Re: [Curdle] Time to Review IANA SSH Registries Policies?

Phillip Hallam-Baker <> Mon, 08 February 2021 17:03 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 691FB3A12AF for <>; Mon, 8 Feb 2021 09:03:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.4
X-Spam-Status: No, score=-1.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id fJOBVKmLrTpt for <>; Mon, 8 Feb 2021 09:03:41 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 3ACC43A12B5 for <>; Mon, 8 Feb 2021 09:03:41 -0800 (PST)
Received: by with SMTP id e132so15258283ybh.8 for <>; Mon, 08 Feb 2021 09:03:41 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=jVqJV8S0wXcGUVyCo8J+UKepOZ2WsQGEkj4jriPXShA=; b=PUt0Asv/KWo6z8T953Iqts8pLOi3cT/2dTy4gv/weq0qparFu6w6dHeB1h5f44zoud vSOZ+WH+uloyEV/8qnToMdMxvpgMHMrlAWhlrYRilIuzxZ1VuB9NnPdpX01HqlBgvfLP LTlEpyAVCVToOpXfhKtUNxuHyMC7/d9fD1qSm1rFDUvChS165Imd5TfWRS89Nlx/ETs9 ZkjsBP4CPwdoAsF+itA6uv+flAkP//OSmLOTcaqhTQkAW1I/MOA959SvtaOPwnrwAEjA XNraUc2XVXLirCw7z3lSsmjsArPQIwv+vezfWM3Y5RStd1oMQ3gCjqPvrQHy3McIYnbe 02Gg==
X-Gm-Message-State: AOAM533a5kI1YRhzLoBfzUu7JVm4xS+jYGH0bVvFOveze+11fVbPDR/w ZnvWtZk9ZZ3MOT2Iqe8E5eYqmG3vF0DwYEmJcNdhKItLv27C3Q==
X-Google-Smtp-Source: ABdhPJyVOd5yG58sFT818QIHXokZh6/OcgnCWG2u20KU3k7L7Da78/RjxglgS9atzKQvkS8i+VTFf++unfum7X4iHCg=
X-Received: by 2002:a5b:444:: with SMTP id s4mr27322172ybp.172.1612803820220; Mon, 08 Feb 2021 09:03:40 -0800 (PST)
MIME-Version: 1.0
References: <> <> <> <> <> <>
In-Reply-To: <>
From: Phillip Hallam-Baker <>
Date: Mon, 8 Feb 2021 12:03:29 -0500
Message-ID: <>
To: denis bider <>
Cc: Peter Gutmann <>, Curdle List <>, Sean Turner <>, "Salz, Rich" <>
Content-Type: multipart/alternative; boundary="000000000000cbf68905bad62625"
Archived-At: <>
Subject: Re: [Curdle] Time to Review IANA SSH Registries Policies?
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of potential new security area wg." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 08 Feb 2021 17:03:43 -0000

I don't think it is malice. I think it is more a reluctance to take actions
that may have unknown consequences.

And of course, anyone paying attention to what the Internet was designed to
do from the very start should realize that the consequences we worry about
at the protocol level are ridiculously trivial compared to the social

The Arab Spring was not an unforeseen consequence, or at least not in form.
I was talking to people setting up Web servers in Sarajevo during the siege
back in 1993.

Of course every major advance in human history has come in the wake of a
major change in communications technology: Guttenberg, paper from wood
pulp, telegraph, telephone, radio, television. But take a deeper look at
what happened and it might surprise you.

Guttenberg's press allowed information to flow freely, Aldud Maneutius
invented the codex book that would fit in a saddlebag. And now Thomas Moore
could read every book just like I once read every page on the Web. And
the man who knew everything still knew nothing because the vast majority of
the content of every book in print was nonsense.

It took 200 years to invent science and start to differentiate actual
knowledge from the nonsense. When are we going to do that for the Web?

Worrying that it might be premature to allocate a .Well-known port... seems
kinda trivial.

On Mon, Feb 8, 2021 at 11:47 AM denis bider <>

> :D
> Well argued.
> The thing with a person or group getting out of the way is that this
> vacates the opportunity for being in the way. The opportunity continues to
> exist and becomes open to the next person.
> This is generally the problem with power. Things work better with
> coordination. We're therefore willing to pay a substantial cost to
> coordinate. The role of the coordinator is a form of power. This power
> works best if the coordinator coordinates, and otherwise gets out of the
> way. But to use power in restrained ways is to serve, and to serve is a
> burden. Therefore, the people who apply for such positions are (1)
> reluctant volunteers who would serve, and (2) folks who see it as an
> opportunity to "lead" and "govern".
> Reluctant volunteers will gladly step away in favor of those who have more
> enthusiasm, and those who have more enthusiasm are the ones who would
> "lead" and "govern". And that's how we simultaneously want and need
> coordination, but somehow it always devolves into some kind of tyranny.
> Speaking very generally, the IETF is just a microcosm and a special case.
> On Sun, Feb 7, 2021 at 9:41 PM Phillip Hallam-Baker <>
> wrote:
>> +1
>> Registration processes can very easily turn into ring kissing
>> requirements. And especially so when the authority is a voluntary
>> organization.
>> Lots of people get really, really excited at the idea that they are
>> adding value by preventing work that might lead to vague, consequences that
>> they can't quite put their finger on.
>> And then when people go through the process and end up waiting six months
>> for those people to make up their minds, well we are a
>> voluntary organization so people should thank us for the very important
>> work we do.
>> I have a rather different view. I think that when someone puts themselves
>> in the way of someone else's critical path, they are making a commitment to
>> deal with the issue expeditiously and if that isn't possible, the answer is
>> to not make things critical path.
>> Given the number of times we have people pointing out the IESG are
>> overworked, we should look to get out of the way as much as possible, not
>> stand athwart the tides of history yelling stop.
>> On Thu, Feb 4, 2021 at 6:44 PM Peter Gutmann <>
>> wrote:
>>> Phillip Hallam-Baker <> writes:
>>> >Restrictive registration requirements contradict the principle of
>>> >'permissionless innovation'. If the IETF is the place you go to get
>>> >permission to innovate, we are doing it wrong.
>>> +1.  To give a real-world experience of "expert review", when I tried to
>>> go
>>> through the process on $unnamed-wg there was an experts group that you
>>> couldn't contact who had a non-public mailing list where decisions were
>>> made
>>> in secret, but that didn't matter since there was no way to contact them.
>>> Eventually it got sorted out by one or two people involved in the process
>>> going out of their way to help, but when done as it should have been the
>>> process was more reminiscent of Kafka than the IETF.
>>> Peter.
>>> _______________________________________________
>> Curdle mailing list