ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] Washington Post: Earthlink to Deploy a Challenge-Response System for

2003-05-09 19:21:38
from [Vernon Schryver] [Permanent Link] 
From: J C Lawrence <claw(_at_)kanga(_dot_)nu>



...

I don't understand how anyone might hope that Challenge/Response won't
be done wrong on a large scale even with completely clear standards
track RFC.  Perhaps my point of view is colored by old scars inflicted
by large outfits.


Certainly the clearly written standards on vacation bots have shown us
what behaviour we can expect on a regular basis.


Yes, although I was feeling PPP scars.



...
Would it be worthwhile spending the time to wrap the consent token or
forward chained received headers stuff into an ID?


On the off chance that was addressed to me, I'd say that whoever
invests the editorial work must decide.  It seems likely that only a
support would want to invest the work.  Everyone who has commented on
those or other mechanisms is duty bound to at least try to read such
documents if they appear.

We currently have 
  - Dave Crocker's ID that he has promised will have a new version
      realsoonnow.
  - Paul Vixie's draft ID for an MX checking DNS mechanism.  Paul has
      left the building, but perhaps he could be convinced to return
      long enough consider suggestions and forward the document.  If
      not, he might be willing to pass the document to someone friendly.
  - Gordon Fecyk's ID.
  - others I can't seem to remember.
  - still other documents that as far as I know have not been layered
      with boilerplate and generally hammered into draft IDs.

I don't know, but suspect all but Dave Crocker's draft ID would have
to be "Informational" "individual submissions" or come from an IETF
WG and not from here in either case.  The three not yet draft IDs are
official products of this group, but it's early to think about their
fate until they become draft IDs.


Those not familiar with the IETF/IRTF or standards committees in
general might not realize that the IETF has strong fences separating
committee turfs.  Standards committeee fences are honored to keep the
inter-committee battles from getting too distracting.  IEEE PARs and
the ANSI equivalents are higher and defended more ferociously than
the IETF fences, but the IETF equivalents can't be violiated by
newcomers without lots of political capital.  Those who have enough
capital are unlikely to spend it on minor spam IDs.

That's not to say that talk about those IDs is off-topic, but that
getting support here is only a first, small step in a long process
unless you take the shortcut straight to the IESG for the low goal of
"individual" and "informational."

I hope that if I've misstated the rules of the RFC game, someone more
knowledgeable will correct me.  I've tried to use lots of jargon to
give pause to newcomers who might otherwise simply inform me that I'm
all wet about the Standards Process.


Vernon Schryver    vjs(_at_)rhyolite(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [Asrg] Re: Washington Post: Earthlink to Deploy a Challenge-Response System for Fightin, Eric Dean
Next by Date:  Re: [Asrg] Assume perfect knowledge by domain registry provisioners, so what?, Eric Brunner-Williams in Portland Maine
Previous by Thread:  Re: [Asrg] Washington Post: Earthlink to Deploy a Challenge-Response System for, J C Lawrence
Next by Thread:  RE: [Asrg] Washington Post: Earthlink to Deploy a Challenge-Response System for, Eric Dean
Indexes:  [Date] [Thread] [Top] [All Lists]