I don't *quite* go back 2 decades, but a big +1 to "all my experiences
with bolt-on security have been bad."
Doug
On 02/23/2012 10:00, Leif Sawyer wrote:
I've got the last 2 decades of experience trying to deal with security on the
network.
95% is dealing with the peculiarities of the "bolt-on" after-thoughts.
I would much prefer seeing security designed-in, with the flexibility to
deal with
the future...
________________________________________
From: ietf-bounces(_at_)ietf(_dot_)org [ietf-bounces(_at_)ietf(_dot_)org] On
Behalf Of RJ Atkinson [rja(_dot_)lists(_at_)gmail(_dot_)com]
Sent: Thursday, February 23, 2012 8:59 AM
To: ietf(_at_)ietf(_dot_)org
Subject: Re: WG Review: Recharter of Hypertext Transfer Protocol Bis (httpbis)
On 23 Feb 2012, at 11:13 , Julian Reschke wrote:
On 2012-02-22 18:01, RJ Atkinson wrote:
Security that works well and is practical to implement
needs to be designed-in, not bolted-on later.
I would say: security needs to be orthogonal.
There are at least 2 decades of experience that
security has to be design-in, rather than bolted-on,
for it to work well -- and for it to be practical
to implement.
I hear that you don't agree, but the IETF experience
on this specific point really is quite clear. Add-on
security doesn't work.
Yours,
Ran
--
It's always a long day; 86400 doesn't fit into a short.
Breadth of IT experience, and depth of knowledge in the DNS.
Yours for the right price. :) http://SupersetSolutions.com/
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf