There is no authentication of the John Doe part of
DMARC
Readit NewsLoSboccacc commented on Mnm – an open source project to replace email and SMTP mnmnotmail.org/... · Posted by u/skinkestek
LoSboccacc commented on Mnm – an open source project to replace email and SMTP mnmnotmail.org/... · Posted by u/skinkestek
You can (sort of, with a great deal of effort) but you don't.
And there is no effective way to prevent phishing in SMTP/etc if the server accepts connections from the public Internet.
If you didn't, I suggest reading the protocol draft and "Why TMTP?"
you can check that the envelop and message sender header match at the mx level and let spf handle the rest
avereveard commented on Mnm – an open source project to replace email and SMTP mnmnotmail.org/... · Posted by u/skinkestek
I don't get it, I can have all of this on email right now, and still be compatible with the rest of the world
> choose the organizations/sites that relay your correspondence
SPF/DKIM
> select which members of a site can correspond with you
whitelists have been a thing in a while
> always know from which site a message originated
SPF
> can block anyone with whom you’ve made contact
blacklists have been a thing in a while
> may leave a site and never see traffic from it again
domain filter are a thing too. preemptive 'but you still receive emails' - no you can send a 550 early on and interrupt the transfer as soon as you get the envelope sender domain
> 2 To offer capabilities missing in traditional email, including
that's all client side stuff and you can do all of it as of today on top of email. first part of the protocol is to know which user sent you markdown before, so you can send markdown to them. for user that you don't know if they have a markdown clent, your own client send a multipart with markdown and the local markdown representation as html, so you have a two-in-one discovery/fallback mechanism
while the first one might be beneficial as you give more control from the sysad and into the user hand for point 1.5, the second part is a problem we already had and we already solved with the transition from text email to html email and it was never a protocol issue to begin with, so I don't understand why it has been rolled in here for more effort and little effective gains.
These patents sound like they loosely describe a worse version of ssl/tls.
They talk about the client having a whitelist of IPs to form secure channels to, and using a combination of a dns proxy and cooperating client to form secure communication layers.
The actual described thing sounds a little different (i.e. 'requests for 192.168/24 have a transparently encrypted link' rather than tls handshakes), but not different enough that it's not obvious.
From the existence of SSL, dns, and a VPN, this idea seems quite obvious to me. In 1998, all of those things existed. The existence of SSL (in 1995), should have by itself invalidated this patent entirely IMO.
From the case filings, it sounds like the supposedly infringing part of Apple's tech is "VPN On Demand" and "FaceTime".
I am not a patent lawyer, I likely don't know what I'm talking about.
the solution for routing voip on a mesh network wasn't obvious.
data? yeah, albeit p2p sharing was popularized a year late, aggregating multiple channels for data transfer was something common.
but voip has some unique challenges, as you cannot reconstruct data as easily, you have strict time constraint as your call would exhibit disruptive latency otherwise, so your mesh cannot pump packet downstream at their own leisure, the goal is not to saturate the channel but to provide a ordered stream whee packets arrive in a timely matter.
as a matter of fact the first consumer available p2p voip app was skype, 5 years or so after this patent, and they couldn't stabilize it with a true mesh so their software elected supernodes across their own network to act as relay.
Deleted Comment
LoSboccacc commented on Signal community: Reminder: Please be nice community.signalusers.org... · Posted by u/decrypt
Was the game free? And did the people working on the game contribute a lot of their time to it for free?
If not then I can see the reason for your frustration, however it is not the same as free software being worked on (at least partly) by volunteers receiving the same lack of effort (or in signal's case nastiness) in bug submissions.
paid
LoSboccacc commented on Signal community: Reminder: Please be nice community.signalusers.org... · Posted by u/decrypt
I understand when writing paid software with support expectations/contracts, sometimes you have to engage with the teeth-pulling exercise that is “does not work”. But why do you in FOSS? Can’t you just close the ticket and say “not descriptive enough” and move on?
this is extremely frustrating for the users.
there's a game I used to play fairly often before updates simply broke it. like mission items were replaced with random fires floating in water. many users with the same issue reported it, and some like me even provided a save (which was never even downloaded)
all such tickets were closed with "cannot reproduce"
I'm not (their) tester, I don't have time to fully reproduce issues step by step, and I don't have access to a debug build anyway to figure out the bug trigger condition
"does not work" is the best I can say here.
I know this is a heated topic but I really don’t understand what the other options are. Having businesses dictate who they want to serve seems like censorship but having the government dictate it seems way worse. I’m not sure how to decouple or balance the freedom of will as a business, freedom of will as a person and the societal mandate of the majority (which is how democracy works? It’s always about the majority values).
> what the other options are
add political views into the list of non-discrimination laws and let the courts decide, if it's important enough to have to be legislated, that's the closes framework upon which to model it.
LoSboccacc commented on Ron Paul locked out of his Facebook page twitter.com/ronpaul/statu... · Posted by u/drak0n1c
>it's turtles all the way down
so you can see how people might disagree with you on whether someone is independent/reliable/etc.
>a) isn't possible.
Sure it is. "You deplatform someone after court order", or "you deplatform someone after measuring public opinion".These algorithms are just illustrative, before someone starts to point out why they're bad.
I just want objectivity and symmetry. Because I've seen far too many people do mental gymnastics and apply double standards when it comes to "our side" and "their side".
>b) is absolutely not desirable.
it is desirable for me. When it comes to politics, I'd prefer if everyone had a voice, even if you or I disagreed with them on a fundamental level.
Especially since the timing strongly suggest they are just changing whom they sycophant for, following the change of power, and we might very we'll be in a position of not liking whom goes to power next; assuming these company allegiance is to the just side and not to the side with power is quite naive and the questioning of their role in society legitimate.
Dead Comment