Re: [arch-d] Centralization or diversity

[tony.li@tony.li]

> Yes, i was thinking of ISO PICS. But i lost track of those ISO standards
> since the 90th. I guess i would have to see a successfull and still
> currently used standard and how its PICS do or do not help. Just
> not alot of those ISO specs left in wide deployments, right.
> X.500 ? Maybe i can get more insight from the security community.


You need not go that far.  Remember IS-IS?  Still thriving.  

And yes, my experience with PICs and test suites comes from that.


>> What it does do is to encourage people to write ???conformance test suites???.  These then get sold to unsuspecting customers and end-users.  Unfortunately, the quality of such suites is so low that you spend way, way, way more time debugging the test suite and you never find bugs in your implementation.
> 
> This is just the worst possible outcome, and i am sure one can learn
> from those bad experiences. Just think of taking a more organized
> step towards being able to collect protocol implementation information
> from the industry. Right now every WG who wants to raise the level of
> an IETF protocol, e.g.: to(wards) full standard is coming up with a
> questionaire in an ad-hoc fashion (we're just doing this in Multicast
> for IGMP/MLD). 


You can do that if you like, but the one proven, effective method is interoperability testing.

Running code trumps questionaires, conformance test suites, theory, and mandate.


> My point was: If the only murphy you have is competitive pressure, it works not
> it there is only limited competition, such as a total of maybe no
> more than 3 competing national infrastructures. 


And countries that stifle competition inflict vendor lock on themselves.


> See above. The best i think we (IETF) can do is to educate better about
> this by appropriate documents. Certainly some additional protocol work
> will result from that. I for once had simple slides 10 years ago how to fixup
> non-dual plane networks to be dual-plane. And maybe we can come up with
> questionaires to get better numbers from actual deployments (the
> PICS discussion).


The IETF’s job is not education. It does not work as the education is not requested
and not welcome. The IETF’s job is standards and it needs to focus on that.


> Figuring out ideas for a complete ecosystem of monetization and
> deployment between competition and regulation is better left for
> an ongoing bar-bof with emphasis on bar.


I concur. Let’s stop fooling ourselves into thinking that anything that the IAB/IETF writes has any impact
on regulation or economics.


> Actually one of the interesting conclusions was that dual-plane in
> many cases is really free but deployments often just don't fully
> utilize it.


I’d agree that it’s close to free.  If you accept that you need a dual-plane approach for resiliency, then
adding a second vendor to the mix is relatively easy. There’s additional cost because of decreased 
purchasing volume. There’s additional costs in management and operations.

However, as compared to the costs of an unnecessary outage, it’s still trivial.

Tony