LISTSERV - NCSG-DISCUSS Archives

NCSG-DISCUSS Archives

NCSG-Discuss

NCSG-DISCUSS@LISTSERV.SYR.EDU

	LISTSERV Archives
	NCSG-DISCUSS Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: External links & archives
From:	Tapani Tarvainen <[log in to unmask]>
Reply To:	Tapani Tarvainen <[log in to unmask]>
Date:	Thu, 2 Feb 2017 20:41:01 +0200
Content-Type:	text/plain
Parts/Attachments:	text/plain (40 lines)

Yes, clicking them is indeed reasonably safe.

But they are not unproblematic: besides issues already mentioned, they
mean proofpoint can see whenever they're clicked and can collect
potentially sensitive information about people. (I don't know if they
actually do.)

But the archive problem Ayden brought up is perhaps most critical.
Those links will rather obviously break when Proofpoint dies, one
way or another, and there's little ICANN can do about it.

A technical solution should be possible: unmunge the links in archives.
Even better if it could be done by the mailing list software before
even sending the mails to list subscribers.

That is not entirely trivial, however. For archives it should be
doable with a moderate effort; I may give it a go at some point.

-- 
Tapani Tarvainen

On Thu, Feb 02, 2017 at 05:29:03PM +0000, James Gannon ([log in to unmask]) wrote:

> Proofpoint email links are actually an antivirus scanning/antiphising setup, so while I agree its not great and readable they are pretty safe.
> 
> -James
> 
> From: NCSG-Discuss <[log in to unmask]<mailto:[log in to unmask]>> on behalf of Ayden Férdeline <[log in to unmask]<mailto:[log in to unmask]>>
> Reply-To: Ayden Férdeline <[log in to unmask]<mailto:[log in to unmask]>>
> Date: Thursday 2 February 2017 at 13:43
> To: "[log in to unmask]<mailto:[log in to unmask]>" <[log in to unmask]<mailto:[log in to unmask]>>
> Subject: External links & archives
> 
> I really dislike this masking of hyperlinks when we receive an email from ICANN staff now. When I read email archives, I can't see the real URL to ascertain at a glance what I am really clicking on, and must trust it will take me to the ICANN website. I rarely click on every hyperlink in an email, as I can see from the URL whether it is an announcement, a PDF, taking me to the wiki, or somewhere else. Now I am often left to click all the links to try to find the relevant material. This is a but a small inconvenience, and not my biggest concern. What I worry about is how we archive these links. In five or ten years time, will "urldefense.proofpoint.com" plus the string of 200 or so random characters still redirect to the linked content? We don't need these third party redirects, it does not make us any safer, and it feels very much us vs. them. Is it possible that we can get some meaningful assurances from ICANN staff that these masked links will redirect to the correct URLs in perpetuity? Thanks
> 
> Ayden Férdeline
> linkedin.com/in/ferdeline<http://www.linkedin.com/in/ferdeline>
> 
>

ATOM RSS1 RSS2

LISTSERV.SYR.EDU