On 1/11/2019 2:50 PM, Grant Taylor via NANOG wrote:
On 01/11/2019 12:32 PM, Rob McEwen wrote:
but if done right, fwiw,, wouldn't that be sent over SMTP using TLS
encryption?
Oy vey. in-flight vs at-rest encryption.
which is why i said "fwiw", acknowledging upfront that TLS transmission
e
Whaddya expect guys, the mailing list is hosted on an embedded DVR recorder
On Fri, Jan 11, 2019 at 12:52 PM Töma Gavrichenkov
wrote:
> 11 Jan. 2019 г., 23:19 Mark Andrews :
> >> So STARTTLS strip is not a problem anymore?
>
>>
> > If you deploy DANE (client and server
> > sides) then stripping
11 Jan. 2019 г., 23:19 Mark Andrews :
>> So STARTTLS strip is not a problem anymore?
>
> If you deploy DANE (client and server
> sides) then stripping STARTTLS is
> ineffective for the target domain.
If you defer to send (and finally bounce) everything targeted at a domain
that fails TLSA lookup,
> On 12 Jan 2019, at 6:36 am, Töma Gavrichenkov wrote:
>
> 11 Jan. 2019 г., 22:33 Rob McEwen :
> > but if done right, fwiw,, wouldn't that
> > be sent over SMTP using TLS encryption
>
> So STARTTLS strip is not a problem anymore?
If you deploy DANE (client and server sides) then stripping ST
Additionally, subscribe mail to the email address is bouncing.
Anne
Anne P. Mitchell,
Attorney at Law
CEO/President,
SuretyMail Email Reputation Certification
http://www.SuretyMail.com/
Certified Sender DNSBL here: iadb.isipp.com
Info here: https://www.isipp.com/email-accreditation/for-isps/
G
On 1/11/19 12:11 PM, Andreas Ott wrote:
On Fri, Jan 11, 2019 at 12:17:09PM -0500, Rich Kulawiec wrote:
On Fri, Jan 11, 2019 at 08:23:31AM -0800, Yang Yu wrote:
* no HTTPS
HTTPS isn't needed for this application. I'll probably add it anyway
when I have a chance, but there are other thin
On 01/11/2019 12:32 PM, Rob McEwen wrote:
but if done right, fwiw,, wouldn't that be sent over SMTP using TLS
encryption?
Oy vey. in-flight vs at-rest encryption.
(but, then again, that ALSO requires a certificate!)
Let's Encrypt works perfectly fine for that too. }:-)
--
Grant. . .
11 Jan. 2019 г., 22:33 Rob McEwen :
> but if done right, fwiw,, wouldn't that
> be sent over SMTP using TLS encryption
So STARTTLS strip is not a problem anymore?
--
Töma
On 1/11/2019 1:11 PM, Andreas Ott wrote:
Admittedly, mailman does
send you the password in clear text over SMTP if you ask for it
but if done right, fwiw,, wouldn't that be sent over SMTP using TLS
encryption? (but, then again, that ALSO requires a certificate!)
--
Rob McEwen, invaluement
On Fri, Jan 11, 2019 at 12:17:09PM -0500, Rich Kulawiec wrote:
> On Fri, Jan 11, 2019 at 08:23:31AM -0800, Yang Yu wrote:
> > * no HTTPS
>
> HTTPS isn't needed for this application. I'll probably add it anyway
> when I have a chance, but there are other things ahead of it.
I respectfully disag
Thank you! Forwarded that to the RIPE IoT WG.
10 Jan. 2019 г., 19:23 Rich Kulawiec :
> The "dumpsterfire" mailing list is for the discussion of security and
> privacy issues related to the IoT (Internet of Things). Arguably,
> the entire IoT *is* a security and privacy issue, but we'll get to th
On Thu, Jan 10, 2019 at 10:57:02AM -0600, J. Hellenthal via NANOG wrote:
> Unfortunately I don???t see this as having very much connectivity where I am
> at.
It's not the best-connected or most powerful server, however it's been
running a bunch of public/private mailing lists for many years and
f
On Fri, Jan 11, 2019 at 08:23:31AM -0800, Yang Yu wrote:
> * no HTTPS
HTTPS isn't needed for this application. I'll probably add it anyway
when I have a chance, but there are other things ahead of it.
> * archive is returning HTTP 403
That is exactly what you should expect to see when a Mai
On Fri, Jan 11, 2019 at 10:30:57AM -0600, Mike Hammett wrote:
> No HTTPS?!?! Where are the tar and feathers??!?!!
>
> This isn't something that needs HTTPS.
> -
> Mike Hammett
> Intelligent Computing Solutions
True, but our browser overlords would condemn it because they seem
to believe
Cc: "NANOG list"
Sent: Friday, January 11, 2019 10:23:31 AM
Subject: Re: Announcing: "dumpsterfire", the mailing list for IoT
security/privacy issues
On Thu, Jan 10, 2019 at 8:23 AM Rich Kulawiec wrote:
>
> The "dumpsterfire" mailing list is for the di
A dumpster fire, indeed.
On Fri, Jan 11, 2019, 11:26 AM Yang Yu On Thu, Jan 10, 2019 at 8:23 AM Rich Kulawiec wrote:
> >
> > The "dumpsterfire" mailing list is for the discussion of security and
> > privacy issues related to the IoT (Internet of Things). Arguably,
> > the entire IoT *is* a secu
On Thu, Jan 10, 2019 at 8:23 AM Rich Kulawiec wrote:
>
> The "dumpsterfire" mailing list is for the discussion of security and
> privacy issues related to the IoT (Internet of Things). Arguably,
> the entire IoT *is* a security and privacy issue, but we'll get to that
> in good time.
>
> If you w
Unfortunately I don’t see this as having very much connectivity where I am at.
host firemountain.net
firemountain.net has address 207.114.3.55
firemountain.net mail is handled by 10 taos.firemountain.net.
firemountain.net mail is handled by 20 ukiah.firemountain.net.
host www.firemountain.net
www
The "dumpsterfire" mailing list is for the discussion of security and
privacy issues related to the IoT (Internet of Things). Arguably,
the entire IoT *is* a security and privacy issue, but we'll get to that
in good time.
If you want to join, you can either use the list's web page:
http
19 matches
Mail list logo