On Wed, Sep 19, 2007 at 12:08:38PM -0400, Keith Moore wrote: > Paul Vixie wrote: > > yes, but do you think that was because that ietf was powerless to > > stop [NAT], or because that ietf was willing to let consenting > > adults try out new ideas? i was there, and from what i saw, it was > > the former. > > > IETF has very little power, if you can call it that. IETF can try to > suggest good ways of doing things quickly enough that the good ways get > adopted before bad ways do, or it can recommend against bad ways of > doing things. The former is much more effective. It pretty much failed > to do either in the case of NAT. I remember a lot of concern being > expressed, but a strong reluctance to make any statement - perhaps due > to lack of consensus about how bad NATs were and what, if anything, > could be proposed as a better way. FWIW, I think NAT would have happened, IETF or no. There were people who needed a solution, and had the money to pay for it, and there were people who could provide the solution, and were willing to do the work. It raises the question of whether there are circumstances where it's reasonable to bend the end-to-end principle, such as when there is a large "user" community that wants inexpensive Internet access (but is willing to live without IP access). > > the underlying problem was that people in the field didn't want universality > > among endpoints, either for security or policy reasons, and people in that > > ietf wanted universality among endpoints -- a single addressing system and > > a single connectivity realm. that ietf said, you don't really want that, you > > should use the internet as it was intended, and solve the problems you're > > having in some way that preserves universality of endpoints. the field said, > > you are completely out of your minds, we're going to ignore ietf now. then > > later on, ietf said, if you're going to do it, then we ought to help you with > > some standards support. > > > That's not quite how I remember it from my POV. Some people were very > concerned about ambiguous addressing. I don't think universal > connectivity was as big a concern - it's not like IETF people expected > everyone to run open networks. But mostly there was a lot of unease > and uncertainty about NATs. Very little analysis was done. And I don't > think that NAPTs were initially seen as the normal case. I remember such arguments. I also remember an argument that NATs were being marketed as security devices, when in fact they did not provide the actual level of security implied. RFC 3724 bears this out. > > which is why i'm proposing a standard of "demonstrable immediate harm" rather > > than the current system of "that's not how you should do it" or "that's not > > how i would do it". > > > That's the wrong standard, it sets the bar way too low. IETF shouldn't > endorse anything unless it has justification to believe it is good; IETF > should not discourage anything unless it has justification to believe it > is bad. And that justification should come from engineering analysis > (or measurement, if it's feasible). Sadly, a lot of people in IETF do > not have engineering backgrounds and don't understand how to do such > analysis. This is something we need to change in our culture. Based on some recent experiences, this type of analysis is not as valued in the industry as it used to be. It's much more valued to be a crack programmer; someone who can rapidly deploy something that can be quickly brought to market. At least in the current economic climate, I don't think there is much that can be done to change this. Another issue is that the networking industry in general is losing people to other disciplines, such as gaming, virtualization, and Internet search, not to mention careers outside of the computer industry. --gregbo _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf