On Tue, 2 Mar 2004, Steve Bellovin wrote:
> However, turning it into a full-fledged BCP will be a
> lot of work; Fred in particular was quite vocal about that, based on
> his experience doing Router Requirements way back when.
I should expand on the note a bit, for George's benefit as he got my
remarks through Jabber. The discussion in the BOF seemed to me to
contemplate adding quite a lot of text to these documents and head off in
the direction of a tome like RFC 1812. My comment on that process is - it
may well be the right thing to do, but for goodness' sake don't end up with
a tome, as it is daunting to read and daunting to edit. Rather, come up
with a set of smaller documents which represent the WG's thoughts on
various aspects of the topic.
Initial possible topics seemed to be "... for ISP networks" and "... for
Enterprise". My sense there is that for the things the Jones drafts talk
about, I doubt that ISPs and Enterprise are so very different. For example,
one of the specification points is that in a log message, please use the IP
address to identify systems or interface, as the name may have multiple
interpretations and may not be readily translatable through DNS with the
network hosed. If you think about that, the problem really isn't an
enterprise or an ISP problem, it's a specificity and
minimal-required-working-parts issue. What will be more useful may be an
overview document, a document on log messages, a document on dealing with
various kinds of attacks, a document on dealing with configuration
management issues, and so on.