OE is actually a very good newsreader/mail client indeed - multi-account support with a single inbox, rule processing, multilingual character sets, X509 native support and server authentication.
however, the display engine is the IE component, and if you throw HTML mail at it, it will try and display it (javascript, webbugs and all) and the same goes for Rich Text. --
Actually, it already exists. I don't personally use Turnpike, but it supports pgp natively (via pgpSDK)- in fact too well, as occasionally it has been known to encrypt messages to mailing lists where a previous poster has digitally signed a message, and the user has mistakenly associated that key with the list:) --
PGP freeware is only valid for a very particular set of users - home users who send no business related mail from home.
Business users must buy the product - and the recommended "business" version of the software is about $700 a licence. it is also non trivial (if not really THAT hard) to set up, and beating the need for passphrase security into Lusers is a major passtime for anyone who is involved in network security - they write them down, they email them to themselves, they "lend" them to co-workers for rediculous reasons.....
X509 is actually reasonably easy, but few packages support it - OE and Outlook do of course, and as has been noted elsewhere, Thawte hand them out free. Generating them yourself with OpenSSL isn't rocket science either (I could knock together a.zip file in ten minutes you just unzip then run a batchfile from) but of course X509 is hierachical, with awkward steps to shoehorn in any certs not on MS's "preferred CA" list. --
Sounds about right, yes.
Officially, it seems C&W consider that now PSINet have depeered with a lot of the medium-sized providers such as Exodus and Abovenet (exactly what C&W just did to them;) they no longer qualify as carrying enough traffic to be a "tier 1" ISP. As an additional kicker, now that PSINet has filed for bankruptcy protection, they are no longer able to shop around for transit to replace this peering link (after all, would *you* give PSInet a new contract, knowing that under the rules you cannot cut them off for non-payment, and based on their current stability can't reasonably expect transit creditors will be high on the list for payment anytime soon.) --
I don't see why a normal user would want or need it - there are plenty of low level drivers out there to build and send spoofed packets under windows - but what saved him was the fact that these machines were not set up by the attackers, but were stock machines compromised by a "zombie" irc attack bot.
The non-standardness of the sockets is an issue with porting software from other platforms, but that is a winsock/port issue, not a low level packet construction issue. --
DNS doesn't work! I''ll not bother saying it again.
Good - saves you being wrong twice:)
You want to buy a spark plug on the net. Do you go to sparkplug.co.uk (or.com etc)? Well you can but chances are slim that it will be any use to you. The domain names are very limited in usefulness as ways of finding things in themselves, particularly when they are applied globally. Saying that search engines don't work is ignoring the fact that they work better than relying on the domain name to find what you want.
This is what is commonly called a straw man. Nobody has ever argued that DNS is a search engine - the fact that typing in www.companyname.com will usually find you at the company site is a convenience most companies will fight for - but the.com model is too flat for use as a search engine; assume sparkplugs are a major item for sale on the net - the one company with sparkplugs.com will probably clean up - because of the assumption, but a halfway smart customer will either go to www.preferredmanufacturer.com or use a search engine.
DNS has a number of uses; it is easier to remember than an IP address; it can be static (when IP addresses on the internet can change overnight, even without the upcoming move to V6) and it can be easily printed on literature, typed into web browsers, and linked to with HTML. It is not a search engine (that is what search engines are for, and your new scheme would still require them), it is not decentralised - but then, your scheme would not be either, and it is currently being abused (which is the main problem, but too much is invested in the current setup for it to easily change)
.com,.net and.org are being abused. nobody wants a third-level domain if they can get a second, and nobody wants another company to have their preferred choice of second, as they suffer from the www.something.com assumption losing them business to the other company. So what happens? you get a system where rich companies grab every variation of their company name and com, net and org (leaving aside the fact that.com and org should be exclusive of each other) and send lawyers after anyone who registered something that might *possibly* cause one customer to type their URL rather than the companies.
company names are *NOT* exclusive - you can have two companies with the same name selling different products, and two companies with the same name selling in the same product area, but in different countries. if you are outside the us, then you fight over company.co.cc-tld with the other company selling with the same name, *and* over company.com. is this right? no, but the solution isn't to scrap the whole thing and replace it with what amount to ip addresses.
The best solution I have heard is to scrap.com and.org entirely - force companies to register under a.businessarea.co.cc-tld fourth level domain, get the users used to looking there for their companies (and it would take a surprisingly short time before users got used to typing amazon.bookstore.co.us for the american amazon)
but of course this will never happen. There are two major factors - first, that there is a customer perception that only the.com company is the one true company, and the fact that american companies are proud that they do *not* use a.us tld, as every other country is "forced" to. that usually comes bundled with a distaste that non-us companies are allowed into the "american".com domain.
Big deal. There are too many alt--roots and if any of them get popular it's ten minutes work for VS to kill them by adding their popular TLDs to the "real" DNS. Instant death. The fact that they've been around for years and have had zero impact indicates how little interest there is in buying a domain name that will be shat on by VS as soon as it looks valuable.
So presumably you plan to go tell the VC guys who invested in new.com that their money has been wasted?
The *only* argument against the alt-roots so far has been the inertia one - "there is nothing wrong with the current system"
well, now there most obviously is - so if everyone is so pissed at VS for their actions, and switch to the alter-roots (which of course fall though to the VS roots if they don't find a match in their alternate tlds) VS will find themselves in exactly the opposite position from the one they describe (which interestingly, they apparently may be with.biz - at least legally; current.biz owners are considering a class-action suit against VS if they resell domains that they "own") where adding a new tld that dupicates a alt-root one will cause their domains to fail on alt-root referring ISPs unless the alt-roots chose to drop theirs co-operatively. Not a snowballs in hell in practice.
plus you are of course carefully skating around the fact your own scheme is just a numerical alt-root - so if you really believed this argument, you would not be bothering to make it.
--
You got a lot of replies about why it wouldn't work - and decided they were stupid because you didn't agree with them.
Search engines don't work! was that a little fast for you? sorry, I will say it again.
Search engines don't work!
Google think they are doing very well, having nearly 10% of the possible sites indexed, and sorted by number of other sites linking to them. that is 1 site in 10. How about the other 90%? are you going to make 100% coverage by search engines mandatory, or at least offer to fund this? and once they reach 100%, we will be having the same argument again about how search engines are "bad" because they rank one site above another.
I am not saying I approve of Verisign's latest example of how they will shit on the entire internet to squeeze a few extra pennies out of us - or the domain arguments, or the new TLDs.
however, the main thing to remember is that they are the *default* root server. if enough of the ISPs start to use alternate roots (and new.net has signed up some already, not to mention that ORSC and Pacific Root have been around for years) then maybe they will realise a mandate from the US government that the US government doesn't even realise it has given, might not guarantee they are even in business two or three years from now... but at least they can fall back on selling certificates that say "microsoft";) --
unfortunately, there isn't a consensus (yet). At least three other lists have volunteered to take the traffic, two new lists have been set up (one at yahoo, one at ador-doc.org) and one other person has said they are setting one up after thinking (from seeing the traffic) that D-P didn't have long to live. --
Hmm. do you have a lockable desk drawer?
in which case take in a laptop anyhow - and leave it there. if you don't take it home every night, you don't need a pass.... --
Part of the handback problem is the policies have changed.
Assume you had a portable 'B' which you "own" from the early days.
if you hand back part of that, then you make routing difficulties for yourself. that is why they recommend you hand back the whole block, and accept a replacement (smaller) block.
The problem is, even after you have pushed though the renumbering, got everything working, and are happy.. the rules have changed. The new block you get will not be portable, and you will not own it - you will be allocated it which makes a difference. For a large company, it does not make sense to do the "right thing" and hand back an address range you are using less than half of, only to find you are given back something less flexable, with routing and multihoming issues, and expected to go cap in hand back to them if you need another class C in the future (and are probably turned down as you already have enough if you NATted them into your existing range)
under V6, things are worse - you have no rights at all in your IP range, to the point you can be asked to renumber into another range at any time if it makes routing easier. even leaving aside the chaos that will cause in the DNS, for a large organisation the renumbering alone could work out very expensive indeed... so I imagine most will try to hold onto their legacy V4 subnets until they are forced to give them up. --
The new DNS may well happen - one of the failings of the current system is that it does not support non american-english characters; while from certain points of view this is fine (after all, if you can't type an URL on your machine, how many hits will they get?) support for the japanese charset in email and webpages has been standard in IE/OE for some time. The most obvious solution to this (encoding DNS names in non-US as the unicode multi-char representation, as web pages can do has been *PATENTED* in the us. I am sure I don't have to start the usual stupid-us-patents thread again though... --
Just how static do IP addresses have to be? Very. It can take some hours for DNS changes to trickle down to distant parts of the net, and until you can resolve the new address, the website is "broken" for your customers.
Why would anyone want an IP address space which is not a subspace of the provider's address space?
Two reasons - portability and multihoming.
Multihoming is where you sign up with two or more providers, so that if one has network problems or goes under financially, you are not out in the cold Portability means you can get a better price from your isp. Consider the following two possiblilities;
Moving to another ISP for cheaper prices means just moving your IP allocation to another ISP
Moving to another ISP for cheaper prices means renumbering your entire externally visible IP range, updating (and moving) your DNS servers, and waiting for the changes to trickle down (with loss of connectivity for your customers)
Which of these two customers does the ISP salesforce stick that extra 2% price increase on this year? --
I have been wanting to try it too - but simply couldn't get past the setup stage with the howtos (I am probably missing some fundimental knowledge here, but if a fulltime Firewall/LAN technician for a multinational has trouble setting it up, what chance does a normal user have?) --
It is common practice for companies to hide an entire RFC1918 subnet behind a small number (8 or 16) of internet addresses. One or more of those will be allocated to internal addresses (so if your webserver (say) is 192.168.1.2 but your external webserver address is 200.100.50.5, then packets both ways will be rewritten to hide the internal address behind the externally visible one)
Given how large the available IP address range is for V6 (the *minimum* allocation would be a class B by the old standards) There is no reason you can't have a 1:1 mapping from IPV6 external addresses to internal V4 addresses; further, you probably will want to static-map the lower two bytes of your 1918 to that address range rather than the recommended (which is the MAC of the card) due to the fact that swapping out a faulty network card would then force-renumber your webserver to a different V6 IP address.....
I fully expect to see Hybrid mode firewalls in the near future, which in addition to mapping the small number of externally visible V4 addresses to Internal hosts, also map V6 (autotunnelling to the ISP) for both internal hosts and outbound browsing traffic. --
Routing to and from are the same thing - otherwise, you would have a one-way communication (imagine a 10.x.x.x webserver for example; it can tell you the contents of any page you wish, but you can't tell it which pages you want, or even that you want them unless you can send packets first.)
Using the RFC reserved addresses on your lan is ok - and indeed what they were designed for. but you had better hide those addresses behind a valid IP address or two with NAT/masq before letting them out onto the global net.
There is no reason not to do this as an ISP - assume (for example) a load-balanced mail server; front end router (with valid IP address) assigns you to one of ten 192.168.15.x servers transparently - remembering which one it gave you so that all your packets to router:110 go to the same mail server. it should re-write the reply so it looks like it came from the router, but might get away without doing so. however, an attempt to connect to port 80 on that IP address will take you to a different machine again (say one of three web servers) and a ping/traceroute will do whatever the ISP has defined it as doing. --
As far as I can tell, the problem here isn't if the ISP is using 10.0.0.0 internally, but the fact they are "leaking" that data onto your dialup connection.
No customer facing server should be in the reserved addresses range; if that server has additional interfaces to the internal lan, that information should not be propogated outside of the ISP's internal servers (even if this isn't in the protected LAN ranges, it is still a bad idea to give customers internal structure info they don't need, if only from a security standpoint). --
As far as I can see, you have two solutions to a bookmark blizzard.
the first is to find a online bookmark host (Yahoo do a nice one if you download their toolbar; you can easily upload your existing bookmarks and can access the list with a simple pulldown tool each time you are online)
The second is to sneekernet or email your files back and forth.
Believe it or not, the best tool I have found for this under windows comes free from microsoft! if you download the Export/Import tool and run it, it will ask for two things - a filename for a Netscape style HTML file containing a bookmark list and a subdirectory containing windows-style URL shortcut objects. You can then export and import these back and forth - merging multiple HTML bookmark files into a single Internet-Explorer style subdirectory tree, then re-exporting as a single NS-HTML bookmarks file. If you don't trust Yahoo but still want web-bookmarks, this is also the easiest way to go - just upload the HTML file to some free webspace, and then make it your startpage. not as convenient as a pulldown - but be honest. how often do you need to jump directly from the current page to a bookmark? other than translation sites, I can't think of any, and it is semi-trivial to just import those separately ONCE and then forget about it. --
If I cannot implement the language without permission, does this also mean that I cannot create a converter to translate that language into a different one? Could such a converter be construed to be an implementation of the language?"
Offhand, I would say it didn't matter - provided your programming staff can take the converted code and work in the new language from the date you do the conversion, you can archive offline the converter and original code, then there is nothing still in use they can claim is infringing what rights they have. they obviously have no rights to *your* code, even if they have rights to the language it was originally written in.
Datastructures spring to mind though - if they have copyright on a particular data structure design, and you continue to use this design in the new code, you may be infringing... --
"OpenPGP compliant" or "OpenPGP compatable" will certainly be available labels for such products - but "PGP compatable" may run into a wall of NAI lawyers and actually calling it PGP (or some variant with the same acronym) will definitely be offlimits.
I get a feeling of "the PGP spirit will move on in OpenPGP not PGPclassic" from the letter though that NAI won't be happy at at all - I would say the real world value of PGP just halved for them.... --
It is more likely that, given the PKZ "name" was a major part of the resources of the official PGP product, his contract said he couldn't take the money and run - he must publicly stay with NAI for a number of years (three seems like a likely number) --
That is how I read it, yes - NAI is moving away from the open-peer-review, trust-me-because-you-can-check attitude PGP always has shown to a closed, trust-me-because-you-always-have model that is going to lead to an assumption that "official" PGP builds can't be trusted any more.
If I was NAI, I would take this as a pretty devestating blow - although PKZ is only saying "I can't guarantee future versions won't be backdoored" it *will* be read as "I left because future versions WILL be backdoored" and may well cost NAI major market share. Certainly, an OpenPGP "approved and checked by PKZ" labelled product will have a higher confidence-factor than something PKZ openly turned his back on.... --
I would imagine the biggest opponent to this would be the manufacturers themselves. Users have rapidly gotten used to getting double the standard length on a tape; compression would give them that same effect, otherwise the sales force are going to have to go to the market and say "hey, look at our wonderful VCR; ok, it can only put 4hrs on a 4hr tape when you are used to 8hrs, and it isn't as tolerant of noise as the old one was, but look - it is compatable with the HDTV service you haven't got yet!"
Then when you actually *get* a sale, you have to point out that, in order to play the new HDTV tapes, you not only need a new HDTV set, but one that supports the encryption used on the tape as for copy protection reasons it will only be decoded in authorized sets - no software or PC decoders involved.
I am sure the rush to such a device will be overwhelming....
--
Slashdot Mirror
OE is actually a very good newsreader/mail client indeed - multi-account support with a single inbox, rule processing, multilingual character sets, X509 native support and server authentication.
however, the display engine is the IE component, and if you throw HTML mail at it, it will try and display it (javascript, webbugs and all) and the same goes for Rich Text.
--
Actually, it already exists. I don't personally use Turnpike, but it supports pgp natively (via pgpSDK)- in fact too well, as occasionally it has been known to encrypt messages to mailing lists where a previous poster has digitally signed a message, and the user has mistakenly associated that key with the list :)
--
Business users must buy the product - and the recommended "business" version of the software is about $700 a licence. it is also non trivial (if not really THAT hard) to set up, and beating the need for passphrase security into Lusers is a major passtime for anyone who is involved in network security - they write them down, they email them to themselves, they "lend" them to co-workers for rediculous reasons.....
X509 is actually reasonably easy, but few packages support it - OE and Outlook do of course, and as has been noted elsewhere, Thawte hand them out free. Generating them yourself with OpenSSL isn't rocket science either (I could knock together a .zip file in ten minutes you just unzip then run a batchfile from) but of course X509 is hierachical, with awkward steps to shoehorn in any certs not on MS's "preferred CA" list.
--
Sounds about right, yes. ;) they no longer qualify as carrying enough traffic to be a "tier 1" ISP. As an additional kicker, now that PSINet has filed for bankruptcy protection, they are no longer able to shop around for transit to replace this peering link (after all, would *you* give PSInet a new contract, knowing that under the rules you cannot cut them off for non-payment, and based on their current stability can't reasonably expect transit creditors will be high on the list for payment anytime soon.)
Officially, it seems C&W consider that now PSINet have depeered with a lot of the medium-sized providers such as Exodus and Abovenet (exactly what C&W just did to them
--
I don't see why a normal user would want or need it - there are plenty of low level drivers out there to build and send spoofed packets under windows - but what saved him was the fact that these machines were not set up by the attackers, but were stock machines compromised by a "zombie" irc attack bot.
The non-standardness of the sockets is an issue with porting software from other platforms, but that is a winsock/port issue, not a low level packet construction issue.
--
Good - saves you being wrong twice
You want to buy a spark plug on the net. Do you go to sparkplug.co.uk (or .com etc)? Well you can but chances are slim that it will be any use to you. The domain names are very limited in usefulness as ways of finding things in themselves, particularly when they are applied globally. Saying that search engines don't work is ignoring the fact that they work better than relying on the domain name to find what you want.
.com model is too flat for use as a search engine; assume sparkplugs are a major item for sale on the net - the one company with sparkplugs.com will probably clean up - because of the assumption, but a halfway smart customer will either go to www.preferredmanufacturer.com or use a search engine.
This is what is commonly called a straw man.
Nobody has ever argued that DNS is a search engine - the fact that typing in www.companyname.com will usually find you at the company site is a convenience most companies will fight for - but the
DNS has a number of uses; it is easier to remember than an IP address; it can be static (when IP addresses on the internet can change overnight, even without the upcoming move to V6) and it can be easily printed on literature, typed into web browsers, and linked to with HTML.
It is not a search engine (that is what search engines are for, and your new scheme would still require them), it is not decentralised - but then, your scheme would not be either, and it is currently being abused (which is the main problem, but too much is invested in the current setup for it to easily change)
company names are *NOT* exclusive - you can have two companies with the same name selling different products, and two companies with the same name selling in the same product area, but in different countries. if you are outside the us, then you fight over company.co.cc-tld with the other company selling with the same name, *and* over company.com. is this right? no, but the solution isn't to scrap the whole thing and replace it with what amount to ip addresses.
The best solution I have heard is to scrap .com and .org entirely - force companies to register under a .businessarea.co.cc-tld fourth level domain, get the users used to looking there for their companies (and it would take a surprisingly short time before users got used to typing amazon.bookstore.co.us for the american amazon)
but of course this will never happen. There are two major factors - first, that there is a customer perception that only the .com company is the one true company, and the fact that american companies are proud that they do *not* use a .us tld, as every other country is "forced" to. that usually comes bundled with a distaste that non-us companies are allowed into the "american" .com domain.
Big deal. There are too many alt--roots and if any of them get popular it's ten minutes work for VS to kill them by adding their popular TLDs to the "real" DNS. Instant death. The fact that they've been around for years and have had zero impact indicates how little interest there is in buying a domain name that will be shat on by VS as soon as it looks valuable. .biz - at least legally; current .biz owners are considering a class-action suit against VS if they resell domains that they "own") where adding a new tld that dupicates a alt-root one will cause their domains to fail on alt-root referring ISPs unless the alt-roots chose to drop theirs co-operatively. Not a snowballs in hell in practice.
So presumably you plan to go tell the VC guys who invested in new.com that their money has been wasted?
The *only* argument against the alt-roots so far has been the inertia one - "there is nothing wrong with the current system"
well, now there most obviously is - so if everyone is so pissed at VS for their actions, and switch to the alter-roots (which of course fall though to the VS roots if they don't find a match in their alternate tlds) VS will find themselves in exactly the opposite position from the one they describe (which interestingly, they apparently may be with
plus you are of course carefully skating around the fact your own scheme is just a numerical alt-root - so if you really believed this argument, you would not be bothering to make it.
--
Search engines don't work!
was that a little fast for you? sorry, I will say it again.
Search engines don't work!
Google think they are doing very well, having nearly 10% of the possible sites indexed, and sorted by number of other sites linking to them. that is 1 site in 10. How about the other 90%? are you going to make 100% coverage by search engines mandatory, or at least offer to fund this? and once they reach 100%, we will be having the same argument again about how search engines are "bad" because they rank one site above another.
I am not saying I approve of Verisign's latest example of how they will shit on the entire internet to squeeze a few extra pennies out of us - or the domain arguments, or the new TLDs. however, the main thing to remember is that they are the *default* root server. if enough of the ISPs start to use alternate roots (and new.net has signed up some already, not to mention that ORSC and Pacific Root have been around for years) then maybe they will realise a mandate from the US government that the US government doesn't even realise it has given, might not guarantee they are even in business two or three years from now... but at least they can fall back on selling certificates that say "microsoft" ;)
--
unfortunately, there isn't a consensus (yet). At least three other lists have volunteered to take the traffic, two new lists have been set up (one at yahoo, one at ador-doc.org) and one other person has said they are setting one up after thinking (from seeing the traffic) that D-P didn't have long to live.
--
Hmm. do you have a lockable desk drawer?
in which case take in a laptop anyhow - and leave it there. if you don't take it home every night, you don't need a pass....
--
Assume you had a portable 'B' which you "own" from the early days.
if you hand back part of that, then you make routing difficulties for yourself. that is why they recommend you hand back the whole block, and accept a replacement (smaller) block.
The problem is, even after you have pushed though the renumbering, got everything working, and are happy.. the rules have changed. The new block you get will not be portable, and you will not own it - you will be allocated it which makes a difference. For a large company, it does not make sense to do the "right thing" and hand back an address range you are using less than half of, only to find you are given back something less flexable, with routing and multihoming issues, and expected to go cap in hand back to them if you need another class C in the future (and are probably turned down as you already have enough if you NATted them into your existing range)
under V6, things are worse - you have no rights at all in your IP range, to the point you can be asked to renumber into another range at any time if it makes routing easier. even leaving aside the chaos that will cause in the DNS, for a large organisation the renumbering alone could work out very expensive indeed... so I imagine most will try to hold onto their legacy V4 subnets until they are forced to give them up.
--
The new DNS may well happen - one of the failings of the current system is that it does not support non american-english characters; while from certain points of view this is fine (after all, if you can't type an URL on your machine, how many hits will they get?) support for the japanese charset in email and webpages has been standard in IE/OE for some time. The most obvious solution to this (encoding DNS names in non-US as the unicode multi-char representation, as web pages can do has been *PATENTED* in the us. I am sure I don't have to start the usual stupid-us-patents thread again though...
--
Very. It can take some hours for DNS changes to trickle down to distant parts of the net, and until you can resolve the new address, the website is "broken" for your customers.
Why would anyone want an IP address space which is not a subspace of the provider's address space?
Two reasons - portability and multihoming.
Multihoming is where you sign up with two or more providers, so that if one has network problems or goes under financially, you are not out in the cold
Portability means you can get a better price from your isp. Consider the following two possiblilities;
- Moving to another ISP for cheaper prices means just moving your IP allocation to another ISP
- Moving to another ISP for cheaper prices means renumbering your entire externally visible IP range, updating (and moving) your DNS servers, and waiting for the changes to trickle down (with loss of connectivity for your customers)
Which of these two customers does the ISP salesforce stick that extra 2% price increase on this year?--
I have been wanting to try it too - but simply couldn't get past the setup stage with the howtos (I am probably missing some fundimental knowledge here, but if a fulltime Firewall/LAN technician for a multinational has trouble setting it up, what chance does a normal user have?)
--
It is common practice for companies to hide an entire RFC1918 subnet behind a small number (8 or 16) of internet addresses. One or more of those will be allocated to internal addresses (so if your webserver (say) is 192.168.1.2 but your external webserver address is 200.100.50.5, then packets both ways will be rewritten to hide the internal address behind the externally visible one)
Given how large the available IP address range is for V6 (the *minimum* allocation would be a class B by the old standards) There is no reason you can't have a 1:1 mapping from IPV6 external addresses to internal V4 addresses; further, you probably will want to static-map the lower two bytes of your 1918 to that address range rather than the recommended (which is the MAC of the card) due to the fact that swapping out a faulty network card would then force-renumber your webserver to a different V6 IP address.....
I fully expect to see Hybrid mode firewalls in the near future, which in addition to mapping the small number of externally visible V4 addresses to Internal hosts, also map V6 (autotunnelling to the ISP) for both internal hosts and outbound browsing traffic.
--
Using the RFC reserved addresses on your lan is ok - and indeed what they were designed for. but you had better hide those addresses behind a valid IP address or two with NAT/masq before letting them out onto the global net.
There is no reason not to do this as an ISP - assume (for example) a load-balanced mail server; front end router (with valid IP address) assigns you to one of ten 192.168.15.x servers transparently - remembering which one it gave you so that all your packets to router:110 go to the same mail server. it should re-write the reply so it looks like it came from the router, but might get away without doing so. however, an attempt to connect to port 80 on that IP address will take you to a different machine again (say one of three web servers) and a ping/traceroute will do whatever the ISP has defined it as doing.
--
No customer facing server should be in the reserved addresses range; if that server has additional interfaces to the internal lan, that information should not be propogated outside of the ISP's internal servers (even if this isn't in the protected LAN ranges, it is still a bad idea to give customers internal structure info they don't need, if only from a security standpoint).
--
the first is to find a online bookmark host (Yahoo do a nice one if you download their toolbar; you can easily upload your existing bookmarks and can access the list with a simple pulldown tool each time you are online)
The second is to sneekernet or email your files back and forth.
Believe it or not, the best tool I have found for this under windows comes free from microsoft! if you download the Export/Import tool and run it, it will ask for two things - a filename for a Netscape style HTML file containing a bookmark list and a subdirectory containing windows-style URL shortcut objects. You can then export and import these back and forth - merging multiple HTML bookmark files into a single Internet-Explorer style subdirectory tree, then re-exporting as a single NS-HTML bookmarks file. If you don't trust Yahoo but still want web-bookmarks, this is also the easiest way to go - just upload the HTML file to some free webspace, and then make it your startpage. not as convenient as a pulldown - but be honest. how often do you need to jump directly from the current page to a bookmark? other than translation sites, I can't think of any, and it is semi-trivial to just import those separately ONCE and then forget about it.
--
If I cannot implement the language without permission, does this also mean that I cannot create a converter to translate that language into a different one? Could such a converter be construed to be an implementation of the language?"
Offhand, I would say it didn't matter - provided your programming staff can take the converted code and work in the new language from the date you do the conversion, you can archive offline the converter and original code, then there is nothing still in use they can claim is infringing what rights they have. they obviously have no rights to *your* code, even if they have rights to the language it was originally written in.
Datastructures spring to mind though - if they have copyright on a particular data structure design, and you continue to use this design in the new code, you may be infringing...
--
It doesn't? so the shared session flag doesn't work under Linux?
--
I don't see the problem here - Phil is sufficiently well-known that everyone knows who PRZ is when we use that appreviation..
--
you might want to check the plaintext version of it on the pgpi website then.
--
I get a feeling of "the PGP spirit will move on in OpenPGP not PGPclassic" from the letter though that NAI won't be happy at at all - I would say the real world value of PGP just halved for them....
--
It is more likely that, given the PKZ "name" was a major part of the resources of the official PGP product, his contract said he couldn't take the money and run - he must publicly stay with NAI for a number of years (three seems like a likely number)
--
If I was NAI, I would take this as a pretty devestating blow - although PKZ is only saying "I can't guarantee future versions won't be backdoored" it *will* be read as "I left because future versions WILL be backdoored" and may well cost NAI major market share. Certainly, an OpenPGP "approved and checked by PKZ" labelled product will have a higher confidence-factor than something PKZ openly turned his back on....
--
Then when you actually *get* a sale, you have to point out that, in order to play the new HDTV tapes, you not only need a new HDTV set, but one that supports the encryption used on the tape as for copy protection reasons it will only be decoded in authorized sets - no software or PC decoders involved.
I am sure the rush to such a device will be overwhelming....
--