Re: [dispatch] FYI draft-levine-mailbomb-header-00
"John R Levine" <johnl@taugh.com> Mon, 19 June 2017 22:12 UTC
Return-Path: <johnl@taugh.com>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B0F581315DC for <dispatch@ietfa.amsl.com>; Mon, 19 Jun 2017 15:12:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.79
X-Spam-Level:
X-Spam-Status: No, score=-1.79 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, SPF_PASS=-0.001, T_DKIM_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (public key: not available)" header.d=iecc.com header.b=UuqjwU67; dkim=neutral reason="invalid (public key: not available)" header.d=taugh.com header.b=rEjxen20
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bFuNR7bX5-_M for <dispatch@ietfa.amsl.com>; Mon, 19 Jun 2017 15:12:18 -0700 (PDT)
Received: from miucha.iecc.com (w6.iecc.com [IPv6:2001:470:1f07:1126::4945:4343]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2D785129329 for <dispatch@ietf.org>; Mon, 19 Jun 2017 15:12:04 -0700 (PDT)
Received: (qmail 65967 invoked from network); 19 Jun 2017 22:12:02 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=101ad.59484c32.k1705; bh=0YGoz5dwvL0cJA1K90ehAW9WsCKGSMOD4QS+BctgZJ4=; b=UuqjwU67OOjvz4v4mJddOwYbR/d+DSXHPTpSfRtcOS1f4Te3JEXiwMeHeb5DZfT+VkvCnHWLYFbKJyuaZplSsGnkORiYyKogezmjpq1UoAQfZXnGcc6WmjWyJ+EJVvyW4JdqqCx6JI8B5rRlItYqLI1IcO4LRSNsA1qqq8Ivzc+qEdnHE9B6xoAdbSh4UWEAEy+c3tiUlf8zEeuzockixWGmbeYdK8caIT5xCUNMXhb2uv8vMbC6eyVsItpyHjVO
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=101ad.59484c32.k1705; bh=0YGoz5dwvL0cJA1K90ehAW9WsCKGSMOD4QS+BctgZJ4=; b=rEjxen20FVqFl0852KQGAvGOQQXJ9l5YEUJxu2oZ3ireZAFzsLhLXqo3S+GDUN52BvOW3niapV5tjHbiyct6SfWxYXiez0mYbhsvXPSW7C+dtMlk2y6jNrZtabnKt1qxTno4B0r2vhu7YQDx9dXH9Xz60IX5SMl/cU+cAlhviLC68Ukhla0uMrW9A7YV+nc4kUJFUUavOjqutqFAVSYUOCP4UUL3xngIJ/XQM3kl2j0ieE4EWjHnM/CDD7/101ff
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2/X.509/AEAD) via TCP6; 19 Jun 2017 22:12:02 -0000
Date: Mon, 19 Jun 2017 18:12:02 -0400
Message-ID: <alpine.OSX.2.21.1706191804570.31848@ary.qy>
From: John R Levine <johnl@taugh.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Cc: Dispatch WG <dispatch@ietf.org>
In-Reply-To: <f96eb0a1-d8d2-843c-0980-9333f50a47bc@cs.tcd.ie>
References: <20170619174225.10412.qmail@ary.lan> <f96eb0a1-d8d2-843c-0980-9333f50a47bc@cs.tcd.ie>
User-Agent: Alpine 2.21 (OSX 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dispatch/rc6JtCOx5oEt_MZJnRlQ9g93RkY>
Subject: Re: [dispatch] FYI draft-levine-mailbomb-header-00
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Jun 2017 22:12:20 -0000
On Mon, 19 Jun 2017, Stephen Farrell wrote: >> to a form submission: >> >> Form-Sub: v=1; ip4=198.51.x.x > > Why not some hashed form of the address? As Richard Clayton pointed out, it is trivial to reverse unsalted IPv4 hashes with rainbow tables (and not all that hard to do salted hashes), and you can't use hashes with different salts to see if it's the same guilty party. I added a sentence about that to -01. Regards, John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY Please consider the environment before reading this e-mail. https://jl.ly
- [dispatch] FYI draft-levine-mailbomb-header-00 John Levine
- Re: [dispatch] FYI draft-levine-mailbomb-header-00 Stephen Farrell
- Re: [dispatch] FYI draft-levine-mailbomb-header-00 John R Levine
- Re: [dispatch] FYI draft-levine-mailbomb-header-00 Brandon Long
- Re: [dispatch] FYI draft-levine-mailbomb-header-00 Cullen Jennings
- Re: [dispatch] FYI draft-levine-mailbomb-header-00 John R Levine
- Re: [dispatch] FYI draft-levine-mailbomb-header-00 Sean Leonard
- Re: [dispatch] FYI draft-levine-mailbomb-header-0… John R. Levine