Show threadHcInfosecJun 7, 2024
and won't this be detrimental to #letsencrypt themselves?
Because many companies use #geoblocking as policy, they will resort to #allowlisting #letsencrypt ip's. So people Will start exchanging and publishing the ip's of the #letsencrypt servers. These will become relatively easy prey for ddos attack?
So won't #letsencrypt become less stable as a service by this #geoblocking ban?
Why not use local servers (in the same region) and only fall back to other regio's or something?
#infosec #tls #linux #opensource
Show threadKevin Karhan Nov 5, 2023

@mar I do think that #Allowlisting - like #Blocklisting should be supported...

I'd gladly add an #AllowList in addition to the existing #DenyList I have here:
https://github.com/greyhat-academy/lists.d/blob/main/activitypub.domains.block.list.tsv

Feel free to open up an issue and suggest it...
https://github.com/greyhat-academy/lists.d/issues/new

lists.d/activitypub.domains.block.list.tsv at main · greyhat-academy/lists.d

List of useful things. Contribute to greyhat-academy/lists.d development by creating an account on GitHub.

GitHub
Show threadKevin Karhan Jun 24, 2023

@yuki2501 I think that's a bad approach as this will only benefit #BigInstances and benefit #HostileTakeovers like those of #NSAbook:

Just like #eMail isn't #AllowListing-only!

This will basically make #SelfHosting impossible because neither will users manually request to have their instances be #allowed nor will admins bother to allow every small bona fide instance in.

Show threadKevin Karhan Dec 22, 2022

@kuketzblog +9001%

Ohne #pfBlockerNG, #uBlockOrigin & #AdAway sowie #NoScript & #YesScript inkl. #JavaScript auf reines #Allowlisting beschränkt ist das #Internet unbenutzbar.

Ich blockiere aus Prinzip alle #Cookies & #Popups sowie #Werbung, denn dafür ist mir mein Traffic zu schade!