RE: Port numbers and IPv6(was: I-D ACTION:draft-klensin-iana-reg-policy-00.txt)

To: "Hallam-Baker, Phillip" <pbaker at verisign.com>
Subject: RE: Port numbers and IPv6(was: I-D ACTION:draft-klensin-iana-reg-policy-00.txt)
From: Stephen Kent <kent at bbn.com>
Date: Wed, 20 Jul 2005 12:04:05 -0400
Cc: Keith Moore <moore at cs.utk.edu>, John Kristoff <jtk at northwestern.edu>, ietf at ietf.org
In-reply-to: <198A730C2044DE4A96749D13E167AD37250416@MOU1WNEXMB04.vcorp.ad.vrsn.com>
List-help: <mailto:ietf-request@ietf.org?subject=help>
List-id: IETF-Discussion <ietf.ietf.org>
List-post: <mailto:ietf@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
References: <198A730C2044DE4A96749D13E167AD37250416@MOU1WNEXMB04.vcorp.ad.vrsn.com>
Sender: ietf-bounces at ietf.org

Phil,

> layered defenses are a good notion, but mostly when the layers are

 under the same administrative control. all too often people forget
 that relying on the security provided by someone else is a risky
 proposition, as in your example of ISPs providing ingress filtering.


I would restate your assertion:

It is a bad idea to rely on another party that cannot be held
accountable to you.

We all rely on other parties, the Internet is an example of extended
interdependency. The critical issue is accountability.

So in the question of ingress filtering what I am looking at is
mechanisms to create accountability.

the Internet is composed of Autonomous Systems, and they take the first word of the name very seriously. I suspect ISP accountability in China, for example, may be as successful as copyright enforcement in that region.

> If it weren't a good analogy I don't think I would have received so

many private responses congratulating me for it :-)


This forum is very much wedded to a security architecture based on a
particular set of academic theories. It is no surprise that you find
support here, any more than the original pontifex maximus would no doubt
receive congratulations on his correct determinationof the auspices from
the entrails of a goat.


I'm more a fan of goat cheese than entrails, but to each his own.

Maybe we would all be happier if you decided to not waste your time arguing with the folks in "this forum," since we are so out of touch and irrelevant to the future of network security, at least as defined by the practitioners who appear to emphasize the appearance of security over security per se.

Steve


_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf

References:
- RE: Port numbers and IPv6(was: I-D ACTION:draft-klensin-iana-reg-policy-00.txt)
  - From: Hallam-Baker, Phillip

Prev by Date: RE: Port numbers and IPv6(was: I-D ACTION:draft-klensin-iana-reg-policy-00.txt)
Next by Date: Re: SRV continued
Previous by thread: RE: Port numbers and IPv6(was: I-D ACTION:draft-klensin-iana-reg-policy-00.txt)
Next by thread: RE: Port numbers and IPv6(was: I-D ACTION:draft-klensin-iana-reg-policy-00.txt)
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.

RE: Port numbers and IPv6(was: I-D ACTION:draft-klensin-iana-reg-policy-00.txt)

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.