IP Security......

Mike O'Dell <mo@uunet.uu.net> Wed, 15 March 1995 14:25 UTC

Received: from ietf.nri.reston.va.us by IETF.CNRI.Reston.VA.US id aa02536; 15 Mar 95 9:25 EST
Received: from CNRI.Reston.VA.US by IETF.CNRI.Reston.VA.US id aa02532; 15 Mar 95 9:25 EST
Received: from ietf.cnri.reston.va.us by CNRI.Reston.VA.US id aa05625; 15 Mar 95 9:25 EST
Received: from ietf.nri.reston.va.us by IETF.CNRI.Reston.VA.US id aa02525; 15 Mar 95 9:25 EST
Received: from CNRI.Reston.VA.US by IETF.CNRI.Reston.VA.US id aa02520; 15 Mar 95 9:25 EST
Received: from rodan.UU.NET by CNRI.Reston.VA.US id aa05620; 15 Mar 95 9:25 EST
Received: by rodan.UU.NET id QQyhef01891; Wed, 15 Mar 1995 09:26:02 -0500
Date: Wed, 15 Mar 1995 09:26:02 -0500
X-Orig-Sender: iesg-request@IETF.CNRI.Reston.VA.US
Sender: ietf-archive-request@IETF.CNRI.Reston.VA.US
From: Mike O'Dell <mo@uunet.uu.net>
Message-Id: <QQyhef01891.199503151426@rodan.UU.NET>
To: sob@harvard.edu
Subject: IP Security......
Cc: iesg@CNRI.Reston.VA.US

Well, I'm in a cranky mood this morning reflecting on the
general state of affairs, and though I'd vent some of the
dark thoughts clouding my vision this morning......

feel free to counter-vent, or show me how it's all just a
case of transient blood sugar-induced gloom.....

I predict that Netscape's Secure Socket Layer will soon
become a defacto standard for secure TCP streams, the "real"
IPSEC not withstanding.  IPv6SEC will have a place and will
eventually worm its way into things, but long before that
SSL weill be wired into everything from web browsers to 
telnet implementations, and people will be arguing
"Look, it's already everywhere - just use it and get on
with whatever else you're worried about."

once again, the marketplace will outstrip the ability of the
"standards makers" to move on something.  Just like TCP/IP triumphed
by delivering real large-scale interoperability while OSI was
still debating specs, the same thing will happen again, with 
SSL, and with Radius (I'll not mention RPC out of politeness
and deference for the irrelevant).

Maybe the whole problem is the notion of "doing standards" in 
the first place.  Maybe the entire concept is bankrupt.
If secretly you believe, as I do,

	"The only real standards are determined by marketshare."

then unless the WG-level interactions happen early enough in the
evolutionary cycle to actually influence the engineering *before*
large-scale deployment then the best the WG can hope to achieve is
documenting the existing engineering practice.  If they get *very*
lucky, they might be able to fine-tune things so that the next rev of
the work incorporates some collective thinking, but I view that as
generally a long-shot.

Look around the IETF meeting and ask yourself how many groups are
actually in the throws of doing Real Engineering, how many are
documenting the aftermath of Real Engineering, and how many are wishing
they were relevant to something important?????

This is a brutal evaluation, but if we are to keep from absolutely
guaranteeing that the IETF devolves into book-keepers and
process-doers, then we need to think hard about what part of this we do
at the IETF, and what part gets done at the ISPF -

	the Internet Standards Processing Facility.

Sorry if this sounds like I've had one too many donuts this morning,
but now you know why I sometimes sign my mail

	-Mike O'Dell
	 Resident Crank