Hi Serge,
Gotta agree with Olivier, Andre & Mike. This is a strange decision and a
strange process (2 weeks to react to this new world order???). Makes me
wonder why such a strange strategy couldn't be extrapolated to where .ch
is disconnected unless some subdomain spreading "malware" stops within
24hrs?!?
I seem to recall 15 or more years ago (details are obviously a bit hazy) ...
a) Milo decided to disconnect Finland from the then Internet (for some
reason he thought was important).
b) SWITCH decided to ban distributing any newsgoup dealing with sex
(SWITCH was the main way for the vast majority of Internet users to
receive their newsgroups).
Both decisions were very arbitary (agree that no malice was intended
except for Milo's case ;-( ). No chance to discuss the "how to achieve
the goal" and "how to implement the goal".
Seriously, cert authorities have often delayed "outing" security holes
from buggy software/hardware manufacturers until they have time to patch
the bug. This has taken sometimes a very long time.
How come then that a "maybe" malware infected site (read the previous
poster's comments - one man's malware is another man's security
protection service) has no real time to react and is effectively "nuked".
One could argue that all sites that use known buggy software and
hardware must fix within 24hrs or else be disconnected.
One thing is for the police to ask an ISP do something (at least they
are following laws where a particular process is involved where debate,
enhancements, etc occur AND as Andre correctly states the ISP can shield
himself from legal liabilty by stating "I did what the police told me to
do."). But for SWITCH to "decide" to do something to an even lower level
entity, such as a domain, and in this manner is truely abit scary and a
bad decision as a "process" - SWITCH also makes mistakes from time to
time (see above).
SWITCH should raise suspect sites to the police who would "decide" and
then instruct SWITCH what it should do.
Lastly, law or no law, would you really treat bluwin.ch the same as
smallISP.ch and disconnect them within 24hrs if their cisco ios was
buggy - such a bug ain't gonna be fixed within 24hrs?
Also my 2cents worth...Cheers JIm
On 11/11/2010 10:28, Mike Kellenberger wrote:
Hi all (again)
The more I think about it, the less I think SWITCH thought about it, before
publishing such nonsense.
"On 25 November 2010 SWITCH will launch an new initiative to maintain the high
security standards of Swiss websites."
Hello? Since when does SWITCH have anything to say about the security of
websites? Security of Domains: ok, but websites? Remember: Internet !=
WorldWideWeb
Deleting the name server delegation of a domain not only shuts down access to
one website, but to ALL Internet services depending on DNS in that domain.
"From different third parties we receive a fairly large number of URLs in .ch/.li
ccTLDs which distribute malware."
Exactly - specific URLs (or the websites behind those URLs) may spread malware,
but not the domain itself, but again - since SWITCH cannot block access to
specifiec URLs, there is no reason to block access to the whole domain.
So I absolutely second Andre Oppermanns opinion: "This delegation suspension plan is
entirely broken by design and should be immediately stopped."
Cheers
Mike
_______________________________________________
swinog mailing list
[email protected]
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
