HackerTrans
TopNewTrendsCommentsPastAskShowJobs

imrejonk

no profile record

comments

imrejonk
·7 ay önce·discuss
My former colleague Marco Davids from SIDN Labs (the R&D department at the .nl TLD operator) did an experiment in 2021 where he actively disabled IPv4 support on all components in his test network, even disabling the complete IPv4 stack in the FreeBSD kernel (not possible on Linux, at least not at the time). So far, his test is the only thing I know of that came close to an authentic simulation of an IPv6-only world.

https://www.sidnlabs.nl/en/news-and-blogs/can-we-do-without-...
imrejonk
·10 ay önce·discuss
I was thinking about the same thing. Such a classic!
imrejonk
·4 yıl önce·discuss
> Today’s email protocols use the STARTTLS protocol for encryption; it is laughably easy to do a protocol downgrade attack that turns off the encryption.

This can be solved with DANE, which is based on DNSSEC. When properly configured, the sending mailserver will force the use of STARTTLS with a trusted certificate. The STARTTLS+DANE combination has been a mandatory standard for governmental organizations in the Netherlands since 2016.