it seems someone decided to prove you really can just publish any nonsense protocol draft with the IETF https://www.ietf.org/archive/id/draft-meow-mrrp-00.html
-
it seems someone decided to prove you really can just publish any nonsense protocol draft with the IETF https://www.ietf.org/archive/id/draft-meow-mrrp-00.html
When I visited that link I was reminded of: https://www.youtube.com/watch?v=yL_-1d9OSdk
-
it seems someone decided to prove you really can just publish any nonsense protocol draft with the IETF https://www.ietf.org/archive/id/draft-meow-mrrp-00.html
@0xabad1dea I wonder how interesting of an attack vector that could be in real life scenarios. How about having an LLM generate 500 drafts with non-obvious misinformation and watch crawlers crawl it, models being trained with the data and then people citing the resulting misinformation?
Or, more wildly: what's the authN process for working groups? I wonder how far a swarm of agent sock puppets could get in the RFC process...
-
it seems someone decided to prove you really can just publish any nonsense protocol draft with the IETF https://www.ietf.org/archive/id/draft-meow-mrrp-00.html
@0xabad1dea Bluesky?
-
@0xabad1dea @slothrop ? Am just saying it d be a good April’s Fools thing to do. Don’t see replies on my fedi client.
-
@0xabad1dea @slothrop ? Am just saying it d be a good April’s Fools thing to do. Don’t see replies on my fedi client.
@hugo @slothrop I’m saying it’s a pointed political statement and not a random joke https://infosec.exchange/@0xabad1dea/116419619962656186
-
if you have no idea what this is about: a very official-looking "IPv8" draft appeared that was an absolute fever dream of and-a-pony wishlist features for a censorious regime, down to using json web tokens at the hardware level for some reason
@0xabad1dea I, for one, would rather welcome our feline overlords.
(Edit: remove the URL) -
it seems someone decided to prove you really can just publish any nonsense protocol draft with the IETF https://www.ietf.org/archive/id/draft-meow-mrrp-00.html
-
@cinnamon @0xabad1dea
> about time to have a standard for some kinds of communicationThere is one
-
if you have no idea what this is about: a very official-looking "IPv8" draft appeared that was an absolute fever dream of and-a-pony wishlist features for a censorious regime, down to using json web tokens at the hardware level for some reason
@0xabad1dea I hadn't heard about it before, but assuming it was an April Fool's Day RFC, I just searched for the ones that were published on Apr 1, 2026 and it wasn't there. A little more searching found it, and it seems to have been intended as one, but was still in a draft state. The delay in the joke feels like meta-humor and works well considering the context of IPv4 address space exhaustion and the slow implementation of IPv6.
-
if you have no idea what this is about: a very official-looking "IPv8" draft appeared that was an absolute fever dream of and-a-pony wishlist features for a censorious regime, down to using json web tokens at the hardware level for some reason
@0xabad1dea I hope people learn a little bit about the IETF draft process also: https://www.ietf.org/participate/ids/
Yes, anyone can submit a draft. It does not mean anything beside showing how strong what-ever they just took is...
-
@0xabad1dea I wonder how interesting of an attack vector that could be in real life scenarios. How about having an LLM generate 500 drafts with non-obvious misinformation and watch crawlers crawl it, models being trained with the data and then people citing the resulting misinformation?
Or, more wildly: what's the authN process for working groups? I wonder how far a swarm of agent sock puppets could get in the RFC process...
@nila @0xabad1dea the auth process is "if the IETF isn't interested, it doesn't proceed to the RFC stage", apparently.
You can't just post a standard, but you CAN just post a draft/proposal, which is what both this and "IPv8" are.
-
@nila @0xabad1dea the auth process is "if the IETF isn't interested, it doesn't proceed to the RFC stage", apparently.
You can't just post a standard, but you CAN just post a draft/proposal, which is what both this and "IPv8" are.
@nila @0xabad1dea as long as crawlers correctly interpret the draft as a draft and journos / wiki editors etc do their due diligence (which, i am told, they always do), there is no attack vector
-
@nila @0xabad1dea the auth process is "if the IETF isn't interested, it doesn't proceed to the RFC stage", apparently.
You can't just post a standard, but you CAN just post a draft/proposal, which is what both this and "IPv8" are.
@ratsnakegames @0xabad1dea Do you think an agent swarm led by an APT could social engineer its way into "the IETF"? Setting up web pages, blogs, arXiv submissions etc. for a network of sock puppets definitely seems within reach of such actors.
(And, come to think of it, any other standards body...)
-
it seems someone decided to prove you really can just publish any nonsense protocol draft with the IETF https://www.ietf.org/archive/id/draft-meow-mrrp-00.html
Reminds me of Doug Zongker's publication:
http://isotropic.org/papers/chicken.pdf
https://www.youtube.com/watch?v=yL_-1d9OSdk -
it seems someone decided to prove you really can just publish any nonsense protocol draft with the IETF https://www.ietf.org/archive/id/draft-meow-mrrp-00.html
@0xabad1dea
Cat5e or Cat6 cable isn't good enough.
You need Cat9 cable, -
@hugo @slothrop I’m saying it’s a pointed political statement and not a random joke https://infosec.exchange/@0xabad1dea/116419619962656186
@0xabad1dea @slothrop
no worries next time I won’t reply unless to say something deep and serious which is probably once a year for me on Mastodon. You can ignore me.
Have a good day -
if you have no idea what this is about: a very official-looking "IPv8" draft appeared that was an absolute fever dream of and-a-pony wishlist features for a censorious regime, down to using json web tokens at the hardware level for some reason
@0xabad1dea When I read the beginning of IPv8 I thought it was an April 1st one.
-
it seems someone decided to prove you really can just publish any nonsense protocol draft with the IETF https://www.ietf.org/archive/id/draft-meow-mrrp-00.html
@0xabad1dea I think the somebody in question is @mat ?
-
@0xabad1dea I think the somebody in question is @mat ?
-
it seems someone decided to prove you really can just publish any nonsense protocol draft with the IETF https://www.ietf.org/archive/id/draft-meow-mrrp-00.html
@0xabad1dea throwing in an obligatory shoutout to @mat for being the ietf kitty. cats deserve credit
