From: nelson@crynwr.com
To: cypherpunks@toad.com
Message Hash: 1b1c55ffe9249c3823761bec2f3c3bde40ce1af907bf26a79426b652cabeab57
Message ID: <19960510033729.30653.qmail@ns.crynwr.com>
Reply To: <01I4IIMHQ67Y8Y5BAX@mbcl.rutgers.edu>
UTC Datetime: 1996-05-10 21:54:54 UTC
Raw Date: Sat, 11 May 1996 05:54:54 +0800
From: nelson@crynwr.com
Date: Sat, 11 May 1996 05:54:54 +0800
To: cypherpunks@toad.com
Subject: Re: Remailer in a box
In-Reply-To: <01I4IIMHQ67Y8Y5BAX@mbcl.rutgers.edu>
Message-ID: <19960510033729.30653.qmail@ns.crynwr.com>
MIME-Version: 1.0
Content-Type: text/plain
E. ALLEN SMITH writes:
> I see your difficulty. It is an additional one with respect to
> anonymous accounts. Hmm... you could put the burden on other ISPs by only
> having anonymous accounts via telnet access - and not accepting such from
> k12.edu domains. Bit of a limit, though.
1) New .edu registrations are restricted to colleges, but you have
rogues like sidwell.edu (Chelsea's Quaker school), plus the odd
17-year-old attending college like I did.
2) .k12.STATE.us is safe enough to restrict, except that some people
are staff members who will be unhappy. Of course, those people can
just change their DNS so it responds to a PTR request with
a.root-servers.net. So naturally you don't let the students manage
your servers (although frankly, the staff members have little time
or knowledge to do it themselve; most would be happy to find a
trustworthy student). Even so, said smart student will discover
that it's possible to spoof the DNS by spamming a client with
responses. That's particularly easy since the source of the packet
will likely be the same subnet that the smart student.
You can't use the DNS for authentication of any type, particularly if
a Damoclean CDA is hanging over your head.
-russ <nelson@crynwr.com> http://www.crynwr.com/~nelson
Crynwr Software | Crynwr Software sells packet driver support | PGP ok
11 Grant St. | +1 315 268 1925 voice | It's no mistake to err on
Potsdam, NY 13676 | +1 315 268 9201 FAX | the side of freedom.
Return to May 1996
Return to “nelson@crynwr.com”