[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CAPWAP BOF follow up: nmrg - CAPWAP

To: "Bernard Aboba" <bernard_aboba@hotmail.com>
Subject: Re: CAPWAP BOF follow up: nmrg - CAPWAP
From: Randy Bush <randy@psg.com>
Date: Sun, 27 Jul 2003 13:15:39 -0700
Cc: iesg@ietf.org
References: <BAY7-F861SSfWXWzRPT0000a3c5@hotmail.com>

> The bottom line was that the WG did not care about security, and
> therefore treated the required security measures (e.g. Diameter
> CMS) necessary to make proxies safe largely as measures designed
> to satisfy the IESG, rather than a real cost.  Once forced to
> either take the security requirements imposed by proxies
> seriously or abandon proxies, the WG chose to abandon proxies.
> However, that was 3+ years and many hundreds of man years later
> -- and the protocol had gained huge amounts of (largely
> unnecessary) complexity in the process.

so, our culture now accepts security procedural stone walls, but
not architectural ones only one step removed?  in the anti-proxy
arguments, we did make it quite clear that security would be the
killer.

it really makes one crazy to see the car heading for the cliff and
not be able to stop it.  wrong jungle.

> I think this underlines the need to make requirements documents
> more than just a wish list -- there is a real price to be paid
> for each requirement added to the list.

well, i suspect that capwap is gonna be a useful exercise in that
dimension.

randy

References:
- Re: CAPWAP BOF follow up: nmrg - CAPWAP
  - From: "Bernard Aboba" <bernard_aboba@hotmail.com>

Prev by Date: RE: CAPWAP BOF follow up: nmrg - CAPWAP
Next by Date: RE: online repository of drafts, and expired drafts with wdiff's available
Previous by thread: Re: CAPWAP BOF follow up: nmrg - CAPWAP
Next by thread: RE: CAPWAP BOF follow up: nmrg - CAPWAP
Index(es):
- Date
- Thread