert Brockway wrote: >> On Thu, 17 Dec 2020, Tom Beecher wrote: >> If the last 50 years has shown us anything it is that humans and >> computers working together can achieve far more than either

RE: Weather Service faces Internet bandwidth shortage, proposes limiting key data

2020-12-10 Thread Keith Medcalf
Simply get rid of the gigabytes of JavaScript and stupidly designed crap and hire someone who knows what they are doing and a bandwidth DOWNGRADE will be in order. The root cause is incompetence and it can be fixed by getting rid of all the children and hiring someone who knows what they are doi

RE: outlook inbound email issues?

2020-10-31 Thread Keith Medcalf
Outlook is a client. Microsoft e-mail servers run Sex-Change and the outlook.com domain refers to the servers, not the clients. The Outlook client can "connect" to just about any server ever written but has nothing to do with Microsoft Sex-Change servers. -- Be decisive. Make a decision, r

RE: Linux router network cards

2020-10-24 Thread Keith Medcalf
And do not use an Intel CPU. Intel only has 4x PCIe lanes that are shared out into whatever configuration they claim to have and are totally unsuitable for use in a computer that actually has to be able to do high-speed I/O. -- Be decisive. Make a decision, right or wrong. The road of life

RE: Virginia voter registration down due to cable cut

2020-10-17 Thread Keith Medcalf
>In other news, New Zealand is having national elections this weekend. >New Zealand is usually ranked in the top 10 best election administrations >worldwide. NZ expects to have the majority of ballots counted within 2 >hours of their polls closing on Saturday evening. I thought the HGIC (Head Gh

RE: SRv6

2020-09-21 Thread Keith Medcalf
On Monday, 21 September, 2020 16:16, Randy Bush wrote: >> I'm not sure what you're saying here, I never said MPLS VPNs are >> secure, only private. I hope others recognise that they are >> different concepts. >yes, privacy is one aspect of security. and, as mpls vns are not >private sans encry

RE: understanding IPv6

2020-06-07 Thread Keith Medcalf
On Sunday, 7 June, 2020 21:49, William Herrin wropte: > ... > Keepalive requirements are a property of whether or not you employ stateful > firewalls. > ... Keepalive's are not designed for stateful firewalls, they are designed to permit the endpoints to know whether the communication channe

RE: Curious Cloudflare DNS behavior

2020-05-31 Thread Keith Medcalf
On Saturday, 30 May, 2020 13:18, Joe Greco wrote: >The Internet didn't evolve in the way its designers expected. Early >mistakes and errors required terrible remediation. As an example, look >at the difficulty involved in running a service like e-mail or DNS. >E-mail requires all sorts of thing

RE: Huawei on Mount Everest

2020-05-02 Thread Keith Medcalf
Build a nuclear power plant of course. -- The fact that there's a Highway to Hell but only a Stairway to Heaven says a lot about anticipated traffic volume. >-Original Message- >From: NANOG On Behalf Of Eric Tykwinski >Sent: Friday, 1 May, 2020 12:14 >To: Aaron Gould >Cc: John Levine

RE: free collaborative tools for low BW and losy connections

2020-03-30 Thread Keith Medcalf
On Monday, 30 March, 2020 11:19, Michael Thomas wrote: >On 3/30/20 5:52 AM, Rich Kulawiec wrote: >> On Mon, Mar 30, 2020 at 06:30:16AM -0500, Joe Greco wrote: >>> Actual text traffic has been slowly dying off for years as webforums >>> have matured and become a better choice of technology for

RE: South Africa On Lockdown - Coronavirus - Update!

2020-03-23 Thread Keith Medcalf
Inc. >P: 610-429-8300 > > > On Mar 23, 2020, at 5:23 PM, Mark Tinka <mailto:mark.ti...@seacom.mu> > wrote: > > > > On 23/Mar/20 22:39, Keith Medcalf wrote: > > > > Hardware tokens are nothing more than dedicated hardware TOTP

RE: South Africa On Lockdown - Coronavirus - Update!

2020-03-23 Thread Keith Medcalf
On Monday, 23 March, 2020 14:21, Peter Beckman wrote: >Software-based TOTP offer more security than no one-time passwords, but >admittedly less than the physical tokens. Google Authenticator, Authy, >1Password, LastPass all support TOTP. Hardware tokens are nothing more than dedicated hardware

RE: Sunday traffic curiosity

2020-03-23 Thread Keith Medcalf
On Monday, 23 March, 2020 04:19, Alexandre Petrescu wrote: > ... like 'remote surgery' needs to transmit haptic feedback effect across > long distances. Personally, if I were asked to give consent for surgery and it contained a risk "the communications uses the Internet for transport and t

RE: COVID-19 vs. our Networks

2020-03-20 Thread Keith Medcalf
On Friday, 20 March, 2020 20:43, Mark Tinka wrote: >If we go down this path, who's to say which service provider will or >won't be "targeted" next at the whim of some command & control policy >maker? Is it a rabbit hole whose top-soil we want to uncover? Perhaps the "advertizing" and "JavaScri

RE: COVID-19 vs. our Networks

2020-03-20 Thread Keith Medcalf
On Friday, 20 March, 2020 07:52, Mike Hammett wrote: >Some of the pipes Netflix goes through is also used by other services >that aren't as adaptable. Can you explain why you think that is Netflix problem? I should think that it is a problem being experienced by persons who deliberately chos

RE: COVID-19 vs. our Networks

2020-03-19 Thread Keith Medcalf
On Thursday, 19 March, 2020 10:07, Matt Hoppes wrote: >Agreed... 720 or 1080 Netflix will work just as fine as 4K for the next >month or two. As long as NetFlix lowers their prices proportionately with their reduced level of service. For example, if NetFlix decides they will only provide "

RE: COVID-19 vs. our Networks

2020-03-18 Thread Keith Medcalf
On Wednesday, 18 March, 2020 05:24, Rich Kulawiec wrote: >On Wed, Mar 18, 2020 at 03:43:37AM -0600, Keith Medcalf wrote: >> So you failed because you did not require the person making the >> decision to take responsibility for their decision. That is, your >> organi

RE: COVID-19 vs. our Networks

2020-03-18 Thread Keith Medcalf
On Tuesday, 17 March, 2020 15:48, Rich Kulawiec wrote: >On Tue, Mar 17, 2020 at 11:35:59AM -0700, Owen DeLong wrote: >> Anything in the healthcare vertical that is outside of the medical >> providers control/ownership is a result of the medical provider >> buying into that model on some level. S

RE: COVID-19 vs. our Networks

2020-03-17 Thread Keith Medcalf
On Tuesday, 17 March, 2020 11:04, Mike Bolitho wrote: >>The answer is don't shove application traffic that has tight service >>level requirements onto the public internet at large and expect the same >>performance as private circuits or other SLA protected services. >I keep seeing this over an

RE: COVID-19 vs. our Networks

2020-03-17 Thread Keith Medcalf
On Tuesday, 17 March, 2020 03:31, Mark Tinka wrote: >On 16/Mar/20 21:08, Owen DeLong wrote: >> For up to date local information, check with the local public health >> authority in your jurisdiction. In the US, that will usually >> be your county public health agency. In some cases, individual

RE: COVID-19 vs. our Networks

2020-03-15 Thread Keith Medcalf
If it is "critical" you need a dedicated circuit. If it is "meh, who gives a shit", then you can go though the Internet. The root of the issue is that some idiot did a bad Risk Assessment. Hope it got fired or killed so it won't do this again in the future. Hope you also learned something a

RE: COVID-19 vs. our Networks

2020-03-12 Thread Keith Medcalf
On Thursday, 12 March, 2020 20:37, Valdis Kletnieks wrote: >On Thu, 12 Mar 2020 18:08:05 -0600, "Keith Medcalf" said: >> I don't know but we just issued travel restrictions to the United >> States as it is now a Hot Spot for the unrestricted spread of the >&g

RE: COVID-19 vs. our Networks

2020-03-12 Thread Keith Medcalf
I don't know but we just issued travel restrictions to the United States as it is now a Hot Spot for the unrestricted spread of the coronavirus which causes COVID-19. -- The fact that there's a Highway to Hell but only a Stairway to Heaven says a lot about anticipated traffic volume. >-Orig

RE: akamai yesterday - what in the world was that

2020-03-09 Thread Keith Medcalf
Warzone is a 83-101GB download for new, free-to-play users*. And I remember the days when that would have taken 10 and a half years to download and consumed 56,000 floppy diskettes. My, how times have changed! -- The fact that there's a Highway to Hell but only a Stairway to Heaven says a lo

RE: QUIC traffic throttled on AT&T residential

2020-02-20 Thread Keith Medcalf
On Thursday, 20 February, 2020 08:31, Ca By wrote: >On Thu, Feb 20, 2020 at 8:34 AM Tom Beecher wrote: > I only wish I were insane; but from where I'm sitting, QUIC >has broken > my internet, and the resolution is blocking QUIC. > > The QUIC protocol itself i

RE: Reaching out to Sony NOC, resolving DDoS Issues - Need POC

2020-01-08 Thread Keith Medcalf
On Wednesday, 8 January, 2020 14:35. Octolus Development wrote: >Sony are currently "looking into it" but they do not seem to care much. I >am a customer of Sony, I own PlayStation consoles and I am not able to >access their service. They tell me to change my IP instead of solving the >actual

RE: ICANN extracts $20m signing fee for $1bn dot-com price increases and guess who's going to pay for it?

2020-01-07 Thread Keith Medcalf
On NANOG list , Dan Hollis wrote: >https://www.theregister.co.uk/2020/01/07/icann_verisign_fees/ Operator of the dot-com registry, Verisign, has decided to pay DNS overseer ICANN $4m a year for the next five years in order to “educate the wider ICANN community about security threats.” >98% of

RE: 5G roadblock: labor

2020-01-03 Thread Keith Medcalf
On Friday, 3 January, 2020 10:53, Radu-Adrian Feurdean wrote: >On Fri, Jan 3, 2020, at 16:38, Paul Nash wrote: >>> And more interestingly, if that city's residents and visitors had the >>> option of connecting to active 5G or wi-fi, what do we think they'd >>> choose? >> They’d probably choo

RE: Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read

2019-12-31 Thread Keith Medcalf
On Tuesday, 31 December, 2019 04:44, Constantine A. Murenin wrote: >Just to make it clear: are you suggesting that it should be a requirement >to always verify the site where anonymous people make anonymous edits? >Let that sink in. TLS 1.2 as deployed in Web Browsers does not authenticate th

RE: Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read

2019-12-31 Thread Keith Medcalf
On Tuesday, 31 December, 2019 02:48, Antonios Chariton wrote: >Ignoring the obvious reasons why TLS is needed and HTTP should not be >used, I am curious -- what exactly are those "obvious reasons"? (And for the record HTTP *IS* being used, it is just being tunneled inside a TLS connection).

RE: 5G roadblock: labor

2019-12-30 Thread Keith Medcalf
>> It'd be nice to see what benefits 5g really has for carriers and >> consumers/users... It looks, to me, like a bunch of the 5g hype is >> really: "uhm, we need to sell these carriers on the G++ ... spin up >> the hype machine about speed!" never mind the cost to deploy, range of >> deployment,

RE: 5G roadblock: labor

2019-12-30 Thread Keith Medcalf
>> Also, keep in mind that 10 years ago, you didn't know you would want >> or need 25mbits to your phone, >Who needs 25mbits to their phone? I can only talk to one party at a time, so there is no need for more than a single bearer channel worth of bandwidth. -- The fact that there's a Highway

RE: 5G roadblock: labor

2019-12-30 Thread Keith Medcalf
On Monday, 30 December, 2019 13:24, Matthew Petach wrote: >Unfortunately, Wi-Fi handoffs suck donkey balls compared to >cell tower handoffs when moving. It's fine when you're >stationary, but walking down the street, and shifting from >one wifi hotspot to the next, you're going to be dropping

RE: Iran cuts 95% of Internet traffic

2019-12-29 Thread Keith Medcalf
Why would anyone with anything important to say use somethingmail.com Somethingmail.com is not e-mail. It is a Giggle Gaggle Google thing. -- The fact that there's a Highway to Hell but only a Stairway to Heaven says a lot about anticipated traffic volume. >-Original Message- >From:

RE: power to the internet

2019-12-26 Thread Keith Medcalf
>I just looked up Telsa's battery packs and they seem to be between >60-100kwh. Our daily use is about 30kwh in the fall, so it's only 2-3 >days. Admittedly we can turn off the hot tub, water heater, etc to >stretch it out. And of course, that means that you can't drive it... The >one thing that

RE: FCC proposes $10 Million fine for spoofed robocalls

2019-12-20 Thread Keith Medcalf
On Friday, 20 December, 2019 10:57, Mark Milhollan wrote: >On Thu, 19 Dec 2019, Keith Medcalf wrote: >>You should ALWAYS talk to the call center behind the robocaller. The >>robocaller (the one playing the message) is relatively local and the >>cost of that call is mini

RE: FCC proposes $10 Million fine for spoofed robocalls

2019-12-19 Thread Keith Medcalf
On Thursday, 19 December, 2019 19:07, Valdis Kletnieks wrote: >On Thu, 19 Dec 2019 16:02:42 -0700, "Keith Medcalf" said: >> That stupid people do stupid things has no bearing on me. If there is >> a legal requirement for these people to be "notifying"

RE: FCC proposes $10 Million fine for spoofed robocalls

2019-12-19 Thread Keith Medcalf
This, of course, will do no good. These so called "Robocalls" are exactly that. They generate a random number to call and play the silly canned message. If you press whatever the code is to talk to the idiots, they then hand off the call to a call center. You should ALWAYS talk to the call

RE: FCC proposes $10 Million fine for spoofed robocalls

2019-12-19 Thread Keith Medcalf
As long as that tactical air strike uses MIRV nuclear warheads so none of the little f*ckers get away ... -- The fact that there's a Highway to Hell but only a Stairway to Heaven says a lot about anticipated traffic volume. >-Original Message- >From: NANOG On Behalf Of >Jeff Shultz >

RE: FCC proposes $10 Million fine for spoofed robocalls

2019-12-19 Thread Keith Medcalf
On Thursday, 19 December, 2019 14:02, Michael Homas wrote: >There are robocalls that you want to get. Here in california, our >wonderful electric company sends out robocalls when they are going to >cut our electricity so they don't get blamed for burning down cities >(and then still manage to an

RE: FCC proposes $10 Million fine for spoofed robocalls

2019-12-19 Thread Keith Medcalf
On Thursday, 19 December, 2019 13:57, Michael Thomas wrote: >Plus if it didn't work well/too cumbersome/etc with email, it probably >won't be any better with voice. We have lots of experience with what >doesn't work for email. I really do not care. It is my e-mail server. It is my telephone.

RE: FCC proposes $10 Million fine for spoofed robocalls

2019-12-19 Thread Keith Medcalf
sting) available for extra charge. >On Thu, 19 Dec 2019, Keith Medcalf wrote: > >> >> "CallerID" is a misnomer. It is actually the "Advertized ID". >However, the telco's realized you would not pay to receive advertizing so >they renamed it to something

RE: FCC proposes $10 Million fine for spoofed robocalls

2019-12-19 Thread Keith Medcalf
"CallerID" is a misnomer. It is actually the "Advertized ID". However, the telco's realized you would not pay to receive advertizing so they renamed it to something they thought you would pay for. Pretty canny business model eh? And apparently y'all fell for it, thinking it was related to

RE: Gmail email blocking is off the rails (again)

2019-12-04 Thread Keith Medcalf
On Wednesday, 4 December, 2019 23:24, b...@theworld.com wrote: >But that's ok, the new masters of this universe will just charge both >ends for each and every email (perhaps a few included free with your >Hulu or Netflix subscription) and old timers will talk about how great >it was back in the

RE: Disney+ Streaming

2019-11-29 Thread Keith Medcalf
On Friday, 29 November, 2019 05:43, Brandon Butterworth wrote: >I'm not conviced music really learned either, once CDs are gone >there will be little access to reasonable quality uncompressed >downloads as everyone chases quite compressed streams. There are quite a lot of places where you can

RE: Iran cuts 95% of Internet traffic

2019-11-21 Thread Keith Medcalf
>"Internet penetration and complexity has vastly grown in Iran >over the past decade, but the country’s users still connect >to the global network through just two gateways. Both are >controlled by the regime, and can be blocked when it chooses." > >"Access to the internet is gradually being rest

RE: New Alaskan Network

2019-10-25 Thread Keith Medcalf
Bwahahahaha! It is internally inconsistent. Perhaps this is just shoddy reporting, or perhaps the whole thing is just someone's idea of a wet dream. "The line will begin in North Pole, Alaska and will travel through Canada, connecting with Canadian carriers, where it will finally connect with

RE: Unable to email anyone from my primary domain name; thanks Google Mail and G Suite.

2019-10-23 Thread Keith Medcalf
On Wednesday, 23 October, 2019 18:36, Brandon Applegate wrote: >Bigger picture, I think that (unfortunately) we will see more and more >problems like this. With the large providers running so much (as you >mentioned - “monoculture”), and their services tending toward the “black >box” ... I do

RE: BGP over TLS

2019-10-22 Thread Keith Medcalf
On Tuesday, 22 October, 2019 13:26, Jared Mauch wrote: >No, >> On Oct 22, 2019, at 2:08 PM, Keith Medcalf wrote: >> At this point further communications are encrypted and secure against >>eavesdropping. >The problem isn't the protocol being eavesdropped on. T

RE: BGP over TLS

2019-10-22 Thread Keith Medcalf
>TLS in the traditional sense 'requires' that there be an X.509 >certificate to use in authenticating (and to some extent authorizing - >can you be a CA? sign email? etc...) endpoints, ideally you do 'tls >mutual authentication'... That is incorrect. I believe that an endpoint (lets call it Alice

RE: BGP over TLS

2019-10-21 Thread Keith Medcalf
On Monday, 21 October, 2019 09:44, Robert McKay wrote: >On 2019-10-21 16:30, Keith Medcalf wrote: >> Why do you need to do anything? TLS is Transport Layer Security and >> it's sole purpose is to protect communications from eavesdropping or >> modification by

RE: BGP over TLS (was: Re: "Using Cloud Resources to Dramatically Improve Internet Routing")

2019-10-21 Thread Keith Medcalf
>On 21/10/19 6:30 pm, Bjørn Mork wrote: >> Yes, and I really like Julien's proposal. It even looks pretty >> complete. There are just a few details missing around how to make the >> MD5 => TLS transition smooth. >At least for those systems that run on Linux (which is most all of the >major's

RE: "Using Cloud Resources to Dramatically Improve Internet Routing"

2019-10-20 Thread Keith Medcalf
On Sunday, 20 October, 2019 06:08, Bjørn Mork wrote: >Hank Nussbacher writes: >> Centralized Internet routing - sounds like DoH for BGP. >Great idea! Why don't we just run BGP over HTTPS? Everyone already has >a browser, so we can get rid of all these expensive routers. >The future is BoH

RE: Update to BCP-38?

2019-10-08 Thread Keith Medcalf
od (2) instead. -- The fact that there's a Highway to Hell but only a Stairway to Heaven says a lot about anticipated traffic volume. >-Original Message- >From: Mark Collins >Sent: Tuesday, 8 October, 2019 12:17 >To: Keith Medcalf ; nanog@nanog.org >Subject: Re: Update

RE: Update to BCP-38?

2019-10-08 Thread Keith Medcalf
On Tuesday, 8 October, 2019 11:03, William Herrin wrote: >Limiting the server banner so it doesn't tell an adversary the exact OS- >specific binary you're using has a near-zero cost and forces an adversary >to expend more effort searching for a vulnerability. It doesn't magically >protect you f

RE: Update to BCP-38?

2019-10-08 Thread Keith Medcalf
>Not everyone attacking your systems is going to have the skills or >knowledge to get in though - simple tricks (like hiding what web server >you use) can prevent casual attacks from script kiddies and others who >aren't committed to targeting you, freeing your security teams to focus >on the serio

RE: "Using Cloud Resources to Dramatically Improve Internet Routing"

2019-10-07 Thread Keith Medcalf
On Monday, 7 October, 2019 08:55, Rich Kulawiec wrote: >On Mon, Oct 07, 2019 at 04:42:11PM +0200, Stephane Bortzmeyer wrote: >> Otherwise, an impressive amount of WTF. My favorite: "while >> communication by servers ___on the ground___ might take hundreds of >> milliseconds, in the cloud the s

RE: Update to BCP-38?

2019-10-04 Thread Keith Medcalf
On Friday, 4 October, 2019 16:05, William Herrin wrote: >On Thu, Oct 3, 2019 at 2:28 PM Keith Medcalf wrote: >> On Thursday, 3 October, 2019 11:50, Fred Baker >> wrote: >>> A security geek would be all over me - "too many clues!". >> Anyone who say

RE: Update to BCP-38?

2019-10-03 Thread Keith Medcalf
On Thursday, 3 October, 2019 11:50, Fred Baker wrote: > A security geek would be all over me - "too many clues!". Anyone who says something like that is not a "security geek". They are a "security poser", interested primarily in "security by obscurity" and "security theatre", and have no

FW: This DNS over HTTP thing

2019-10-03 Thread Keith Medcalf
Masataka Ohta wrote: > >Livingood, Jason wrote: > >> The challenge of course is that in the absence of a silver bullet >> solution, that people working to combat all forms of childsorship >> exploitation are simultaneously trying several things, ranging from >> going to the source as you suggest

RE: This DNS over HTTP thing

2019-10-02 Thread Keith Medcalf
On Wednesday, 2 October, 2019 15:21, Jay R. Ashworth wrote: >>>HTTP/451 >> >> Completely different protocol than what the rest of this thread is >> about, much more invasive wrt possibility of logging, and requires >> a lot more infrastructure and actual lying in DNS to make work. > >Closed capti

RE: This DNS over HTTP thing

2019-10-02 Thread Keith Medcalf
On Wednesday, 2 October, 2019 14:52, John Levine wrote: >I think in the outside world you'll find very little support for an >argument that filtering DNS is fundamentally broken. Well, it is certainly trivial to bypass. Therefore it is a fantastic tools for tyrants and other fuckwads -- just

RE: This DNS over HTTP thing

2019-10-02 Thread Keith Medcalf
On Wednesday, 2 October, 2019 10:55, Sabri Berisha wrote: >> Firefox and Chrome now reportedly use it unless you tell them not to. >Just imagine how this list would explode if BGP implementations would all >of a sudden have their default behavior changed to include auto- >negotiated MD5 passwor

RE: This DNS over HTTP thing

2019-10-02 Thread Keith Medcalf
On Wednesday, 2 October, 2019 03:55, Tom Ivar Helbekkmo wrote: >However: because the browser cannot know for sure that the DNS traffic >is being routed over a secure channel, and browsers are being used for >all sorts of sensitive communication, it could check, and try to assist >the user. Se

RE: This DNS over HTTP thing

2019-10-02 Thread Keith Medcalf
On Tuesday, 1 October, 2019 22:15, David Conrad wrote: >DoH (and DoT) encrypt (and authenticate) the application <-> recursive >resolver channel (NOT the DNS data) which I gather some view as an attack >vector. Actually no. DoH and DoT encrypt the application <-> recursive resolver applicati

RE: This DNS over HTTP thing

2019-10-01 Thread Keith Medcalf
On Tuesday, 1 October, 2019 01:39, Stephane Bortzmeyer wrote: >On Mon, Sep 30, 2019 at 11:56:33PM -0400, Brandon Martin wrote >> It's use-application-dns.net. NXDOMAIN it, and Mozilla (at least) >> will go back to using your local DNS server list as per usual. > Unless, I hope, the user exp

RE: BGP routes by country

2019-09-26 Thread Keith Medcalf
RIR Delegations data is public. https://www.apnic.net/about-apnic/corporate-documents/documents/resource-guidelines/rir-statistics-exchange-format/ The various RIR delegation statistics can be gotten from: https://ftp.afrinic.net/pub/stats/afrinic/delegated-afrinic-latest https://ftp.apnic.net/

RE: Colombia Network Operators Group

2019-09-23 Thread Keith Medcalf
Fascinating. What is the security threat I wonder, that there is no JavaScript? >-Original Message- >From: NANOG On Behalf Of Scott Weeks >Sent: Monday, 23 September, 2019 13:06 >To: nanog@nanog.org >Subject: Re: Colombia Network Operators Group > > > >--- meh...@akcin.net wrote: >From

RE: DNS Recursive Operators: Please enable QNAME minimization (RFC7816) for the enhanced privacy of your users

2019-09-18 Thread Keith Medcalf
For efficiency of censorship. If you want to stop some domain name from resolving you have to get everyone on the planet to block that DNS resolution in their recursive resolver. However, if everyone uses the same single DNS server operated by a single entity, then you only have to coerce th

RE: Research project on blacklists

2019-08-08 Thread Keith Medcalf
On Thursday, 8 August, 2019 13:43, J. Hellenthal wrote: >Just as well as the proper signature divider in an email is actually >“dash dash space” >\o/ >Site works just fine. Doubt javascript here is of any concern to >anyone whatsoever. >Just sayin qualtics.com loads a blacklisted malicious

RE: Research project on blacklists

2019-08-08 Thread Keith Medcalf
Cannot access your website. Just has a spinning colostomy bag. Too much malicious javascript and malicious trackers. If you expect people to visit the website, perhaps you should make it more useable, because at the moment, it is completely and utterly useless! And there is no way I am goin

RE: What can ISPs do better? Removing racism out of internet

2019-08-07 Thread Keith Medcalf
On Wednesday, 7 August, 2019 13:38, b...@theworld.com wrote: >I propose that the RIGHT THING TO DO would be to seek out, promote >(to >both customers and the public), and support various curation >services like netnanny. IANAP (I Am Not A Psychiatrist) however, persons who, when reading or hear

RE: the CLOUD Act (was What can ISPs do better? Removing racism out of internet)

2019-08-06 Thread Keith Medcalf
On Tuesday, 6 August, 2019 13:21, Valdis Kletnieks wrote: >On Tue, 06 Aug 2019 12:54:55 -0600, "Keith Medcalf" said: >> I realize that the purpose of the terms "serve a demand" if legal >> globedey-glook phrased to pompously instill in the reader some >&

RE: the CLOUD Act (was What can ISPs do better? Removing racism out of internet)

2019-08-06 Thread Keith Medcalf
On Tuesday, 6 August, 2019 12:17, Anne P. Mitchell, Esq. wrote: ... >John Deaux is from London, and a citizen of the UK. John is working >in the U.S., at a tech company in Palo Alto, California. John has a >Gmail account, and uses Dropbox to store his photos. A law >enforcement agency in the

RE: What can ISPs do better? Removing racism out of internet

2019-08-05 Thread Keith Medcalf
>Hey, I got my Network+ too. dafuq is a "BGP"? That's what the British get after too much Beer-o-clock. A Bloody-Good-Puking ... -- The fact that there's a Highway to Hell but only a Stairway to Heaven says a lot about anticipated traffic volume.

RE: What can ISPs do better? Removing racism out of internet

2019-08-05 Thread Keith Medcalf
On Monday, 5 August, 2019 10:25, Bryan Fields wrote: >I'd be more concerned with the lack of notice given to their >customer. This was 24 hours notice, and I'd expect at least >30 days under any hosting contract. This scares the shit >out of me as a customer; could cloudflare decide to give m

RE: What can ISPs do better? Removing racism out of internet

2019-08-05 Thread Keith Medcalf
On Monday, 5 August, 2019 09:16, Mel Beckman wrote: >“Now, enough of this off-topic stuff and back to our regularly >scheduled programming.” >Keith, what could be more on-topic than an ISP’s status as a common >carrier? Seems pretty operational to me. I think that is closing the barn door aft

RE: What can ISPs do better? Removing racism out of internet

2019-08-05 Thread Keith Medcalf
On Sunday, 4 August, 2019 21:41, Mehmet Akcin wrote: >Most of us who operate internet services believe in not being the >moderator of internet. We provide a service and that’s it. Obviously >there are some established laws around protecting copyrights, and >other things which force us to legall

  1   2   3   4   >