Slashdot Mirror

This is good - great reading, highly recommended.

For the uninitiated, every year on April 1, an RFC like this is released. This is the best one yet. Also, Bellovin (the author) is well-respected in the security community.

I think that Broadcast Flag is exactly what we need to solve the problem of Internet piracy. Let us also not forget about implementing the Security Flag from RFC 3514 while we're at it.

it wasn't until fairly recently that NAT would actually deal decently with FTP, but it requires mangling the packets.

The original RFC includes PASV, which is all you really need. The alternative, using PORT, may not be a good idea anyway.

since NAT is useless for servers, you're only going to see it on clients

This, I think, will actually become a problem. As people want to do more with the net, there's more cases where allowing connections into a machine becomes useful. You have to do really annoying hacks to do that (or something equivalent) with NAT.

You would do better to simply link to the Gasoline FAQ.

By "IP reaching motor vehicles" I hope you don't mean an RFC1149 carrier pooping on your BMW automobile.

And to that end: Csh Programming Considered Harmful.

Anyone who puts me in tcsh had can expect serious bashing or Korn holing in return.

IPv5 or ST2+ is circuit switched instead of packet switched.

pink contract

From RFC 1911 section 4.2 (Message Header Fields)

Sensitivity

The sensitivity header, if present, indicates the requested privacy level. The case-insensitive values "Personal" and "Private" are specified. If no privacy is requested, this field is omitted.

If a sensitivity header is present in the message, a conformant system MUST prohibit the recipient from forwarding this message to any other user. If the receiving system does not support privacy and the sensitivity is one of "Personal" or "Private", the message MUST be returned to the sender with an appropriate error code indicating that privacy could not be assured and that the message was not delivered [X400].


Yes it's X400, but there is prior art on this. :) Wonder if they are embracing, or extending....

The baby breathing thing is nice, but beyond that I never felt the need to monitor my kid 24/7. In fact, I find the idea kind of creepy.At best it smacks of neurosis on the part of the parent.

There is that thing called Sudden Infant Death Syndrome. Basically small kids just tend to die from time to time for no apparent reason. :( "SIDS is the leading killer of infants between one week and one year with an
approximate rate of two per thousand live births (1 in 500). 6000-7000 babies die of SIDS every year in the US." (from SIDS FAQ)

So this is not neurosis, this is trying to save the children (tm). There are some reasons to believe that if you can get to the kid real fast, you might have a chance to save him. 24/7/365 monitoring comes handy.

Sonic analysis and natural-language processors will be able to detect if those VoIP packets contain data inconsistent with verbal communication (even if computers can't understand speech, they'll soon be able to recognize it), and the police will come with a warrant.

They'll be listening to the sound of my voice saying one of 2^n words for each n bits. Raw IP can be tunnelled over nearly anything.

Explanation is here -- people were making those predictions for at least 20 years already, though with different reasons to support it.

I prefer RFC 1149 over the outdated technology referred to as "telegrams".

Porcelain Hinged Box?
Per Hop Behavior from RFC 3246?
Carrying Case from Sony?

Google hit # 2 for PHB: Pointy-Haired Boss

``How far away can in-flight IP/LASER broadband be?''

Is that going to be a revision to RFC 1149?

Did you just say "tcsh"?! Actually, if you think tcsh or csh are suitable shells for ANY administrative scripting, please put down the mouse and step away from the keyboard.

Good grief - do people never learn?

PLEASE, PLEASE, PLEASE at least consider the following:
Csh Programming Considered Harmful

Does a LART count as Non-Technological? ;-)

More here

That's easy, just put your paw down on them. Doing some quadruple bucky Y, now that's something hard to do with only your hands... I wonder if there are any programs out there that do something cool with them (easter eggs?)

Please, that's nothing. Check out this keyboard from an old Symbolics Lisp machine.

Yeah, that's right. Wanna know what happens when you type Hyper-Super-Meta-Control-Symbol-Shift-Square? So do I...

See also space-cadet keyboard.

here

Damn, I can no more complain about the stupidity of using XML for this... hmmm... Maybe they can transmit their packet in "IP over XML" instead of plain IP, then ?..

Call Center, Bug Tracking and Project Management Tools for Linux.

Also: Problem Management Tools Summary.

Might want to check your RFCs on that claim. Section 4.3.3 "Wildcards" of RFC 1034 is a good place to start your reading.

When an asteroid enters the Earth atmosphere, it comes known as Happy Fun Ball.

As I read through it I couldn't help thinking it would be funny if it were a geek-humor peice, like RFC 1149 - Standard for the transmission of IP datagrams on avian carriers. The fact that it wasn't humor just made it painful, very very painful.

Sigh. I'd be happy if we could just return to the simple rational rule that math and algorithms were not patentable subject matter. Just to be crystal clear, that means returning to the traditional patent system where "computer implemented invention" was a contradiction in terms.

-

He didn't really invent the use of multiple shift keys. It was a well established functionality of the space cadet keyboard, used on MIT LISP machines back in the 70s.

If you're doing voice or video conferencing, you may wish to go with IP over Avian Carriers with QoS (RFC 2549).

If you're doing voice or video conferencing, you may wish to go with IP over Avian Carriers with QoS (RFC 2549).

You can always use your network cables instead; brief description or full paper.

Anyone care to use the method with RFC1149 Avian Carrier Protocol, namely Using Ping to determine Speed of Flight!

Nope, carrier pigeons!

Actually this is an old concept. RFC 1149 describes the use of IP over avian carriers. I don't believe there is an RFC to describe the layer-4 TCP protocol. The RFC only talks about layer-3 IP. However, there was an additional RFC put out RFC 2549 which allows for QoS.

My understanding is that someone did some tests using this implementation of IP. Apparently the ping times reflected some serious latency problems.

Actually this is an old concept. RFC 1149 describes the use of IP over avian carriers. I don't believe there is an RFC to describe the layer-4 TCP protocol. The RFC only talks about layer-3 IP. However, there was an additional RFC put out RFC 2549 which allows for QoS.

My understanding is that someone did some tests using this implementation of IP. Apparently the ping times reflected some serious latency problems.

Nonsense! This kind of exerimental low-bandwidth, low-reliability protocol has a long and honorable history!

Nonsense! This kind of exerimental low-bandwidth, low-reliability protocol has a long and honorable history!

Nonsense! This kind of exerimental low-bandwidth, low-reliability protocol has a long and honorable history!

Nonsense! This kind of exerimental low-bandwidth, low-reliability protocol has a long and honorable history!

Back in the old days no one would have thought about the implications, now we could have BongoChat!

When moving, a bicycle is inherantly stable, as there are two aligned gyroscopes keeping it going forward. It's only unstable when not moving or nearly not moving. Even when stopped, it is only ustable perpendicular to the direction of motion.

>Godwin if you please?

Oh boy, not the Godwin excuse again. Let's review what he said and why people overuse it so often.

Check sections 5 and 6 in particular:

5. What should I do if somebody else invokes Godwin's Law?

The obvious response is to call them on it, say "thread's over",
and declare victory. This is also one of the stupidest possible responses,
because it involves believing far too much in the power of a few rules that
don't say exactly what you wish they said anyway. The proper response to
an invocation is probably to simply followup with a message saying "Oh.
I'm a Nazi? Sure. Bye" and leave, and in most cases even that much of a
post is unnecessary.

6. "Hitler!" Ha! The thread is over!

Nope, doesn't work that way. Not only is it wrong to say that a
thread is over when Godwin's Law is invoked anyway (Usenet threads
virtually always outlive their usefulness), but long ago a corollary to
the Law was proposed and accepted by Taki "Quirk" Kogama (quirk@swcp.com):

Quirk's Exception: Intentional invocation of this so-called
"Nazi Clause" is ineffectual.

So, you see, unless you are going about and suggesting "Group XYZ are Nazis" or "You are a Nazi", it really just doesn't cut it. The AC prior to my post simply stated what he believed to be a fact, he insulted no one (and anyone who has taken offense to it has far too thin a skin):

Hitler would have been right if he had just fought a little harder.

Which, surprisingly, you seem to agree with. I don't...

I stated a scientific fact (that, IMHO, is correct) in rebuttal. How can he possibly have been right if his way would have led to intolerable suffering *to his own people*, and eventual death to everyone?

Right for people isn't what is right for a government. Right for people is what keeps people healthy and alive.

587 is the "mail submission port", and is designed to be the port on which mail is originated, leaving port 25 for transferring mail between MTA's. This has various properties in that they can treat authentication differently (SMTP auth is required on port 587), and therefore has a number of anti-spam properties as well as some other benefits. Obviously port 25 is not going away for MSA's anytime soon, but it's a step. One big adopter of this is AOL: AOL users using AOL network services (e.g. corporate accounts) already are required to use port 587 when not using an AOL dialup, as AOL already rejects direct-to-MX on port 25 for most dynamic IP's.

It's all spelled out in RFC2476

Java is just a knife. Perl is the Swiss Army Chainsaw.

Without having researched SIL, the ccTLDs are built on the top of ISO-3166, and so, it is certainly a non-trivial matter to change all this... This is essentially a tax on everything on the Internet, and would be huge burden. I submitted this story last night, BTW, but it was rejected.

RFC 2993 - Architectural Implications of NAT

He is completely correct, you are completely incorrect.

Why do people just love NAT ?

Is it a "superiority complex" thing ?

"Ha ha ha, I'm better than the hackers, my addresses are hidden".

or

"Hee hee, my ISP doesn't realise I'm connecting more than one PC" BONK. Yes they do.

Its a pitty these NATters don't realise

• NAT doesn't protect you from email payload viruses.
• NAT doesn't protect you from spy where. You downloaded that when you downloaded the free P2P software. Once inside your NAT box, it can establish more outgoing TCP connections, and download what ever it likes.
• TCP connections are full duplex - data (innocent or malicious) can be downloaded via a TCP connection initiated in the outgoing direction. That is how the WWW works !

Its just breaking the Internet, killing off useful peer to peer applications like speakeasy.

Do people like screwing around with their NAT box configuration everytime they add a new P2P application ? (dumb question on slashdot I suppose).

For those that think it is wonderful, spend some time reading and understanding this RFC

Until that point, you don't have an informed opinion about NAT, so you shouldn't express it.

What are you, a lawyer?

I feel sorry for people who believe that solutions to moral problems lie in the legal system. I don't think it's immoral to drive 16 mph in a 15 mph zone. I do cruelty is immoral, even when "legal." Please tell me, exactly how does the legal system solve moral problems?

The problem with spam on Simple Mail Transport Protocol is that the it doesn't require authentication (Read the Fine RFC). It's ridiculous to cry and ask the government for help just because somebody is using the protocol within specifications. We're never going to get rid of all the SMTP spammers.

If you don't like SMTP, don't use it. If you don't like spam, use a whitelist, get PGP, quit using e-mail, or, better yet, write a new mail transport protocol.

Except that, if a domain name has no MX, the A record is used instead.
Quoteth chapter & verse (RFC 2821, section 5):
"If no MX records are found, but an A RR is found, the A RR is treated as if it was associated with an implicit MX RR, with a preference of 0, pointing to that host."
So, any mail to a non-existant domain will be (attempted to) be delivered to 64.94.110.10, which helpfully has "Snubby Mail Rejector Daemon" running on port 25.

I was being a pedant, for which I apologise. (As the guy above said it was the "and nothing more" bit I was disagreeing with.

Even the original DNS rfcs have records like WKS, HINFO, SOA, MG. Its all stuff for managing a hierarchical namespace - its not only IP to DNS mappings.

From rfc883:

The goal of domain names is to provide a mechanism for naming resources in such a way that the names are usable in different hosts, networks, protocol families, internets, and administrative organizations.

Of course there probably aren't many people using anything more than A, MX, CNAME, NS, PTR and SOA (and any ipv6 equivalents). Reading the rfcs again makes me wonder if you can get Hesiod or Chaosnet classes anywhere.

Maybe people would care to post up the strangest records they can find in the DNS space? I'm a little surpised that /. doesn't offer Futurama quotes in TXT records