North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: If you have nothing to hide
- From: Sean Donelan
- Date: Tue Aug 06 22:50:24 2002
On Sun, 4 Aug 2002, Dave Crocker wrote:
> However the list of questions you asked, in the note I was responding to,
> looked like technical choices. My assumption was that the "policy" issue
> was in choosing between technologies.
That's actually part of the problem. What happens when you put a bunch of
technical people in a room and ask them to solve a problem? You get
technical solutions without consideration of what the policy should be.
In this case I think we've got the technical version of Mr. Smith Goes to
Washington. Technical people who mean well, but don't understand the
rules are different inside the washington beltway. I put myself in the
Mr. Clarke and crew are coming up with a national policy. Technical
folks gave lots of technical suggestions. A firewall is a technical
tool, but a firewall may not be a good policy. If firewalls were the
answer to a national security policy, China would have one of the most
secure networks in the world.
> I consider the IETF Best Current Practises label as intended specifically
> for guidance in operations matters. Hence the suggestion to consider it.
IETF BCPs are great guidance for operational matters, they are a lousy
basis for regulations or enforcement. Whether you are writing a new
TCP/IP stack, or a contract with a vendor, just referencing the RFCs isn't
sufficient to get a working system. This is a good thing. OSI tried to
cover everything so there is no doubt products from different vendors
would work together. IETF just tries to cover enough, and leaves the
rest up to interoperability "goodwill" between implementors. But when
that goodwill is missing, the IETF and BCPs run into problems.
> In between pure tech specs and abstract policy discussion there is
> technically based consideration of tradeoffs, etc., for technical
> alternatives. That's not something to leave to purely policy folk and my
> sense is that the IETF venue can work for such discussion.
Maybe, but IETF has slowly been moving away from anything that doesn't
involve running code, bits and photons for a few years. There also seems
to be fewer network operators and more vendors at IETF.