[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [emergency] CAP and DDoS
Yeah, What he said. Ciao, Rex At 12:42 PM -0600 2/6/04, Bullard, Claude L (Len) wrote: >And that message should be communicated. Otherwise, >good intentions over flaky protocols will filter >into the infrastructure. A problem of the current >environment is that too many in the Beltway and >elsewhere are drinking the HTTP/REST/IP kool-aid and >not taking into account the unreliability and >vulnerabilities of the base TCP/IP infrastructure. >So Federal dollars will be attached to agency >procurements based on those technologies. > >Some will understand and refuse to build it >for mission critical applications; some won't. > >Be sure the message is clear and the risks >are well-explained. An XML document doesn't buy >them security or protection. Being agnostic >and failing to explain the need to completely >assess the risk of the transport are different. > >Thanks! > >len > > >From: Art Botterell [mailto:acb@incident.com] > >At 5:09 PM -0600 2/5/04, Bullard, Claude L (Len) wrote: >>Perhaps out of scope, but of interest: how would Distributed >>Denial of Service (DDoS) attacks affect the capabilities of systems >>using CAP? Pretty much as it would affect any IP server, yes? > >Right. In fact, any transport mechanism is vulnerable to some sort >of denial-of-service attack, be it Internet-based DDOS, >radio-frequency jamming or even plain old-fashioned "backhoe fade." > >This is one of the reasons we've all worked so hard to keep CAP >transport-independent. Technical diversity, through the integrated >use of a combination of distinct transport technologies, is one of >the best ways to mitigate the risk of DoS attacks and accidents. >It's a lot harder to jam every technology at once than it is to jam >any one at a time. > >To unsubscribe from this mailing list (and be removed from the >roster of the OASIS TC), go to >http://www.oasis-open.org/apps/org/workgroup/emergency/members/leave_workgroup.php. -- Rex Brooks GeoAddress: 1361-A Addison, Berkeley, CA, 94702 USA, Earth W3Address: http://www.starbourne.com Email: rexb@starbourne.com Tel: 510-849-2309 Fax: By Request
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]