On Wed, Nov 13, 2013 at 11:05 AM, Ted Lemon
<Ted(_dot_)Lemon(_at_)nominum(_dot_)com> wrote:
On Nov 13, 2013, at 10:49 AM, Ole Troan <otroan(_at_)employees(_dot_)org>
wrote:
is there a problem here, or should we just accept that sometimes the IETF
will generate ten sets of publications solving more or less the same
problem?
If I'd been area director earlier in the process I might have just shut
the working group when it became clear that the principals couldn't agree
on a proposal, and required that they come to agreement before a BoF would
be approved. But it's much too late in the process to do that now. And
I don't even know if that would have produced a better outcome.
I am not sure that would have worked. As with the S/MIME vs PGP standards
war there were ideological factions. Putting those two factions in a room
and requiring them to emerge with one standard would not have worked unless
there was a very skilled technical arbiter who could work with the two
sides and get them to identify the aspects that they considered essential
requirements. Phil Zimmerman has already walked out on the PEM fiasco he
had a user base and was not at all convinced that the S/MIME faction had
any technical contributions they could make.
Until relatively recently the majority of posters here would assert that I
was completely wrong about the need to embrace NAT boxes as part of the
solution rather than consider them to be a dangerous nuisance to be
eliminated at all costs. Part of the reason behind the profusion of
proposals is that many of the principals had rejected the only viable
architecture.
Forcing them to agree before having a BOF would not have worked because the
approaches were not compatible. The NOMCON scheme makes the system
dramatically worse as it makes achieving groupthink on the IAB and IESG a
goal. The people who were wrong about using NAT to transition to IPv6 the
longest were the people at the top of the IETF oligarchy. What would have
happened in that situation would be that the 'lets kill the NAT boxes'
faction would have won and either the IPv6 transition scheme would be
coming out of ETSI or W3C or not at all.
People can say what they like about the NSA, at least they listen to their
critics.
Getting back to PGP vs S/MIME, I think we have a once in a decade
opportunity to move past that deadlock due to the Snowden files. There is
also at least one documentary and a movie in the works so we have maybe 18
months to develop a scheme that combines both approaches.
The core of PGP is the peer trust model which is also its main limitation.
If I already know the recipient then PGP is the strongest way to get a
message to them because I do not need a trusted third party as an
introducer. The problem with PGP is that it really does not scale or
achieve 'viral' growth. Twenty years later the user groups are islands of a
few hundred or in rare cases a few thousand.
The S/MIME message formats don't offer any real technical advantages over
the PGP formats except that they are supported by the legacy infrastructure
to a far greater extent. Passing S/MIME unmolested is a requirement almost
every mail server has supported for a decade.
--
Website: http://hallambaker.com/