ietf
[Top] [All Lists]

Re: Why People Should NOT Depend on "Root Servers"

2002-08-14 20:52:52
Donald - don't bother arguing this with me. You have a very old-school idea
of the IETF and its pointless for me to point out where we differ in our
opinions or where I believe you are wrong. But that's OK. The IETF like the
rest of the first pass ideas that didn't really work in the longer term will
get morphed into more stable and structured  environments

Todd

----- Original Message -----
From: "Donald Eastlake 3rd" <dee3(_at_)torque(_dot_)pothole(_dot_)com>
To: "todd glassey" <todd(_dot_)glassey(_at_)worldnet(_dot_)att(_dot_)net>
Cc: "'The IETF'" <ietf(_at_)ietf(_dot_)org>
Sent: Wednesday, August 14, 2002 8:08 PM
Subject: Re: Why People Should NOT Depend on "Root Servers"


On Tue, 13 Aug 2002, todd glassey wrote:

Date: Tue, 13 Aug 2002 08:16:19 -0700
From: todd glassey <todd(_dot_)glassey(_at_)worldnet(_dot_)att(_dot_)net>
To: 'The IETF' <ietf(_at_)ietf(_dot_)org>, 
chandley(_at_)ntia(_dot_)doc(_dot_)gov,
nvictory(_at_)ntia(_dot_)doc(_dot_)gov,
     censslin(_at_)ntia(_dot_)doc(_dot_)gov, DEvans(_at_)doc(_dot_)gov
Cc: atlarge-discuss(_at_)lists(_dot_)fitug(_dot_)de
Subject: Re: Why People Should NOT Depend on "Root Servers"

Folks -
Paul Vixie is dead on here but the real problem is not DNS, but rather
the
routing protocols that allow this type of address forgery to be
propagated.
This is the subtle difference here and the biggest criminal here is that
even with a forged DNS service, the real issue is still Cisco and its
brethren for forcing the propagation of routing standards that are
insecurable and indefensible - the other bad-guy here is the IETF for
not
being more in control or forcing issues of security to be ingrained into
their protocols that they have or are in the process of making as
standards.

You do not understand how the IETF works. It is a voluntary organization
producing voluntary standards.  IETF has no authority over Cisco. As far
as IETF protocols go, as far as I can tell, the IESG is ratcheting up
the level of security in new protocols about as fast as IETF rough
consensus will allow.

This is one of the greatest instances proving that the ICANN and the
IETF
themselves with their current management and format, are incompetetent
to
build or enforce standards.

I'm not going to say anything about ICANN but you do not understand how
the IETF works. As an organization producing voluntary standards, it has
no power to "enforce standards", never has, and as far as I can tell,
wisely does not want such power.

                         If they had done their job properly and allowed
external input or review of their efforts, then this never would have
happened.

I'm not going to say saything about ICANN but you do not understand how
the IETF works. It is an open organization without defined membership.
As such, who would be "external" to the IETF that is not being allowed
to give "input" (other than one or two abusive individuals)? Since all
drafts and mailing lists are publicly readable, who is it who is not
being allowed to "review" IETF work?

Just my personal 2 cents here.
Todd Glassey

I wish you would finally get around to deciding that the IETF is
hopeless so you would devote your efforts to other standards
organizations that you would find more competant.

Donald