North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: dear bog

  • From: Jeremy Porter
  • Date: Wed Nov 19 14:02:15 1997

The problem with this is that the denial of service attack just moves.
Hostile parties just start sending bogus signed messages, (i.e.
formatted random numbers), and it is very costly for the mail exploder
to check the signatures, and they shut down the list server, by this.
One day perhaps in 2007, we may be able to exchange cryptographicly signed
messages, and trust the systems we use, but there are still a number
of problems to solve before you should think about doing that.
(Anytime it cost the attacker less than the victim, particuarlly
when its several orders of magnitude difference, these attack will
continue and the protocols to avoid them are complex and not generally
understood, although a lot of the TCP syn attack stuff, will apply,
i.e. compressed state, selective discard, etc.)

In message <[email protected]>, Karl Denninger writes:
>On Wed, Nov 19, 1997 at 11:54:15AM -0500, Dorn Hetzel wrote:
>> 
>> That's something I would ABSOLUTELY support.
>> 
>> On Tue, Nov 18, 1997 at 01:57:32PM -0800, Vadim Antonov wrote:
>> > Aaron Beck wrote:
>> > > 
>> > > is it time to make the list moderated? :)
>> >  
>> > No.  But it is time to start rejecting messages
>> > which are not PGP-signed with a registered key.
>> > 
>> > --vadim
>
>Hmmm.... now that's an interesting idea.  I don't know if my key is
>registered, but I have no problem with doing so if necessary....  (I 
>believe that Dorn did certify it some time ago :-)
>

---
Jeremy Porter, Freeside Communications, Inc.      [email protected]
PO BOX 80315 Austin, Tx 78708  |  1-800-968-8750  |  512-458-9810
http://www.fc.net