On 2018-03-23 at 13:55 +, Daniel Kahn Gillmor wrote:
> Sadly, SNI iand ALPN are both still in the claer in the TLS 1.3
> handshake.
Ah, thank you. I hadn't read the draft, but have just read the relevant
parts of v26. I don't recall what source I read which led me to believe
otherwise, other
On Fri 2018-03-23 11:10:49 +, Andrew Gallagher wrote:
> Updating the sets on each side is outside the scope of the recon
> algorithm, and in SKS it proceeds by a sequence of client pull requests
> to the remote server. This is important, because it opens a way to
> implement object blacklists i
On Mon 2018-03-19 17:24:07 -0400, Phil Pennock wrote:
> On 2018-03-19 at 22:14 +0100, Kristian Fiskerstrand wrote:
>> On 03/19/2018 10:08 PM, Phil Pennock wrote:
>> > Do we care?
>>
>> I'm tempted to say no..
I also agree that we do not care, and should issue no guidance that
encourages servers
On 23/03/18 11:10, Andrew Gallagher wrote:
> Another effective method that does not require an ongoing management
> process would be to blacklist all image IDs
It occurs to me that this would be more wasteful of bandwidth than
blocking objects by their hash, as the server would have to request the
On Mon, Mar 19, 2018 at 11:08:13PM +0100, Kristian Fiskerstrand wrote:
> On 03/19/2018 10:40 PM, Hendrik Visage wrote:
> >> Now.. if anyone were to actually disable everything but 1.3, that'd be
> >> exclusion worthy from the pool, but lets do this manually if so.
> >
> > I’ve not seen and TLS1.2
FWIW, while I'm effectively no longer involved in SKS development, I
do agree that this is a problem with the underlying design, and
Andrew's suggestions all sound sensible to me.
On Fri, Mar 23, 2018 at 7:10 AM, Andrew Gallagher wrote:
> Hi, all.
>
> I fear I am reheating an old argument here, b
Hi, all.
I fear I am reheating an old argument here, but news this week caught my
attention:
https://www.theguardian.com/technology/2018/mar/20/child-abuse-imagery-bitcoin-blockchain-illegal-content
tl;dr: Somebody has uploaded child porn to Bitcoin. That opens the
possibility that *anyone* usin