summaryrefslogtreecommitdiff
path: root/dd/4b12bf4939e9fd2b68f6ad628fe35c0f8e15c7
blob: 38465facbfcf5577f5fc7922b4220c41339a0011 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194]
	helo=mx.sourceforge.net)
	by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <mh.in.england@gmail.com>) id 1Vy0Ej-0002tL-OH
	for bitcoin-development@lists.sourceforge.net;
	Tue, 31 Dec 2013 14:24:01 +0000
Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com
	designates 209.85.219.41 as permitted sender)
	client-ip=209.85.219.41; envelope-from=mh.in.england@gmail.com;
	helo=mail-oa0-f41.google.com; 
Received: from mail-oa0-f41.google.com ([209.85.219.41])
	by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
	(Exim 4.76) id 1Vy0Ei-00077C-U4
	for bitcoin-development@lists.sourceforge.net;
	Tue, 31 Dec 2013 14:24:01 +0000
Received: by mail-oa0-f41.google.com with SMTP id j17so13226853oag.28
	for <bitcoin-development@lists.sourceforge.net>;
	Tue, 31 Dec 2013 06:23:55 -0800 (PST)
MIME-Version: 1.0
X-Received: by 10.60.165.36 with SMTP id yv4mr19723503oeb.55.1388499835491;
	Tue, 31 Dec 2013 06:23:55 -0800 (PST)
Sender: mh.in.england@gmail.com
Received: by 10.76.95.200 with HTTP; Tue, 31 Dec 2013 06:23:55 -0800 (PST)
In-Reply-To: <CAAS2fgQmMZ6RYjbJ6ZfFO5+ZhZoR4d4yMf8CXLXKPmZt3-Je4Q@mail.gmail.com>
References: <52A3C8A5.7010606@gmail.com>
	<1795f3067ba3fcdd0caf978cc59ff024.squirrel@fruiteater.riseup.net>
	<52A435EA.7090405@gmail.com> <201312081237.24473.luke@dashjr.org>
	<CANAnSg2OrmQAcZ+cZdtQeADicH3U29QOgYPfP1AQhOMP6+P1wg@mail.gmail.com>
	<CAAS2fgR0khyJxmz9c2Oc87hOFgiNuiPJuaeugGajdo_EcKEW9w@mail.gmail.com>
	<20131212205106.GA4572@netbook.cypherspace.org>
	<CANAnSg3nPhrk2k=yDKf39AuBQnSuTWJbgANdMhGe=soiOy0NTw@mail.gmail.com>
	<CAAS2fgTmWRMxYweu3sNn_X7grgjUqTQujM-DbZRxG_YMZnD=7g@mail.gmail.com>
	<CANEZrP2X_63qkuNuk0MvsLR9ewd7HR0mPVaD7bZSgWMTJ5-9FQ@mail.gmail.com>
	<CAAS2fgQmMZ6RYjbJ6ZfFO5+ZhZoR4d4yMf8CXLXKPmZt3-Je4Q@mail.gmail.com>
Date: Tue, 31 Dec 2013 14:23:55 +0000
X-Google-Sender-Auth: ErUE3b7dcDDKZdO45Oey4At73BY
Message-ID: <CANEZrP1mdJNa7ADkUXTGDNKMSCROjGAVbMXZXxodxCz1LFDzZw@mail.gmail.com>
From: Mike Hearn <mike@plan99.net>
To: Gregory Maxwell <gmaxwell@gmail.com>
Content-Type: multipart/alternative; boundary=047d7b3a8674771f9e04eed54fe2
X-Spam-Score: -0.5 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
	sender-domain
	0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
	(mh.in.england[at]gmail.com)
	-0.0 SPF_PASS               SPF: sender matches SPF record
	1.0 HTML_MESSAGE           BODY: HTML included in message
	0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
	not necessarily valid
	-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1Vy0Ei-00077C-U4
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Dedicated server for bitcoin.org,
	your thoughts?
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Tue, 31 Dec 2013 14:24:01 -0000

--047d7b3a8674771f9e04eed54fe2
Content-Type: text/plain; charset=UTF-8

>
> The site was actually moved onto a dedicated server temporarily and it
> melted down under the load. I wouldn't call that no progress.
>

Oh, it did? When was that? I must have missed this excitement :)

Any idea how much load it had?

Perhaps I wasn't clear on the point I was making Drak's threat model
> is not improved in the slightest by SSL. It would be improved by
> increasing the use of signature checking, e.g. by making it easier.
>

Well, that depends. If you watch Applebaums talk he is pushing TLS pretty
hard, and saying that based on the access to the source docs some of their
MITM attacks can't beat TLS. It appears that they have the capability to do
bulk MITM and rewrite of downloads as Drak says but *not* when TLS is
present, that would force more targeted attacks. So to me that implies that
TLS does raise the bar and is worth doing.

However if we can't find a server that won't melt under the load, then
that'd be an issue. We could consider hosting downloads on AppEngine or
something else that can handle both high load and TLS.

--047d7b3a8674771f9e04eed54fe2
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div class=3D"gmail_extra"><div class=3D"gmail_quote"><blo=
ckquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #c=
cc solid;padding-left:1ex">The site was actually moved onto a dedicated ser=
ver temporarily and it<br>

melted down under the load. I wouldn&#39;t call that no progress.<br></bloc=
kquote><div><br></div><div>Oh, it did? When was that? I must have missed th=
is excitement :)</div><div>=C2=A0</div><div>Any idea how much load it had?<=
br>
</div><div><br></div><blockquote class=3D"gmail_quote" style=3D"margin:0 0 =
0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Perhaps I wasn&#39;t cl=
ear on the point I was making Drak&#39;s threat model<br>
is not improved in the slightest by SSL. It would be improved by<br>
increasing the use of signature checking, e.g. by making it easier.<br></bl=
ockquote><div><br></div><div>Well, that depends. If you watch Applebaums ta=
lk he is pushing TLS pretty hard, and saying that based on the access to th=
e source docs some of their MITM attacks can&#39;t beat TLS. It appears tha=
t they have the capability to do bulk MITM and rewrite of downloads as Drak=
 says but *not* when TLS is present, that would force more targeted attacks=
. So to me that implies that TLS does raise the bar and is worth doing.</di=
v>
<div><br></div><div>However if we can&#39;t find a server that won&#39;t me=
lt under the load, then that&#39;d be an issue. We could consider hosting d=
ownloads on AppEngine or something else that can handle both high load and =
TLS.</div>
</div></div></div>

--047d7b3a8674771f9e04eed54fe2--