Re: [Asrg] Spam Control Complexity -- scaling, adoption, diversit y and

Phillip,

> > No doubt you have empirical data to substantiate your empirical
> > assertion.
HBP> Fifteen years of trying to deploy PKI through the edge model.

Forgive me, but as I noted later in my query, I was asking for you to
cite a *success*. Making definitive statements about what will succeed,
based on a track record of failure, is not very convincing.

(I am assuming that you are not trying to claim that PKI has a success
record for Internet-scale deployment, use, and enhancement, since such a
claim would be glaringly incorrect.)


HBP> My experience is that deployment of new client features takes
HBP> five years or more - even in communities with a need for the
HBP> features.

Deploying *any* enhancement to a global, installed base takes many
years.  No doubt you meant something special, but your point escapes me.


> > So, please cite some major enhancement to an Internet-scale,
> > Internet-diversity, existing service, that could have been done either
> > in an edge fashion or a core fashion, that went quickly (or at all)
> > through core deployment, rather than edge.
HBP> I am not aware of any Internet service the IETF has succeffully
HBP> deployed while I have been involved with it. Not one thing.

We seem to be having different discussions.  I thought you had made a
technical assertion and I was interested in pursuing the basis for it.
However you seem intent on conducting IETF-bashing that has nothing at
all to do with the topic at hand.


HBP> The Web was successful before the IETF was involved and largely
HBP> in spite of IETF dogma.

"Largely in spite of"?  wow.  And here I am, unable to recall your
involvement in any of those activities, and even more unable to guess
whatever it is you might have in mind with such a broad and forceful
assertion.

The danger with my asking you to explain yourself is that we are already
deep in one such request -- and at least it is a request about a topic
relevant to this list -- but we do not seem to be making much progress.
Asking for clarification on yet another assertion from you seems equally
unlikely to be successful, with the added benefit of being wholly
distracting to the group.)


HBP> Need more proof?

I always thought that folks in the security arena actually were pretty
good at knowing what a "proof" was, as well as developing them.  However
in this case it appears not.

You have not even responded to the actual query I made, never mind
responded with a "proof".

I am sure that it is great fun to travel down the path of IETF bashing
-- many of us derive great entertainment from it.  However this group is
supposed to be doing some real work about spam control

So let's try a refresher course:

1.  You made an assertion about the operational superiority of enhancing
an installed base through a core approach, rather than an edge approach.

2. I asked you to cite an example of such an approach being done
successfully (both broad and timely deployment and use) through
architectural changes to the core, when it could have been done to the
edge, instead.

On the assumption that you meant your architectural/operational
assertion seriously, please do provide the relevant example. It does not
matter whence it derives. What matters is that it involved an
enhancement to a Internet-scale, Internet-diverse existing system.


> > My own counter-example will be multi-media mail, which failed
> > to deploy
> > through a core approach in spite of 2 or three eager efforts over a 10
> > year period, while MIME became useful within the first year of its
> > release.
HBP> Well duh! Multimedia mail does kinda require a multi-media client.

The prevailing view, for 10 years, was that it also required a
multi-media core.  This view was incorrect.  As soon as it was
discarded, multi-media mail deployed quite nicely.


> > "doubled ended" sounds like a dandy term.  what does it mean?
HBP> Must be deployed by both the sending and receving party before
HBP> there is any benefit.

Oh.  As in "any networking standard".  Well, yes.  Thanks very much.

In other words, if it is "single-ended" then there is no
interoperability and it is not really a networking standard.

That does not mean it isn't useful, it just means that discussing it is
irrelevant to any evaluation of network core-vs-edge architectural
modifications.


HBP> Content filtering requires only single ended adoption.

And it is not subject to network standardization.  Hence it appears that
what you are talking about is the local implementation choice of putting
something on a server versus on the clients using that server.  Well,
yes, that's an important decision to make.

But it is irrelevant to any discussion of networking standards.  It
isn't even very relevant to a general discussion of spam control.  It is
only relevant to a discussion of software implementation choices.

Personally, I think it would be wonderful, if that were the kind of
detail we needed to debate.  Alas we are not even close, and I suspect
that when we are, it will not require an IRTF group.


d/
--
 Dave Crocker <mailto:dcrocker(_at_)brandenburg(_dot_)com>
 Brandenburg InternetWorking <http://www.brandenburg.com>
 Sunnyvale, CA  USA <tel:+1.408.246.8253>, <fax:+1.866.358.5301>

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg