The Y2K issue was almost certainly overblown, but it is important to understand
the reasons as they do not apply in the IPv4 case.
The reason Y2K gained so much attention was that there was almost perfect
alignment between the party able to fix the problem and the party able to cause
the fix to be implemented.
The issue began as many companies recognised that if they did not spend money
to avert the Y2K problem that they would be the ones to suffer the loss.
If this was the only dynamic Y2K would have received more or less the attention
it deserved. Instead the problem was compounded by a couple of additional
factors.
The first was the Y2K vampire who consultant-like turned every victim into a
new source of infection. The first thing a Y2K vampire would do on claiming a
new victim was to send out letters to every supplier demanding to know if their
systems have passed a Y2K audit. Thus the poison spread at exponential speed.
Knowing that your company stands to lose $1 million if there is a Y2k issue
might cause you to spend $750k to avoid it. Having your hundred or so customers
demand to know if you are Y2K compliant puts your entire company revenues at
risk.
The second part to the dynamic was that all contrarian voices (including my
own) were suppressed. The only Y2K stories that could be printed in advance
described the impending catastrophe. Folk like myself who were skeptical were
not going to be covered - even when we were pointing out blatantly obvious
points such as the fact that we should not be overly concerned about the threat
of Y2k in third world countries where the power, telephone etc infrastructure
are unreliable in any case and one particular outage is not an issue.
The only Y2K issue I am aware of is one that was paradoxically caused by a Y2K
concern. One of the oldest X.509 roots expired on Dec 31 1999. The date had
been chosen precisely because of Y2K concerns, the fix to the specification had
not yet been ratified as a standard. At the time the root was created nobody
had anticipated that the level of Y2K paranoia would make that date a bad
choice of day for a cert to expire.
So how does this all relate to IPv4/6? It does not. The problem with the IPv6
transition is that the cost and benefit are completely out of phase. The cost
falls on those who have IPv4 addresses, the benefits acrue only to those who do
not. If you have an IPv4 address the fact that others do not is not going to
make a huge difference to the benefit you get from the network.
Metcalf's law is overstated, the value of a network to an individual user is at
best proportional to its size. In practice the Blockbuster effect means that
there are diminishing returns. A network of four billion plus one users is
worth more or less the same to me as a user as a network of four billion. The
fact that there could be one more user is not something that would greatly
encourage me to upgrade my kit. At best the value of the network to existing
users is going to be the log of the number of users.
Looking back at my personal use of networks I can certainly agree that the
number of users increases the value. I have seen the Web grow from 100 users to
a billion. The value has not increased at anything like the same rate. The Web
is certainly more useful today than in 2000 or 1995 or 1992 but the increase in
value has been linear, not exponential. The Web does not help me to find ten
million times more useful information today than it did in 1992.
So the idea that we can rely on the Internet haves to invest money to benefit
the Internet have-nots on the scale necessary is unfortunately misguided.
I do think that we can make the IPv6 transition work. I do not think that we
can just expect it to happen and for everything to turn out just right. Or that
merely convincing people that there is going to be a problem will result in a
solution.
We have to think like marketting people.
-----Original Message-----
From: Artur Hecker [mailto:hecker(_at_)wave-storm(_dot_)com]
Sent: Thursday, October 04, 2007 2:20 PM
To: IETF Discussion
Subject: Re: IPv4 to IPv6 transition
Hi
On 4 Oct 2007, at 19:50, Keith Moore wrote:
http://www.apple.com/jp/downloads/dashboard/networking_security/
ipv420.h
tml
Each time I see one of these "days remaining before Armaggedon"
counters, I can't help but remember what happened on
January 1, 2000:
nothing.
yes, but that's because people heeded the warnings, and
prepared. if
the same thing happens wrt IPv4 exhaustion, that will be fabulous.
No doubt - that nicely paid off our profession so we should
not complain :-)
However, that's an intriguing discussion because I almost as
often hear quite the contrary argument: indeed, given
billions of USD and EUR spent on that issue, one could
reasonably argue that the issue was overblown and ask to
which degree this statement is true and what would have
actually happened without all the pressure.
So far, I could not find anything really useful on that
(proofs?) but keep on hearing very opposite positions, but
it's maybe just me?
Does anybody have any established and sustained opinion on
that and could provide verifiable if not objective data? How
many critical bugs were really found in typical systems? What
would have been the real impact? What could have happenned in
terms of impact (meaning:
it would definitely have happened, not the what-if analysis)?
Was the cost higher than the estimated risk?
thanks for any pointers
artur
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf