1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
|
Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193]
helo=mx.sourceforge.net)
by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <gmaxwell@gmail.com>) id 1Vpjyt-0000Iu-4D
for bitcoin-development@lists.sourceforge.net;
Sun, 08 Dec 2013 19:25:31 +0000
Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of gmail.com
designates 209.85.192.171 as permitted sender)
client-ip=209.85.192.171; envelope-from=gmaxwell@gmail.com;
helo=mail-pd0-f171.google.com;
Received: from mail-pd0-f171.google.com ([209.85.192.171])
by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1Vpjys-0000r6-Aw
for bitcoin-development@lists.sourceforge.net;
Sun, 08 Dec 2013 19:25:31 +0000
Received: by mail-pd0-f171.google.com with SMTP id z10so3889887pdj.30
for <bitcoin-development@lists.sourceforge.net>;
Sun, 08 Dec 2013 11:25:24 -0800 (PST)
MIME-Version: 1.0
X-Received: by 10.66.162.195 with SMTP id yc3mr16855100pab.64.1386530724402;
Sun, 08 Dec 2013 11:25:24 -0800 (PST)
Received: by 10.70.81.170 with HTTP; Sun, 8 Dec 2013 11:25:24 -0800 (PST)
In-Reply-To: <CANAnSg2OrmQAcZ+cZdtQeADicH3U29QOgYPfP1AQhOMP6+P1wg@mail.gmail.com>
References: <52A3C8A5.7010606@gmail.com>
<1795f3067ba3fcdd0caf978cc59ff024.squirrel@fruiteater.riseup.net>
<52A435EA.7090405@gmail.com> <201312081237.24473.luke@dashjr.org>
<CANAnSg2OrmQAcZ+cZdtQeADicH3U29QOgYPfP1AQhOMP6+P1wg@mail.gmail.com>
Date: Sun, 8 Dec 2013 11:25:24 -0800
Message-ID: <CAAS2fgR0khyJxmz9c2Oc87hOFgiNuiPJuaeugGajdo_EcKEW9w@mail.gmail.com>
From: Gregory Maxwell <gmaxwell@gmail.com>
To: Drak <drak@zikula.org>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -1.6 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/,
no trust [209.85.192.171 listed in list.dnswl.org]
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(gmaxwell[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.
See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information. [URIs: zikula.org]
X-Headers-End: 1Vpjys-0000r6-Aw
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Dedicated server for bitcoin.org,
your thoughts?
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Sun, 08 Dec 2013 19:25:31 -0000
On Sun, Dec 8, 2013 at 11:16 AM, Drak <drak@zikula.org> wrote:
> BGP redirection is a reality and can be exploited without much
You're managing to argue against SSL. Because it actually provides
basically protection against an attacker who can actively intercept
traffic to the server. Against that threat model SSL is clearly=E2=80=94 ba=
sed
on your comments=E2=80=94 providing a false sense of security.
We _do_ have protection that protect against that=E2=80=94 the pgp signatur=
e,
but they are far from a solution since people do not check that.
(I'm not suggesting we shouldn't have it, I'm suggesting you stop
arguing SSL provides protection it doesn't before you manage to change
my mind!)
|