Re: [Sidr] [OPSEC] pccw as17557 leak...

"Vishwas Manral" <vishwas.ietf@gmail.com> Tue, 04 March 2008 15:37 UTC

Return-Path: <sidr-bounces@ietf.org>
X-Original-To: ietfarch-sidr-archive@core3.amsl.com
Delivered-To: ietfarch-sidr-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C0E9D3A6D79; Tue, 4 Mar 2008 07:37:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.595
X-Spam-Level:
X-Spam-Status: No, score=-0.595 tagged_above=-999 required=5 tests=[AWL=-0.158, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fpNTxMmi78x1; Tue, 4 Mar 2008 07:37:08 -0800 (PST)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 229CA28C5EF; Tue, 4 Mar 2008 07:37:02 -0800 (PST)
X-Original-To: sidr@core3.amsl.com
Delivered-To: sidr@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4840C28C5EF for <sidr@core3.amsl.com>; Tue, 4 Mar 2008 07:37:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0Fenr-XnBFRI for <sidr@core3.amsl.com>; Tue, 4 Mar 2008 07:36:55 -0800 (PST)
Received: from wf-out-1314.google.com (wf-out-1314.google.com [209.85.200.175]) by core3.amsl.com (Postfix) with ESMTP id 27CB428C0F7 for <sidr@ietf.org>; Tue, 4 Mar 2008 07:36:51 -0800 (PST)
Received: by wf-out-1314.google.com with SMTP id 25so1128011wfa.31 for <sidr@ietf.org>; Tue, 04 Mar 2008 07:36:41 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=04mFTwuhMDACRBKjOPwpHNZr9fc0lRqs0W/8dBf2r7I=; b=bLA1mXbhbkP/tniX1DzeQWDHNHSp0Z7ud6E+1Xs47RFabf2IXkqXQP8X3UvLARCNZIb2pYfYCMAMnMQst6BZEoy1XSQQtQEVpWmkS3cGbkQ+MKN4sVEz3h9kX6aBS8Vp/yxFTFMH0it/YHjkpB9fH3jtCb+8MW9dOMnY7eqdCh0=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=nvpEcCqCzlt4RPpsg6J96/bAp3mGOaiSldWGfwVG6g7gcA/IB48lhqOTkFiVvPNUspPWq15BtjnTwwNDsLiVfQaFfIeYNAeLK2fBHn0BFwY9KF7BX1UXLtnhx31Hw3c+hcC8tcYLGgzakONzM9AqMecJaAI4s276IGJzRoIsosQ=
Received: by 10.143.187.2 with SMTP id o2mr544507wfp.162.1204645001899; Tue, 04 Mar 2008 07:36:41 -0800 (PST)
Received: by 10.143.164.14 with HTTP; Tue, 4 Mar 2008 07:36:41 -0800 (PST)
Message-ID: <77ead0ec0803040736t55871ebex445e6fe31d6ac129@mail.gmail.com>
Date: Tue, 04 Mar 2008 07:36:41 -0800
From: Vishwas Manral <vishwas.ietf@gmail.com>
To: Joe Abley <jabley@ca.afilias.info>
In-Reply-To: <77ead0ec0803040727n24b68e0fm5650e8fb6c1b1dc@mail.gmail.com>
MIME-Version: 1.0
Content-Disposition: inline
References: <47C4E38E.1070105@bogus.com> <Pine.WNT.4.64.0802281259530.2416@SANDYM-LT.columbia.ads.sparta.com> <77ead0ec0802281056y2862d71dt8b753f5f3f3b0df9@mail.gmail.com> <77ead0ec0802281102o3e2efedl479ff6351dca0f63@mail.gmail.com> <Pine.WNT.4.64.0802281604190.2416@SANDYM-LT.columbia.ads.sparta.com> <77ead0ec0803020837s16bccee8ledbc9ae1bb60e117@mail.gmail.com> <7C9DBE28-7B7A-4053-85AE-4B954FFEEC57@ca.afilias.info> <77ead0ec0803040714v4235cff2u65bd247694e30570@mail.gmail.com> <5B7F4259-8CAB-4895-8F26-8BFD0CE7C56B@ca.afilias.info> <77ead0ec0803040727n24b68e0fm5650e8fb6c1b1dc@mail.gmail.com>
Cc: opsec wg mailing list <opsec@ietf.org>, sidr@ietf.org
Subject: Re: [Sidr] [OPSEC] pccw as17557 leak...
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: sidr-bounces@ietf.org
Errors-To: sidr-bounces@ietf.org

Hi Joe,

To further explain it. In my view SSL is the right protocol for this
kind of transaction (we could use IPSec with BTNS too though). As the
idea is to get the information from the right server, the client
itself could be any one.

Thanks,
Vishwas

On Tue, Mar 4, 2008 at 7:27 AM, Vishwas Manral <vishwas.ietf@gmail.com> wrote:
> Hi Joe,
>
>
>  >  I had no idea they were available over http. Everybody I know who uses
>  >  them uses whois.
>  >
>  >  As to "cannot build", that doesn't seem to be an opinion shared by the
>  >  many ISPs who "have built".
>  The point I raise is about a guarantee of talking to the right server.
>  If the tools are already built and are not checking the certificate of
>  the site they are getting the information from, then that is another
>  weakness in the system, that is breakable.
>
>  Thanks,
>  Vishwas
>
>
>
>  On Tue, Mar 4, 2008 at 7:22 AM, Joe Abley <jabley@ca.afilias.info> wrote:
>  >
>  >  On 4-Mar-2008, at 10:14, Vishwas Manral wrote:
>  >
>  >  > I was talking about the RIPE whois and other related tools that RIPE
>  >  > provides, when I looked at the link given below:
>  >  > http://www.ripe.net/news/study-youtube-hijacking.html
>  >  >
>  >  > As the tools cannot be accessed using https but using http, the tools
>  >  > cannot be used in a guaranteed fashion. We cannot build scripts over
>  >  > the tools and feel the information.
>  >
>  >  I had no idea they were available over http. Everybody I know who uses
>  >  them uses whois.
>  >
>  >  As to "cannot build", that doesn't seem to be an opinion shared by the
>  >  many ISPs who "have built".
>  >
>  >
>  >  Joe
>  >
>
_______________________________________________
Sidr mailing list
Sidr@ietf.org
https://www.ietf.org/mailman/listinfo/sidr