[Fwd: 10 years and no ubiquitous security]
William Allen Simpson
wsimpson at greendragon.com
Thu Mar 14 00:08:48 UTC 2002
In remembrance:
-------- Original Message --------
Subject: 10 years and no ubiquitous security
Date: Wed, 13 Mar 2002 18:49:35 -0500
From: William Allen Simpson <wsimpson at greendragon.com>
Organization: DayDreamer
To: ietf at ietf.org
CC: ipsec at lists.tislabs.com
10 years ago this week, we had an IETF meeting in San Diego.
10 years ago on Tuesday, Phil Karn sprawled out across my hotel room bed
and drew the packet header that became ESP. (Remember when we were
small enough to have hotel room BOFs?)
10 years today, at a lunch meeting, Phil Karn gathered a group of us,
and we agreed to pursue IP Security, as "the most important thing
missing from the Internet". (Most real work was still done in lunch and
dinner BOFs last time I attended IETF, and presumably that tradition
continues now.)
10 years ago tomorrow, Brian Lloyd and I had a "rubber hose" lunch
meeting with Steve Kent, who as a member of the IAB had refused to allow
the PPP WG to publish CHAP in our RFC as an official authentication
protocol. (He had previously mandated that we remove all security
protocol negotiation.) He backed down, but we had to change the name
from "cryptographic" to "challenge".
Steve Kent refused to charter the IPSec WG. We had to reform the
structure of the IAB (removing Steve Kent) -- which was good for many
other reasons, although its efficacy was short-lived.
After all these years, ESP itself is remarkably unchanged. (The
sequence field is 32 bits instead of 16 bits, but we did that in 1993.)
Remember, by 1995 we had multiple interoperable implementations.
Roughly 5 years ago, IPSec was supposed to be disbanded, because its
work was complete. Instead, somebody named Steve Kent secretly took
over the WG editorship (with no consensus, or even WG discussion), and
his "appointment" was enforced upon the new "reform" WG Chairs.
For 5 more years, IPSec WG has slowly turned out unworkable documents,
generating endless and fruitless discussion.
Today, IPSec has insignificant deployment, and the WG goeth on forever.
...
Should I remind folks that at that same San Diego IETF, JI and Phil and
Steve Deering and others of us had a lunch BOF on Mobile-IP?
--
William Allen Simpson
Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
More information about the NANOG
mailing list