a healthy level of disbelief
"Daniel J. Bernstein" <brnstnd@kramden.acf.nyu.edu> Sun, 06 September 1992 22:07 UTC
Received: from NRI.NRI.Reston.Va.US by IETF.NRI.Reston.VA.US id aa06870; 6 Sep 92 18:07 EDT
Received: from ietf.NRI.Reston.Va.US by NRI.Reston.VA.US id aa29931; 6 Sep 92 18:09 EDT
Received: from ietf.nri.reston.va.us by IETF.NRI.Reston.VA.US id aa06863; 6 Sep 92 18:07 EDT
Received: from NRI.NRI.Reston.Va.US by IETF.NRI.Reston.VA.US id aa06845; 6 Sep 92 18:05 EDT
Received: from venera.isi.edu by NRI.Reston.VA.US id aa29921; 6 Sep 92 18:08 EDT
Received: from KRAMDEN.ACF.NYU.EDU by venera.isi.edu (5.65c/5.65+local-6) id <AA08899>; Sun, 6 Sep 1992 15:08:22 -0700
Received: from LOCALHOST by KRAMDEN.ACF.NYU.EDU (5.61/1.34) id AA05139; Sun, 6 Sep 92 22:08:09 GMT
Message-Id: <9209062208.AA05139@KRAMDEN.ACF.NYU.EDU>
To: ietf@isi.edu
Cc: brnstnd@nyu.edu
Subject: a healthy level of disbelief
Date: Sun, 06 Sep 1992 18:08:06 +0100
From: "Daniel J. Bernstein" <brnstnd@kramden.acf.nyu.edu>
I strongly agree with Ran Atkinson's exhortation to the IETF: Please maintain a healthy level of disbelief. Don't accept statements from me which aren't backed up by enough documentation. Even better, let me know what statements you find difficult to believe, and I'll be glad to find documentation for you. I am not speaking to an audience of robots: I want people to *listen* to what I say. Of course, I would like the IETF to maintain the same attitude towards Mike StJohns, Steve Crocker, et al. For instance, you (I speak here to a typical IETF member, who has not been involved with port 113 before) may have seen the Last Call for StJohns's document. ``Loose consensus and working code'': you probably *assume* that StJohns has working code. I would very much prefer, in this touchy situation, that you not make any such assumptions, no matter who you're listening to. Instead ask: Does StJohns have working code? IDENT is a client-server protocol; does there exist a server implementation? Does there exist a client implementation? Is there anyone at all in the community who uses it? Here, I'll ask for you: Mike StJohns, can you please exhibit for the IETF a client IDENT implementation? By definition of IDENT, current TAP client implementations (my authuser library, and Wietse Venema's log_tcp security package) don't do the job, because an IDENT client must handle character sets (including OCTET). Could you point out the user base for that implementation? The rfc931-users list has 150 subscribers; do any of them use a client IDENT implementation? Who? Back to you, the IETF member: If Mike answers ``yes'' without pointing out where the client implementation is to be found, don't accept that answer, any more than you'd accept an unjustified statement from me. Press him for documentation. Don't assume anything. (Don't assume, for instance, that any package named ``ident'' is an IDENT implementation: TAP was named ``Ident'' between January and April.) That's what I mean by a healthy level of disbelief. I hope that the IETF holds everyone here---me, Steve Crocker, whoever---to the same standard of justification. ---Dan
- a healthy level of disbelief Daniel J. Bernstein