First step would be to try to understand the business issues that cause people to avoid deployment.
If we are going to get anywhere we have to recognize that these issues are not only in IETF scope, they are the most important issues for the IETF to consider if the IETF is going to have the real-world relevance that we all hope for.
We have to face the fact that deployment of new protocols has often been a failure and that changes to deployed protocols have failed with even greater frequency.
-----Original Message-----
From: saag-bounces at ietf.org on behalf of Peter Gutmann
Sent: Tue 3/3/2009 10:46 AM
To: ekr at networkresonance.com; Nicolas.Williams at sun.com
Cc: mouse at Rodents-Montreal.ORG; saag at ietf.org
Subject: Re: [saag] SHA-1 to SHA-n transition
Eric Rescorla <ekr at networkresonance.com> writes:
>"We must do something. This is something. We must do this."
So you've got the choice between the Polician's Fallacy (the above) and
psychosis ("PKI has been failing for 30 years [0], let's try more of it in the
hope that it suddenly works this time").
I think we need psychiatrists for this more than we need security geeks.
(I don't know the answer either, but admitting you have a problem with your
current approach is always the first step to recovery).
Peter.
[0] Or 20 years if you measure your epoch from X.509 rather than Kohnfelder.
_______________________________________________
saag mailing list
saag at ietf.org
https://www.ietf.org/mailman/listinfo/saag
Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.