Re: hotmail not dealing with ECN
Frank v Waveren (fvw@var.cx)
Sat, 27 Jan 2001 19:18:09 +0100
On Sat, Jan 27, 2001 at 04:10:48AM +0000, David Wagner wrote:
> Practice being really, really paranoid. Think: You're designing a
> firewall; you've got some reserved bits, currently unused; any future code
> that uses them could behave in completely arbitrary and insecure ways,
> for all you know. Now recall that anything not known to be safe should
> be denied (in a good firewall) -- see Cheswick and Bellovin for why.
> When you take this point of view, it is completely understandable why
> firewalls designed before ECN was introduced might block it.
Why? Why not just zero them, and get both security and compatibility...
--
Frank v Waveren Fingerprint: 0EDB 8787
fvw@[var.cx|dse.nl|stack.nl|chello.nl] ICQ#10074100 09B9 6EF5 6425 B855
Public key: http://www.var.cx/pubkey/fvw@var.cx-gpg 7179 3036 E136 B85D
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/