RE: Port numbers and IPv6(was: I-D ACTION:draft-klensin-iana-reg-policy-00.txt)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Phil,

 > layered defenses are a good notion, but mostly when the layers are
 under the same administrative control. all too often people forget
 that relying on the security provided by someone else is a risky
 proposition, as in your example of ISPs providing ingress filtering.

I would restate your assertion:

It is a bad idea to rely on another party that cannot be held
accountable to you.

We all rely on other parties, the Internet is an example of extended
interdependency. The critical issue is accountability.

So in the question of ingress filtering what I am looking at is
mechanisms to create accountability.

the Internet is composed of Autonomous Systems, and they take the first word of the name very seriously. I suspect ISP accountability in China, for example, may be as successful as copyright enforcement in that region.

 > If it weren't a good analogy I don't think I would have received so
 many private responses congratulating me for it :-)

This forum is very much wedded to a security architecture based on a
particular set of academic theories. It is no surprise that you find
support here, any more than the original pontifex maximus would no doubt
receive congratulations on his correct determinationof the auspices from
the entrails of a goat.

I'm more a fan of goat cheese than entrails, but to each his own.

Maybe we would all be happier if you decided to not waste your time arguing with the folks in "this forum," since we are so out of touch and irrelevant to the future of network security, at least as defined by the practitioners who appear to emphasize the appearance of security over security per se.

Steve


_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]