On Tue, 18 May 2004, Iljitsch van Beijnum wrote:
On 17-mei-04, at 22:51, Dean Anderson wrote:
Moral: Just because you can operate something, and know _how_ to make
changes, doesn't mean you know what changes are safe or wise to make.
Hm, maybe we should get some of the people who wrote the most popular
DNS software to run some root servers?
Hmm. Good suggestion. But maybe first we should find some small group of
people that can write software that *complies* with DNS standards, (as
this tends to suggest that they understand the standards) and not go off
implementing rash, unnecessary, and gratuitous variations (ie BIND 9 AXFR,
IXFR non-compliance), and then try to have the protocol documents
gratuitously changed to make their implemenation conformant and make a
number of other implementations non-conformant, but only long after
they've released the non-compliant software into production and written
books describing their non-compliant software as though it were standards
compliant. Second, while Bind is the most popular nameserver, it has
spurred the most efforts at reimplementation. I can think of very few
other projects that so many people desperately need, but don't want to be
a part of. I was also part of the namedroppers list back in the late
80's/early 90's, and contributed Bind patches back then, but found it so
difficult to work with that I didn't want to bother for 10 years. Now, I
can't avoid it.
Also, that group (if we are thinking of the same group) of people didn't
actually _write_ the software, they are just maintaining it, and have made
some modifications to it, and have applied modifications made by others,
and have even made modifications to the protocol after discussing those
modifications with many others. But along the way they've added a great
deal of security vulnerabilities, too. It is not that I mean to say they
are stupid, but that their unilateral judgement can't be trusted.
So, how to tell the operators from the engineers, and how to tell the
engineers from the maintenance engineers. How to keep the bad judgements
of one person or a small group of people from affecting the whole world
internet?? Tough one, I admit. Could posing questions to a protocol list
at sensible junctures suffice? Say, junctures where proposed operational
modifications affecting the protocols are discussed and vetted first?
Nah. That's asking too much.
But seriously, their attitude of "they know better than others" is their
first (but not only) mistake.
So, I'm also just wondering, where was this operational change discussed
before it was implemented? Anywhere? Because the first I heard of it was
November '02.
--Dean
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf