SSH certificates, AWS IPv4 addresses, URLs, emojis and exmaple.com

ssh is the standard technique to connect securely to distant computers. The first version of ssh was designed in the mid-nineties to replace the rsh, rlogin and telnet solutions. Its main advantage for many users is that it provides security protections for the session with a distant server. However, many ssh deployments rely on the Trust on First Use (TOFU) principle. During the first connection with a server, the client assumes that the public key announced by the server is valid and can be trusted. This key is then stored in the client cache and used to validate future connections with the same server. However, this is not the only way to authenticate servers and ssh supports certificates like TLS. In a recent blog post , Mike Malone discusses the benefits of these ssh certificates and why they are deployed by large organizations.

Andree Tonk estimates the total value of the IPv4 addresses owned by Amazon Web Services in a recent blog post. An article on circleid also explores the implications of the fact that AWS is now charging for IPv4 addresses. Clearly, it’s time to move to IPv6.

Hamed Haddadi recalled an excellent Cloudflare blog post written by Zack Bloom that details the history of the URL](https://blog.cloudflare.com/the-history-of-the-url/) with various pointers to the evolution of the naming system and the DNS, the character sets, and the Uniform Resource Locators.

In September 1982, Scott Fahlman at CMU proposed to use the :-) and :-( character sequences that everybody uses today. Dan Ports provides the original message on Mastodon to celebrate this 41th birthday.

The example.com, this domain should not be used in practice. One would expect that variations of example.com, such as exmaple.com for example do not attract any traffic. Surprisingly, this is not true. The exmaple.com is a registered DNS domain that receives a surprisingly large about of traffic. On the Cloudflare blog, João Tomé analyzes the different types of traffic that this unused domain attracts. It receives 1Mbps traffic on average, 2.48 billion HTTP requests over one year, it was even the target of a DDoS attack on December 9, 2022 with 560k HTTP requests on this day. The HTTP requests that target this unused domain are not equally spread, the customers of Bouguyes Telecom, a French ISP, produce more than 3 millions HTTP requests per day to this unused domain without any plausible explanation at this stage. This domain also receives on average 432 emails per day …

You can follow this blog by subscribing to its RSS feed or by following @cnp3_ebook on mastodon.

Written on September 25, 2023