momo17h ago

On security.txt:

I understand that staleness may exist in companies and a security contact should be reachable. but why is the solution an EXPIRES field that has to be updated once a year?

- https://datatracker.ietf.org/doc/html/rfc9116#name-expires

People will just automate the task of changing the date of the EXPIRES field instead of changing the contact in their aliases file.

It does not change anything if the date did not expire but nobody is reading [email protected].

#rfc9116 #rfc #ietf #standards

RFC 9116: A File Format to Aid in Security Vulnerability Disclosure

When security vulnerabilities are discovered by researchers, proper reporting channels are often lacking. As a result, vulnerabilities may be left unreported. This document defines a machine-parsable format ("security.txt") to help organizations describe their vulnerability disclosure practices to make it easier for researchers to report vulnerabilities.

IETF Datatracker
KeithDPatch1d ago

#H2Safety
↙️NASA Glenn preps another regenerative fuel cell #RFC test stand for energy storage on moon or mars.

↘️NASA's 2004 closed loop #RFC tests were also at Glenn (née Lewis).

But #NASA had an electrolyzer explosion when their PC-based control system crashed! Luckily, nobody was injured.

Human-safety says "use a proper emergency shutdown system #ESD". Program manager Dave Bentz added one before they restarted (with a new electrolyzer...).
#hydrogen #H2 #fuelcell

Habr1d ago

Я написал свой DNS-резолвер на Go вместо того, чтобы взять Unbound. Вот почему и что из этого вышло

Три месяца назад я начал делать NextDNS-clone для Европы. Рекурсивный DNS с фильтрацией рекламы, трекеров и malware. Первый день: открываю Unbound, читаю man, всё понятно. К вечеру понимаю, что не подходит. Через неделю пишу свой резолвер на Go и вспоминаю поговорку про человека, который решил написать почтовый сервер. Никогда такого не было, и вот опять. Сейчас в проде: 10 нод по миру, отвечает на DoH/DoT, фильтрует по миллионам доменов, RAM 60 МБ на ноду. Расскажу, почему ушёл от готового, что было больно, и где Unbound всё ещё быстрее. Спойлер: почти везде, но в наших условиях это не имеет значения. Зачем я полез в DNS

https://habr.com/ru/articles/1035394/

#DNS #recursive_resolver #Go #Unbound #privacy #DoH #edge #golang #RFC

Я написал свой DNS-резолвер на Go вместо того, чтобы взять Unbound. Вот почему и что из этого вышло

Привет, Хабр! Три месяца назад я начал делать NextDNS-clone для Европы. Рекурсивный DNS с фильтрацией рекламы, трекеров и malware. Первый день: открываю Unbound, читаю man, всё понятно. К вечеру...

Хабр
RFC Editor2d ago
RFC 9967: System for Cross-Domain Identity Management (SCIM) Profile for Security Event Tokens (SETs), P. Hunt, Ed., et al., https://www.rfc-editor.org/info/rfc9967 #RFC This specification defines a set of System for Cross-domain Identity Management (SCIM) Security Events using the Security Event Token (SET) specification (RFC 8417) to enable the asynchronous exchange of messages between SCIM 1/2
Information on RFC 9967 » RFC Editor

RFC Editor3d ago
RFC 9962: A Decentralized Locator/ID Separation Protocol Mapping System (LISP-Decent), D. Farinacci, et al., https://www.rfc-editor.org/info/rfc9962 #RFC This document describes how the Locator/ID Separation Protocol (LISP) Mapping System can be distributed for scale and decentralized for management, while maintaining trust among data plane nodes. This is an Informational RFC and should be 1/2
Information on RFC 9962 » RFC Editor

RFC Editor3d ago
RFC 9944: Device Schema Extensions to the System for Cross-Domain Identity Management (SCIM) Model, M. Shahzad, et al., https://www.rfc-editor.org/info/rfc9944 #RFC The initial core schema for the System for Cross-domain Identity Management (SCIM) was designed for provisioning users. This memo specifies schema extensions that enable provisioning of devices using various underlying 1/2
Information on RFC 9944 » RFC Editor

Stéphane Bortzmeyer4d ago

RFC 9959: Convergence of Congestion Control from Retained State

Traditionnellement, les protocoles de transport comme #QUIC ou TCP partaient de zéro à chaque connexion. On se connecte, on démarre prudemment, puis on augmente le débit petit à petit. Mais c'est dommage de ne pas tenir compte des connexions précédentes. Ne pourrait-on pas se souvenir des mesures précédentes pour aller plus vite la prochaine fois ? C'est justement ce que propose ce #RFC.

https://www.bortzmeyer.org/9959.html

Blog Stéphane Bortzmeyer: RFC 9959: Convergence of Congestion Control from Retained State

RFC Editor5d ago
RFC 9968: Report from the IAB Workshop on the Next Era of Network Management Operations (NEMOPS), W. Hardaker, et al., https://www.rfc-editor.org/info/rfc9968 #RFC The "Next Era of Network Management Operations (NEMOPS)" workshop was convened by the Internet Architecture Board (IAB) from December 3-5, 2024 as a three-day online meeting. It builds on a previous 2002 workshop, the outcome of 1/4
Information on RFC 9968 » RFC Editor

RFC Editor5d ago
RFC 9959: Careful Resume: Convergence of Congestion Control from Retained State, N. Kuhn, et al., https://www.rfc-editor.org/info/rfc9959 #RFC This document specifies a cautious method for Internet transports that enables fast startup of Congestion Control (CC) for a wide range of connections, known as "Careful Resume". It reuses a set of computed CC parameters that are based on previously 1/3
Information on RFC 9959 » RFC Editor

RFC Editor5d ago
RFC 9957: The DOCSIS Queue Protection Algorithm to Preserve Low Latency, B. Briscoe, Ed., et al., https://www.rfc-editor.org/info/rfc9957 #RFC This Informational RFC explains the specification of the queue protection algorithm introduced into Data-Over-Cable Service Interface Specification (DOCSIS) technology at version 3.1. A shared low-latency queue relies on the non-queue-building 1/3
Information on RFC 9957 » RFC Editor