ietf
[Top] [All Lists]

RE: WG Review: Recharter of Hypertext Transfer Protocol Bis (httpbis)

2012-02-23 12:02:46
I've got the last 2 decades of experience trying to deal with security on the 
network.

95% is dealing with the peculiarities of the "bolt-on"  after-thoughts.

I would much prefer seeing security  designed-in, with the flexibility to deal 
with
the future...

________________________________________
From: ietf-bounces(_at_)ietf(_dot_)org [ietf-bounces(_at_)ietf(_dot_)org] On 
Behalf Of RJ Atkinson [rja(_dot_)lists(_at_)gmail(_dot_)com]
Sent: Thursday, February 23, 2012 8:59 AM
To: ietf(_at_)ietf(_dot_)org
Subject: Re: WG Review: Recharter of Hypertext Transfer Protocol Bis (httpbis)

On 23  Feb 2012, at 11:13 , Julian Reschke wrote:
On 2012-02-22 18:01, RJ Atkinson wrote:
Security that works well and is practical to implement
needs to be designed-in, not bolted-on later.

I would say: security needs to be orthogonal.

There are at least 2 decades of experience that
security has to be design-in, rather than bolted-on,
for it to work well -- and for it to be practical
to implement.

I hear that you don't agree, but the IETF experience
on this specific point really is quite clear.  Add-on
security doesn't work.

Yours,

Ran

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf

<Prev in Thread] Current Thread [Next in Thread>