Having multiple IPs have nothing to do with VPNs. Thats NAT or IPMASQ not VPNs.
This would seem to prohibit attaching from your home machine to a corp VPN connection or perhaps to your real hosting provider. In addition, the same passage seems to prevent using for any business purpose. So using my cable modem to connect via ssh into an office would seem to violate the policy.
This seems shortsighted and bad. How can I telecommute using the service? This is a serious issue here. How about using the web to do reasearch for my job?
Is this a plow to make you buy a more expensive line?
A cert contains not only your pub key, but also information about how this key is to be used, what domain it exists in (i.e. who is the CA), and when is this key valid. You do need to have policies related to certificates, esp in business relationships. Certs also give you multiparty control (or at least CAs do) for certain certs like perhaps the ones with signing authority for purchases over $50,000. An existing trust relationship has nothing to do with how certs should be trusted. A certificate is itself a signed structure -- a plain digital signature can be easily forged via man in the middle attacks.
The idea that you don't need certs to digital sign docs leads to numerous problems including forgery, using comprimised keys and other policy problems.
(Or even more reliable as the digital signature also ensures that the document contents have not been changed since being signed)
But suppose I intercept this transmission of this document -- I can can the contents and the signature because I can also corrupt your local store or the public key (or even intercept you access for the public key). Despite your previous trust relationship, I've changed the doc.
It seems to me that people want both privacy and security . No one can talk to you unless you reveal your address to them. It's that simple. What people really want is anonymity. This can/should only be done through trusted third parties. How many third parties can you trust -- not many if any at all.
In order for there to be security on the internet, we must be able to verify who sent a packet and that requires knowing the address sending it. Which do we want? I vote for security. You can also use tunnels to hide networks (and therefore addresses) behind edge devices like VPNs.
Two Points: this is a draft of an informational nature that didn't come from a working group in IETF. Anyone can do this. And it's not on a standard track. This would require rewriting TCP/IP which asks the question, why not just do IPv6?
You hit the nail on the head. This whole has setup Esp 2 and 3 perfectly --- I believe TPM will make even more sense when the next movies come out.
There are certainly enough cliff hangers to have us talking for several years;) - Is Darth Sidious and Sen. Palpatine one and the same - Have we seen the end of Darth Mull? - Who will be the next apprentence? - How does Anakin turn to the dark side? - And don't forget the Clone Wars!
We have just seen the beginning of the downfall of the Rebulic. A very good beginning I think.
Have people watched the breakfast club?? It confronts the issue of placing people into categories. And it also shows no matter how different we can be (which can be good), kids still have many things in common.
Perhaps schools should show that in High School like they did mine. Insecurity and lack of self worth, exploited by others, are what drive these kids to extremes. We need to tell each kid that (0) you are important and worthwhile and (1) so are all the other kids.
It's called Linux. He gets his credit for each product in the distro that has "GNU" in it. It's unfair label all the parts of "Linux" as GNU as several major components are not GNU.
The term "Linux" is overloaded. It means both the system and the kernel. If there were a different name say "Wizbang", would RMS insist that it be GNU/Wizbang?
Slashdot Mirror
From reading section 6b viii
Having multiple IPs have nothing to do with VPNs. Thats NAT or IPMASQ not VPNs.
This would seem to prohibit attaching from your home machine to a corp VPN connection or perhaps to your real hosting provider. In addition, the same passage seems to prevent using for any business purpose. So using my cable modem to connect via ssh into an office would seem to violate the policy.
This seems shortsighted and bad. How can I telecommute using the service? This is a serious issue here. How about using the web to do reasearch for my job?
Is this a plow to make you buy a more expensive line?
matt
A cert contains not only your pub key, but also information about how this key is to be used, what domain it exists in (i.e. who is the CA), and when is this key valid. You do need to have policies related to certificates, esp in business relationships. Certs also give you multiparty control (or at least CAs do) for certain certs like perhaps the ones with signing authority for purchases over $50,000. An existing trust relationship has nothing to do with how certs should be trusted. A certificate is itself a signed structure -- a plain digital signature can be easily forged via man in the middle attacks.
The idea that you don't need certs to digital sign docs leads to numerous problems including forgery, using comprimised keys and other policy problems.
(Or even more reliable as the digital signature also ensures that the document contents have not been changed since being signed)
But suppose I intercept this transmission of this document -- I can can the contents and the signature because I can also corrupt your local store or the public key (or even intercept you access for the public key). Despite your previous trust relationship, I've changed the doc.
In addition, this is an IETF standard.
It seems to me that people want both privacy and security . No one can talk to you unless you reveal your address to them. It's that simple. What people really want is anonymity. This can/should only be done through trusted third parties. How many third parties can you trust -- not many if any at all.
In order for there to be security on the internet, we must be able to verify who sent a packet and that requires knowing the address sending it. Which do we want? I vote for security. You can also use tunnels to hide networks (and therefore addresses) behind edge devices like VPNs.
matt
Two Points:
this is a draft of an informational nature that didn't come from a working group in IETF. Anyone can do this. And it's not on a standard track.
This would require rewriting TCP/IP which asks the question, why not just do IPv6?
You hit the nail on the head. This whole has setup Esp 2 and 3 perfectly --- I believe TPM will make even more sense when the next movies come out.
;)
There are certainly enough cliff hangers to have us talking for several years
- Is Darth Sidious and Sen. Palpatine one and the same
- Have we seen the end of Darth Mull?
- Who will be the next apprentence?
- How does Anakin turn to the dark side?
- And don't forget the Clone Wars!
We have just seen the beginning of the downfall of the Rebulic. A very good beginning I think.
matt
How about the load of books out there??
Also, I play the Star Wars Role Playing game -- I'd call that pretty creative. We've had several alternate post ROTJ and post Zahn books universes...
matt
Have people watched the breakfast club?? It confronts the issue of placing people into categories. And it also shows no matter how different we can be (which can be good), kids still have many things in common.
Perhaps schools should show that in High School like they did mine. Insecurity and lack of self worth, exploited by others, are what drive these kids to extremes. We need to tell each kid that (0) you are important and worthwhile and (1) so are all the other kids.
matt
It's called Linux. He gets his credit for each product in the distro that has "GNU" in it. It's unfair label all the parts of "Linux" as GNU as several major components are not GNU.
The term "Linux" is overloaded. It means both the system and the kernel. If there were a different name say "Wizbang", would RMS insist that it be GNU/Wizbang?
matt