ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: The Internet and the Law, the Economist, 13-19 January 2001

2001-01-16 20:50:02
from [Valdis . Kletnieks] [Permanent Link] 
On Tue, 16 Jan 2001 22:02:04 EST, Keith Moore said:

Well, in the dialup example given, his IP address would be constant
within a session, just not constant across sessions.


true.  and if the dialup host only had intermittent connectivity anyway,
having the DNS name dynamically bound to the IP address (when the host
is connected) is about as good as one can hope for.  


Exactly. Even in this day and age, 56k modems get reset for any
multitude of reasons.

And although it would be *nice* if I had a static IP and thus my
connections persisted across a PPP reset (which I've had before, and
it *is* nice), it's in general not a scalable answer for modem pools.
Our site already has 2 /16s, and at least a /21 dedicated just for
the modem pool - but we'd need another /16 if we gave everybody static IPs.

I don't mind TCP connections being broken because I'm only connected 3-4 hours
a day. I *do* mind being unable to open a *new* connection easily just
because I have no idea what the DNS thinks I am *this* time.  It's a slow
week - I've only had 11 hostnames in the last 7 days ;)

Of course, the problem isn't always the modem pool, or a host name ;)

Although sometimes the long-term binding you are worried about is for
a MAC address, or an IP address, or a hostname, in some cases what
you're *really* concerned about is being able to tie a *person* to
a transient network event...

An area we're currently struggling with is managing itinerant laptops.
We've got one building that's very heavily wired (3000+ publicly accessible
ports), and what we've done is made people register their Ethernet MAC
addresses, and the DHCP server won't talk to you unless you're registered.
There's also some ugliness telling the ethernet switches to not pass packets
for a non-DHCP blessed address, so people don't invent their own...
It's not perfect, but barring some really creative MAC spoofing games,
we can usually tie a network connection back to a person.

I won't discuss the running guerilla warfare between our campus CIRT
and the library management regarding authentication issues - as
both sides are totally right, in their own way.  Us on the CIRT want
to be able to tie back from a seat to a person, and that is, of course
the *LAST* thing the library staff wants... ;)

Having re-read the last 2 paragraphs, it's unclear whether I've just
gotten more off-topic, or am returning to it again... ;)


(OTOH, for hosts with stable connectivity I'd argue that dynamic DNS
isn't nearly good enough.  but that's not what VK was talking about.)


Nope, it wasn't... ;)

/Valdis
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: The Internet and the Law, the Economist, 13-19 January 2001, Keith Moore
Next by Date:  Re: The Internet and the Law, the Economist, 13-19 January 2001, Keith Moore
Previous by Thread:  Re: The Internet and the Law, the Economist, 13-19 January 2001, Keith Moore
Next by Thread:  Re: The Internet and the Law, the Economist, 13-19 January 2001, Keith Moore
Indexes:  [Date] [Thread] [Top] [All Lists]