Re: [arch-d] centralization

Just to say that I completely support Eliot’s suggestions here and though I’ve been thinking about the same points, he has articulated them much better than I could.

I think this issue would attract more than interest and new people into the work which would be great. I, for one, am willing to do work and work collaboratively to put together meaningful outputs that reflect all sides of the debate.

Dominique

> On 14 Mar 2021, at 11:45, Eliot Lear <lear=40cisco.com@dmarc.ietf.org> wrote:
> 
> Hi Stephen,
> 
> I think that’s the wrong conclusion to draw, especially given events of the last year.  In fact, I myself missed some pretty important work that came out on this topic, which I believe ISOC actually advertised/sponsored[1].  IMHO there are limited aspects of concentration that the IETF can take on, but the IAB would be quite remiss to not engage  in this sort of activity, given the risks to the Internet.
> 
> What can the IAB do?  The problem here is that there is movable feast.  We can look through the prism and see cybersecurity risks, or we can see resiliency risks, and of course the two are related.
> 
> The board can bring relevant people together like, Geer, Jardine, Leverett, Radu and Hausding, along with software service providers to discuss how to mitigate the risks they described.
> Beginning with a workshop
> With a potential program or IRTF effort
> The board can articulate design recommendations for the IETF in terms of what can lead to more or less centralization.  As I mentioned, I think some of Martin’s work on middle boxes is interesting in this regard, but it’s not the only activity.  How does service orchestration and network management play into all of this?
> In coordination with ISOC, the board could discuss concerns with regulators where they see the need to do so.  This is intertwined, IMHO, with the evolving nature of lawful intercept, and probably needs to be handled with some circumspection.
> The board can engaged different internet user communities to discuss the risk and what sorts of mitigations should be undertaken.  Do you know that there are large classes of TCP/IP use that do not allow for DNS because of resiliency concerns?  Is that a physical law or a design failure?
> 
> There is no shortage of work to be done here.
> 
> Eliot
> 
> [1] https://www.tandfonline.com/toc/rcyb20/5/1?nav=tocList <https://www.tandfonline.com/toc/rcyb20/5/1?nav=tocList>
> 
>> On 12 Mar 2021, at 13:33, Stephen Farrell <stephen.farrell@cs.tcd.ie <mailto:stephen.farrell@cs.tcd.ie>> wrote:
>> 
>> 
>> Hiya,
>> 
>> On 12/03/2021 11:44, Hutchison, David wrote:
>>> Of course, I agree resilience is an important topic to pursue -- and
>>> like Toerless I was disappointed to see the previous "lukewarm"
>>> response ...
>> Yeah, me too. It was funny that we had a good discussion
>> on this list around the end of 2019 but then once we
>> started a new list [1] it totally died. My conclusion
>> was that indicated that people were interested in chatting
>> but not in doing actual work on this topic.
>> 
>> S.
>> 
>> [1] https://www.iab.org/mailman/listinfo/chirp <https://www.iab.org/mailman/listinfo/chirp>
>> <OpenPGP_0x5AB2FAF17B172BEA.asc>
> 
> _______________________________________________
> Architecture-discuss mailing list
> Architecture-discuss@ietf.org
> https://www.ietf.org/mailman/listinfo/architecture-discuss