LISTSERV - NCSG-DISCUSS Archives

good news for us non-geeks!  Thanks James.

SP


On 2017-02-15 14:26, James Gannon wrote:
>
> Being very honest, this is not a question we should be spending time 
> on in my opinion, Proofpoint is used by millions of users and 
> thousands of companies and governments, we wont change anything on 
> their side and ICANNS use of it is a good thing for security.
>
> -James
>
> *From:*NCSG-Discuss [mailto:[log in to unmask]] *On Behalf 
> Of *Stephanie Perrin
> *Sent:* Wednesday, February 15, 2017 5:51 PM
> *To:* [log in to unmask]
> *Subject:* Re: External links & archives
>
> Great.  and if Proof point gets bought and killed, my next question is 
> then what?
>
> Stephanie Perrin
>
> On 2017-02-15 12:23, Ayden Férdeline wrote:
>
>     Greetings, all-
>
>     I have received a message from ICANN staff regarding the lifespan
>     of access to masked hyperlinks. I have copied and pasted their
>     response verbatim:
>
>     /hi - i heard back from the security team - Great question!There
>     is a long answer and a short answer.In short, the links will
>     always work as long as Proofpoint is still a company J.The long
>     answer is once the URL is re-written it will always be re-written.
>     For example, if you forward an email to another company that does
>     not own proofpoint but that email you sent has a proofpoint
>     re-written link, they can still open it. It will always re-direct
>     to the proofpoint servers and then to the final destination. If
>     for some reason you leave proofpoint, those links will still work
>     just so long as Proofpoint is still a company.Hope this answers
>     your question!/
>
>     Best wishes,
>
>     Ayden Férdeline
>
>     linkedin.com/in/ferdeline <http://www.linkedin.com/in/ferdeline>
>
>         -------- Original Message --------
>
>         Subject: External links & archives
>
>         Local Time: 2 February 2017 12:43 PM
>
>         UTC Time: 2 February 2017 12:43
>
>         From: [log in to unmask] <mailto:[log in to unmask]>
>
>         To: [log in to unmask]
>         <mailto:[log in to unmask]>
>         <[log in to unmask]>
>         <mailto:[log in to unmask]>
>
>         I really dislike this masking of hyperlinks when we receive an
>         email from ICANN staff now. When I read email archives, I
>         can't see the real URL to ascertain at a glance what I am
>         really clicking on, and must trust it will take me to the
>         ICANN website. I rarely click on every hyperlink in an email,
>         as I can see from the URL whether it is an announcement, a
>         PDF, taking me to the wiki, or somewhere else. Now I am often
>         left to click all the links to try to find the relevant
>         material. This is a but a small inconvenience, and not my
>         biggest concern. What I worry about is how we archive these
>         links. In five or ten years time, will
>         "urldefense.proofpoint.com" plus the string of 200 or so
>         random characters still redirect to the linked content? We
>         don't need these third party redirects, it does not make us
>         any safer, and it feels very much us vs. them. Is it possible
>         that we can get some meaningful assurances from ICANN staff
>         that these masked links will redirect to the correct URLs in
>         perpetuity? Thanks
>
>         Ayden Férdeline
>
>         linkedin.com/in/ferdeline <http://www.linkedin.com/in/ferdeline>
>