Re: IAB concerns against permanent deployment of edge-based filtering

[bmanning () karoshi com]

> On 18 okt 2003, at 23.28, bmanning () karoshi com wrote:
> >     and if they are useful to the folks on my network, the ports
> >     will be opened up.
>
> This is where we are disagreeing.
>
> Remember:
>
> - The Robustness Principle: "Be conservative in what you do, be liberal 
> in what you accept from others." [Jon Postel, RFC 793]
> - The Principle Of Least Astonishment: A program should always respond 
> in the way that is least likely to astonish the user. [Traditional, 
> original source unknown]

        yup. remember those.

> Because of this, if not the overall explicit stated (by IETF) goal is 
> that filtering should NOT happen, it will happen.

        its happend for years and is implicitly allowed.

> Yes, it is an ISP, regardless of transit or edge, which is responsible 
> for their network. 

        thank you.


> It is my belief that statements like this from the IAB will help, as 
> ISP's and customers of ISP's both can see what the IAB think the goal 
> of operations is. Customers can say "hey, IAB says this, why don't you 
> run your network that way". The ISP can then explain (and in some cases 
> it of course makes sense what the ISP say).

        Such a statement from the IAB might be construed improperly,
        in much the same way as you claim RFCs are "improperly" 
        interpreted by various and sundry ISP/commercial folks.

        If I get a customer who says "hey, IAB says this, why don't you
        run your network that way" and my response will be someing along
        the lines "vendors bugs e.g. the cisco IOS attacks via chargen, daytime
        et.al. or Microsoft RCP weaknesses - FIRST/CERT/SANS recommendations 
        to mitigate DDOS.  We can have a working, productive network or we
        can have an IAB compliant network."  Now its not the IAB's fault
        that implementations make local optimizations or overlook coding
        weaknesses. The IAB should provide a sound architectural framwork
        and direct the IESG/IETF to advance robust, well defined protocols
        done the standards track (they should also encourage publication and
        development of novel ideas, via experimental/informational RFCs, but
        that is another topic).  However, in the absence of the network police,
        (you know, the interoperability squad) it is impossible for me to
        put a whole lot of credence on the IAB telling me that it would be 
        best if I would ensure that filters are only transitory.  Thats nearly
        the same a telling me that being healthy is good.  That said, no filters
        are permenant, some just last longer than others, depending on when
        problems are fixed.

        Cast in a different light, let me ask you this, is it better to ship
        products with "security" turned off or turned on?  

>       paf