This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[atlas] Proposal: Measure well-known CDNs,[CDN-HTTP]
- Previous message (by thread): [atlas] Proposal: Measure well-known CDNs,[CDN-HTTP]
- Next message (by thread): [atlas] Proposal: Measure well-known CDNs,[CDN-HTTP]
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Stephane Bortzmeyer
bortzmeyer at nic.fr
Thu Dec 29 15:15:16 CET 2022
On Tue, Dec 20, 2022 at 05:48:08PM +0100, Lukas Tribus <lukas at ltri.eu> wrote a message of 60 lines which said: > - where have those security concerns been previously discussed? Several times on this list. This is a recurring discussion, for many years. > Are you suggesting that people deploy ATLAS probes in security > sensitive inside parts of corporate networks? I believe that the concerns were more about the security of the server than the security of the probe. Nobody wants Atlas to be used as a botnet against unsuspecting HTTP servers. > And those security concerns affect only GENERIC-HTTP not other > currently available measurements like DNS? For a typical DNS server, the "cost" does not depend on the request (at least for authoritative DNS servers). On the contrary, for HTTP, the cost can vary immensely from a static favicon.ico to a request involving many SQL statements. > we are talking about small HTTP HEAD and GET requests here. The GET can be small but incurring a huge cost for the server.
- Previous message (by thread): [atlas] Proposal: Measure well-known CDNs,[CDN-HTTP]
- Next message (by thread): [atlas] Proposal: Measure well-known CDNs,[CDN-HTTP]
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]