I don't *quite* go back 2 decades, but a big +1 to "all my experiences with bolt-on security have been bad." Doug On 02/23/2012 10:00, Leif Sawyer wrote: > I've got the last 2 decades of experience trying to deal with security on the network. > > 95% is dealing with the peculiarities of the "bolt-on" after-thoughts. > > I would much prefer seeing security designed-in, with the flexibility to deal with > the future... > > ________________________________________ > From: ietf-bounces@xxxxxxxx [ietf-bounces@xxxxxxxx] On Behalf Of RJ Atkinson [rja.lists@xxxxxxxxx] > Sent: Thursday, February 23, 2012 8:59 AM > To: ietf@xxxxxxxx > Subject: Re: WG Review: Recharter of Hypertext Transfer Protocol Bis (httpbis) > > On 23 Feb 2012, at 11:13 , Julian Reschke wrote: >> On 2012-02-22 18:01, RJ Atkinson wrote: >>> Security that works well and is practical to implement >>> needs to be designed-in, not bolted-on later. >> >> I would say: security needs to be orthogonal. > > There are at least 2 decades of experience that > security has to be design-in, rather than bolted-on, > for it to work well -- and for it to be practical > to implement. > > I hear that you don't agree, but the IETF experience > on this specific point really is quite clear. Add-on > security doesn't work. > > Yours, > > Ran -- It's always a long day; 86400 doesn't fit into a short. Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf