Firewall Wizards mailing list archives
RE: A fun smackdown...
From: "Jeremiah Cornelius" <jeremiah () nur net>
Date: Fri, 20 May 2005 22:23:26 -0700
Another perfect example of a bunch of egg-heads in the IETF coming up with a mechanism for doing something that completely ignored existing implementations of security systems - and breaks as a result. The PMTU discovery mechanism, using ICMP, was moronic design from the get-go.
You're absolutely right, Marcus. But gosh! We are more curmudgeonly than usual. You remember as well as anyone here, how very different the 'climate' around purposes and uses of ARPA network technologies were. Culture is as important as technology in the development of truly large scale networks. The culture that produced the Internet valued communication as a higher priority than security. We can debate if this was a realistic set of values, but we can't fault it entirely. If the Internet had been formed in a security culture, there would be no popular Internet as we have known it from the mid-nineties onward. You _may_ regard that as a good thing. ;-) Cultures change less readily than technologies. It isn't realistic to hold the participants of the RFC process to a cultural standard other than that which produced the Internet to begin with. In the OSI-befuddled reasoning of the Internet age, it is one cultural signifier that the burden of security is moved to another layer in the stack than the one on which you are myopically focused. It _is_ true, that the culture did not correctly anticipate and adapt to circumstance, that it was flawed and was badly adapted to other circumstances than the University-oriented worlds which spawned it. Iroquois culture didn't do too well when thrust into the age of gunpowder and private real property, either. So, add a Morris Worm and a Cuckoo's Egg (and a DEC firewall!) to the soup... We know how we got here. We can get out of the mess with good practice. Without that, no amount of good technology can save us - a point you have made yourself, many times. -- Jeremiah Cornelius _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: A fun smackdown..., (continued)
- Re: A fun smackdown... Devdas Bhagat (May 20)
- Re: A fun smackdown... Carson Gaspar (May 20)
- Re: A fun smackdown... Marcus J. Ranum (May 20)
- RE: A fun smackdown... lordchariot (May 21)
- Re: A fun smackdown... Devdas Bhagat (May 19)
- Re: A fun smackdown... Martin (May 20)
- RE: A fun smackdown... FirewallAdmin (May 17)
- RE: A fun smackdown... Behm, Jeffrey L. (May 19)
- RE: A fun smackdown... Paul D. Robertson (May 19)
- RE: A fun smackdown... Behm, Jeffrey L. (May 20)
- RE: A fun smackdown... Jeremiah Cornelius (May 21)
- A fun smackdown... David Wagner (May 21)
- RE: A fun smackdown... Marcus J. Ranum (May 24)
- Re: A fun smackdown... Jean-Denis Gorin (May 25)