Re: Fwd: Re: IP: Microsoft breaks Mime specification
Perhaps the thing to do is make the results of interoperability testing public - only for shipping versions of software. Developers can then develop and fix their bugs and not get bad press about not yet shipped products. And when they do ship their product it seems fair their competitors and the press can broadcast their noncompliant products. If it is a bug, they will fix it. If it is not, then they get bad press. begin:vcard n:Royer;Doug tel;pager:[EMAIL PROTECTED] tel;cell:208-520-4044 tel;fax:866-594-8574 tel;work:866-594-8574 x-mozilla-html:FALSE url:http://Royer.com/People/Doug org:INET-Consulting LLC http://INET-Consulting.com adr:;;1795 W. Broadway #266;Idaho Falls;ID;83402; version:2.1 email;internet:[EMAIL PROTECTED] title:Chief Executive Manager x-mozilla-cpt:;-10400 fn:Doug Royer end:vcard
S/MIME again??, Re: Fwd: Re: IP: Microsoft breaks Mime specification
Vernon Schryver wrote: ... It is all about as interesting as another recent arrival's descriptions of how we talked about the Internet in cafeterias in the old days before it really existed. Since I made that comment... yes, that is what we (maybe not you) did back in 1992 when I started to notice and use the Internet. That's only 10 years ago. I guess hindsight is always 20/20, but the idea of self-regulation needs IMO a grain of salt. At least, we could have public non-conformance notes. But, heaven forbid, no certified trademark program. Have we all forgotten S/MIME?? Cheers, Ed Gerck
Re: Fwd: Re: IP: Microsoft breaks Mime specification
Without wishing to drag this thread on yet longer... --On Wednesday, January 23, 2002 08:49 -0800 Kyle Lussier [EMAIL PROTECTED] wrote: The entire process will certainly have an impact on the organization, even if certification is never revoked. The process of developing test specifications is slow, tedious, and about as alluring as the prospect of writing a MIB. It tends to attract relatively few people As I said... no test specifications. Just $100, say you are complying, boom you have the logo and the trust of IETF. US$100 is still a lot of money for some people. *Any* amount of money may be too much for some people, especially if they're in part of the world where wiring US$100 would be difficult/impossible. It's up to an IETF working group to challenge that trust and threaten to yank the logo, which is the one true mark of that trust. Is this a working group that's there just to oversee mark value? If so I'm not sure I see how it would work, given the massively diverse set of knowledge that would be required. If you mean the current working groups, then what happens when there isn't a current working group to oversee something that can carry a mark? No one wants to be bogged down with bureaucracy, but I don't mind filling out an application, sending in $100, and getting the logo. If I become a bad vendor, then people in an IETF WG can move to yank my logo. There should be a process for the yanking of the logo that is very fair, and arguably should happen over a period of time, be pretty lenient and give vendors more than ample time to do the right thing. The goal here isn't to punish vendors, rather, to promote standards, and created a trusted one true mark that says you have the trust of the IETF. CIOs can use that mark as a differentiator with products and can choose to not buy from vendors that lose that trust... The problem here is that while presence of logo is still pretty meaningless, non-presence of logo is totally meaningless. If there's no logo it can mean that the product is very very bad and doesn't work properly, or it could equally mean that the product is perfect and the author just hasn't done the certification. Or is there a requirement for folks that have had their marks pulled to instead display a logo saying we're broken?
Re: Fwd: Re: IP: Microsoft breaks Mime specification
That's the only way I see to do it, not to mention, if it's cheap and easy, lots of people will do it, and you would generate a $10m legal fund so that it had some teeth. Are you that sure that there are 100,000 seperate products that would want to have the logo attached to them, and willing to pay $100 for it? /Valdis Well... I don't know about that, ask a marketing guy :). I know we would buy a couple for our different products, primarily because we know seeing IETF Certified with be a big value add to them. It may be that our product would benefit more from that than others, but I know we would buy enough to cover the cost of the trademark over a year or two, at a minimum. Kyle Lussier
Re: Fwd: Re: IP: Microsoft breaks Mime specification
If a vendor *fixes* something and we get burned that bad, what makes you think that yanking the right to use a logo will change anything? Well, the whole point of it is to give CIOs and IT Managers the ability to write into their contracts IETF Compliance or no money. CIOs would still need to choose to do this of course, but, as I mentioned before, I know a number of them that are ready to strangle some of their badly behaving vendors. In the economy of today, if large implementations don't go well, as a CIO, you are out the door. IETF Compliance can go a long way torwards helping secure the jobs of our CIOs by reducing interoperability headaches and vendor standards infighting. Kyle Lussier AutoNOC LLC
Re: Fwd: Re: IP: Microsoft breaks Mime specification
This all sounds like you're being a tad fluffy on the business side here... Well.. I burst out loud laughing on that one. I guess other certification efforts, that cost $5000+ for logo compliance aren't fluffy? But the biggest problem here is that you've just created a $10M annual cashflow for the IETF to manage. This would be a massive infusion of cash for an entity that today runs on cookies and good will. Do you really think that you can put $10M (or gosh forbid, $10M *a year*) into a bank account without it starting to attract attention? History tells us it would immediately generate its own infrastructure to consume it (have you looked over at the DNS world recently?) You are right about all of this. I'm just looking for solutions to strengthen vendor compliance. Ed Gerck's Non-Compliance list is a great solution, that would probably meet our needs for contracts... which is where this discussion (from my perspective) came from. Maybe the IETF doesn't want the cash flow? Kind of sounds like it :). Worst case... have big IETF parties, courtesy of trademark registrations. Try for a moment to image the new class of problems this will entail for the IETF (and the new class of people who would show up for the budgeting and cashflow management working group) if the IETF was suddenly worth $10M a year. Remember the old curse be careful what you ask for, in case you actually get it... Your problem here is that your business case seems to fail the smell test. You are right about all of this of course. But, hey if you really feel this has merit, I encourage you to go off for a while and work up the details. But be *really* specific. Personally I'm particularly interested in your business plan because after all, you're asking for at least $10M and the market has been down for the past year. If you can build a business that generates $10M a year with *this* idea, it would suggest that the downturn is finally over... Well.. let's be clear, I don't necessarily even want to do this. I'd prefer it if we didn't actually, because all these integrity issues would appear that would cloud the vision of our product. We are a vendor, we want to make as much money as possible, and we want to do that by building the best product, on the merits, that supports the standards. But we need the standards to mean a lot more than it currently does. Maybe someone in academics should organize it. Is there like one of those NSF Engineering Research Centers for the Internet or anything? A group like that, with accounting, budgeting, etc. should probably run this kind of thing. They are always looking for ways to generate fees on industry, but they often have leaders with a great deal of integrity, so a group like that might be ideal. I just know, that as a business, we would buy the logo, and educate CIOs about the importance of it. So please include some market research on your numbers. I'd also like to see the detailed proposals outlining your processes, and I'd like to the names and fee schedules for the lawyers you've hired to vet all this. And finally, if you can work in seven layers somewhere I'd be willing to resurrect some old T-shirts from the early nineties for you, back from before people started taking the IETF this seriously... Don't blame me, I'm just a visionary trying to offer new possible solutions :). Kyle Lussier AutoNOC LLC
Re: Fwd: Re: IP: Microsoft breaks Mime specification
From: Kyle Lussier [EMAIL PROTECTED] Message-Id: [EMAIL PROTECTED] Date: Wed, 23 Jan 2002 08:49:49 -0800 ... It's up to an IETF working group to challenge that trust and threaten to yank the logo, which is the one true mark of that trust. You do not understand how the IETF works. Working Groups are transient bodies tasked to do what is in their charter and then disolve. For example, right now, there is no WG dealing with SMTP or MIME in general. (The S/MIME working group is working only on certain security aspects of certain MIME constructs.) In other words, only in the rare instance of a WG that is writting a new protocol or generally revising an old one is there a WG which has any sort of general overview of a protocol. And even then, the output of the WG has no authority unless approved by the IESG and the WG ceases to exist when its job of writting or revising the protocol is done. The only permanent bodies in the IETF are the IESG, IAB (and perhaps, depending on how you look at it, the NOMCOM, IRSG, RFC Editor and IANA). While not a member of any of these bodies, it is my belief that they would all be opposed to the imposition on them of the burden you are so zealously promoting. ... Kyle Lussier AutoNOC LLC Donald
Re: S/MIME again??, Re: Fwd: Re: IP: Microsoft breaks Mime specification
From: Ed Gerck [EMAIL PROTECTED] ... It is all about as interesting as another recent arrival's descriptions of how we talked about the Internet in cafeterias in the old days before it really existed. Since I made that comment... yes, that is what we (maybe not you) did back in 1992 when I started to notice and use the Internet. That's only 10 years ago. I guess hindsight is always 20/20, but the idea of self-regulation needs IMO a grain of salt. At least, we could have public non-conformance notes. ... There's nothing wrong in remembering when one first encountered something. It's not good to urge changes on an organization based on reminisces of having been around at the beginning despite not having made even the second generation. 1992 is so long after the old days that it counts as today. The current noise not withstanding, there are fewer non-conformance problems today than there were 1992, provided you only care abount non-conformance that causes interoperability problems with open standards. There are now plenty of public non-conformance notes, particularly compared to 1992. Open any trade rag and you'll find plenty. That they are only a little less unreliable than they are incomplete shouldn't be surprising given what they cost readers. Never mind that they cost vendors 100 times the $100 that has been proposed here, and that's assuming the vendor doesn't need to buy advertising or trade show booth space to be considered. Those of us who have been attended sessions where more complete and less reliable non-conformance notes are generated know that they cost orders of magnitude more than $100 even when admission is free, since you must spend a week or two of senior engineer time. We also know that their results are rarely public in any meaningful way, because otherwise vendors could not afford to attend. For example, one sure way to end Connectathon (is it still alive?) would be to announce that all of the results would be published. (1992 was before conformance tests? Sheesh! I think the 1992 Connectathon was one of the last that I attended. Then there is RFC 1025.) Those who want any sort of conformance noting, certificating, or testing should apply to the many commercial and non-profit organizations in those businesses. All of them charge a lot more than $100 for anything but membership does. For that matter, mere membership in the non-profit consortia and forums is usually more than $1000. It is at best incredibly ironic to rail against minor Microsoft's bugs while demanding some kind of trademark certificate or conformance test. Isn't that exactly what Microsoft offers and demands for the official Windows compatibility service mark? It's one thing to be open minded and open to change for the IETF or anything. It's something else to let your brain fall out. Vernon Schryver[EMAIL PROTECTED] (In the interests of full disclosure, I encountered the net in 1972 at the console of TIP 25/DOCB. I was disconnected in the late 1970's and early 1980's. I also don't claim to have ever been in any cafeterias talking with those who were responsible, at least not until long afterwards. When I finally met some of them in the flesh, I hope I didn't pretend inside experience and insight.)
Re: Fwd: Re: IP: Microsoft breaks Mime specification
From: Kyle Lussier [EMAIL PROTECTED] ... Maybe someone in academics should organize it. ... Like UNH? If you don't know whom I'm talking about, please consider the possibility it could be good to look around before additional proposals. Vernon Schryver[EMAIL PROTECTED]
Re: Fwd: Re: IP: Microsoft breaks Mime specification
At 8:49 AM -0800 1/23/02, Kyle Lussier wrote: snip If I become a bad vendor, then people in an IETF WG can move to yank my logo. There should be a process for the yanking of the logo that is very fair, and arguably should happen over a period of time, be pretty lenient and give vendors more than ample time to do the right thing. snip Whether or not the idea is good or bad, it is not really workable within the IETF structure. IETF working groups close down after they finish their work. So if the xyz WG spends two years developing the XYZ protocol gets in into an RFC, the xyz WG usually then ceases to exist, and their may not be any other WG with a special focus on the XYZ protocol. So there will not be any WG or other group that would be appropriate to police the use of the XYZ protocol. It also would not work for WGs, after they complete their chartered work, to continue to exist just to adjudicate compliance with the relevant protocol. The IESG supervisory structure already has its hands full and could not supervise an ever growing list of WGs, and in any event 95% to 100% of the people who formed the core of a given WG would move on to other active working groups. So the idea is not something that could be easily grafted onto the IETF as it now exists. John Morris -- John Morris // CDT // http://www.cdt.org/standards --
RE: Fwd: Re: IP: Microsoft breaks Mime specification
Valdis.Kletnieks wrote: ... Microsoft's variant implementation of Kerberos however... is RFC compliant, and includes a set of interoperability notes for the defacto and predominant implementation. The fact that some people want to change the RFC to restrict the possible set of implementations to be exactly = the 10 year old one from MIT, defies the original author's expectations that the fundamental requirements would change over time as technology evolves. Tony
Re: Fwd: Re: IP: Microsoft breaks Mime specification
The only permanent bodies in the IETF are the IESG, IAB (and perhaps, depending on how you look at it, the NOMCOM, IRSG, RFC Editor and IANA). While not a member of any of these bodies, it is my belief that they would all be opposed to the imposition on them of the burden you are so zealously promoting. Well, it was just an idea. I saw support from a couple others for something like it. I'll write it off as juedge to be impractical. I would like to thank everyone for their feedback, it was thorough, novel, and intelligent. Kyle Lussier AutoNOC LLC
Re: Fwd: Re: IP: Microsoft breaks Mime specification
I think, ultimately, this could be done. None of these are scenarios that couldn't be handled in the application, and testing would be a non-issue, because you just say my product follows IETF standards. The only worries you have are about not conforming to the IETF. But, the consensus, as I read it, seems to be that it's not what IETF is about and is impractical. That's fine, and I agree with the comments. It's just a shame there aren't better solutions to badly behaving vendors. Because the net result is that we all have to learn more products, we double our costs, we couble our expenses, and things move at half-speed. Love it or not, this is a problem we all will have to deal with, for a long time. And if not the IETF to solve this problem then who? It's easy to villify an idea that may or may not be appropriate, but we're still stuck with the same problem. Kyle Lussier AutoNOC LLC On Wed, 23 Jan 2002 12:09:30 PST, you said: You're looking at situations including: 1) Vendor X has the logo, Vendor Y hasn't applied/recieved it yet. Y has the better product, but X gets the bid. The IETF gets sued by vendor Y for conspiring to keep Y out of business, and you get sued as CIO by your shareholders for mismanagement because X turns into a boondogle. 2) Vendor X has the logo, but a *severe* bug has been found, but the logo hasn't been pulled yet. Vendor Y has had their logo pulled for a smaller infraction. Vendor Y sues you and the IETF because of unfair practices.. 3) Vendor X has the logo, but nobody has actually *verified* that their product implements the standard. Vendor Y has their logo pulled for something minor. This leads to: 3a) Vendor Y sues because nobody has tested X. 3b) Vendor X was the one who pointed out the problems in Y, and due to marketshare/influence/bribery, Y's logo got pulled while testing of X gets delayed - allowing X to get a contract that Y would have gotten otherwise. 4) You buy shrink-wrapped Z that has the logo. You subsequently find that the logo had been pulled, but of course the product wasn't recalled off the store shelves and repackaged before you bought it. You find yourself fired because you broke company policy to only buy logo'ed products. 5) Vendor Y sues because their logo gets yanked because THEIR interpretation of an RFC doesn't match the reading the WG Chair gives of the RFC, and the WC Chair happens to work for Vendor X. 6) You are cordially invited to suggest how Microsoft will brand their Outlook XP with the logo, in particular, how to keep track of all the following: 6a) Outlook XP branded as of 01/01/2002 6b) Outlook XP SP1 not branded as of 01/21/2002 because of bug 4781 6c) Outlook XP SP1+OfficeQFE:4781 branded as of release date of fix for 4781 6d) Outlook XP SP1+OfficeQFE:4781 but lacking OfficeQFE:NNN not branded as of 02/dd/2002 because of bug 6e) Outlook XP SP1+OfficeQFE:4781+OfficeQFE:NNN branded as of 03/dd/2002, but Outlook XP installs that are missing either the 4781 *or* fix are *not* branded. 6f) Outlook XP SP2 is branded, *except* if you've installed fix which breaks something, unless you've ALSO installed fix NNMM... And that's with just 3 or 4 bugfixes. Remember that a major product could have *hundreds* of bugfixes, all of which impact compliance to some extent. Enjoy. 7) Microsoft and AOL/Netscape get into a Well, *your* browser does THIS! war, with *both* sides shipping fixes and poking holes in the other's software on a daily basis, and somebody gets to track the current state of *two* browsers as per point (6) above, while both sides have lawyers breathing down your neck saying Well, if *my* bug XYZ counted, so does *their* bug QST. CIOs would still need to choose to do this of course, but, as I mentioned before, I know a number of them that are ready to strangle some of their badly behaving vendors. Again - if the CIO telling the vendor Fix it or we're going elsewhere doesn't cause the vendor to toe the line, why will Put a logo on it or we're going elsewhere do it? In the economy of today, if large implementations don't go well, as a CIO, you are out the door. IETF Compliance can go a long way torwards helping secure the jobs of our CIOs by reducing interoperability headaches and vendor standards infighting. You obviously haven't been in the industry long enough to have gotten stuck in the middle of an deployment of a certified product that won't interoperate. I'm sure most of the old-timers on this list have seen at least one case where a vendor guaranteed in writing that Version N+1 of their software would interoperate with Version N of *the same software*, but the upgrade didn't work right anyhow, since the software didn't read the guarantee -- Valdis Kletnieks Computer Systems Senior Engineer
RE: Fwd: Re: IP: Microsoft breaks Mime specification
You forgot that the ISOC funds the IETF, and currently the ISOC has financial difficulties and that its priority is to fund the IETF, which I fully support. Most of the membership money from ISOC is directed towards the IETF by the organisation members.I do not know what is the amount here, but I suspect that all platinum and gold members pay to fund IETF at USD100,000 or USD50,000 a year. I think there is already a USD1-2M fund towards the IETF... A light trademark conformance program as Kyle is proposing would allow ISOC to focus on other issues than funding the IETF, and therefore trully work on their Internet is for Everyone vision. May I remind that ISOC has only 8000 inviduals members. Kyle, I think the solution to the problem is to bring the problem to the next ISOC meeting (inet2002) and especially to the IAB. This discussion involves more people than the IETF only. You have to leave the IETF do what it does best: work on standards. But the IETF needs to agree that such trademark system could be implemented by the parent organisation: ISOC. IAB meetings and ISOC board meetings are very interesting. Kyle, attend one of them in June www.isoc.org/inet2002/ May be all people interested by the subject should meet there, discuss, and act. Check www.isoc.org Franck Martin Network and Database Development Officer SOPAC South Pacific Applied Geoscience Commission Fiji E-mail: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] Web site: http://www.sopac.org/ http://www.sopac.org/ Support FMaps: http://fmaps.sourceforge.net/ http://fmaps.sourceforge.net/ This e-mail is intended for its addresses only. Do not forward this e-mail without approval. The views expressed in this e-mail may not be necessarily the views of SOPAC. -Original Message- From: Peter Deutsch [mailto:[EMAIL PROTECTED]] Sent: Thursday, 24 January 2002 8:20 To: [EMAIL PROTECTED] Cc: grenville armitage; [EMAIL PROTECTED] Subject: Re: Fwd: Re: IP: Microsoft breaks Mime specification g'day, But the biggest problem here is that you've just created a $10M annual cashflow for the IETF to manage. This would be a massive infusion of cash for an entity that today runs on cookies and good will. Do you really think that you can put $10M (or gosh forbid, $10M *a year*) into a bank account without it starting to attract attention? History tells us it would immediately generate its own infrastructure to consume it (have you looked over at the DNS world recently?) - peterd
Re: Fwd: Re: IP: Microsoft breaks Mime specification
I think any attempt to get the IETF to do certification is doomed to embarrassment and failure of one form or another (quick, or slow and painful). However, the ISOC just might be interested and able to pull it off.
Re: how to fail to solve a problem
p.s. OTOH it does seem foolish to try to make fundamental changes to IETF by arguing on this mailing list. the organization is very wary of change of any sort, and rightly wary of half-baked ideas. about the best you can do with this list is to find folks who are willing to cooperate (in a less public venue) to examine and develop the idea more fully. I am a fan of half-baked ideas. I am a fan of post-optimization. Get it close to the bull's eye and throw it out there. The ensuing discussion will refine it, or kill it. Isn't that how we pride ourselves in Internet development? I'm not interested in how we pride ourselves. I'm interested in what works. Having pride in a particular way of doing things is a good way to be blind to its faults. One common way for an idea to be half-baked is for it to utterly fail to consider the needs of some constituency or another. As the Internet has become larger and more diverse our organization has also become fragmented, its participants representing very diverse interests. Probably for this reason it's become fairly common for working groups to produce results that are half-baked in this way. Throwing such half-baked ideas to the marketplace usually hasn't resulted in refinement, but it has resulted in harm to the Internet's ability to support new applications. And by the time the harm is understood, it's way too late to kill the bad idea. As for making non-conformance public, I would very much like to see that happen. Whether IETF is in a good position to do this is a different question. Since (perhaps unfortunately) most of IETF's energy comes from vendors who pay their employees to work within IETF working groups, and some of those same vendors have reputations for producing dangerously non-conformant implementations, I think it puts IETF in a precarious position if it starts pointing fingers at the vendors who produce such things Keith
Re: Fwd: Re: IP: Microsoft breaks Mime specification
there's more than one kind of effectiveness. effectiveness at getting a technology deployed is quite different from effectiveness of that technology (once deployed) at supporting reliable operation for a variety of applications. keith - may i refer you to don eastlake's earlier reply? viz., the existing system is quite effective because products that don't play by the concensus rules have a much harder time thriving or even surviving. sometimes this works. as a generalization, it doesn't hold up. Just to pick a small example: MIME has been out for nearly 10 years and I'm still receiving, on a daily basis, MIME attachments that are unreadable because they lack proper content-type labelling. That's not what I would call effective. then ignore it or fix it. obviously, the pain isn't at the point where it bothers you... for myself, the program that handles my incoming mail dumps MIME-bad stuff into an audit file and then ignores it. if it was important, then whoever sent it can get on the phone... in doing this for the last 10 years, i've yet to suffer a mishap because of this... that kind of solution is easy for you or me. unfortunately, it doesn't scale to a user base of 100s of millions of people that's trying to use email to ship around attachments and wondering why they don't work. the reason I don't filter such stuff is because I want to understand the kinds of problems other folks are having. Keith
Re: Fwd: Re: IP: Microsoft breaks Mime specification
Hrm, SoUL = Software Underwriters Laboratories but I thought the UL was a distinct company in it self that other companies send stuff to for testing. So some one withe means and clout in the industy needs to take it up. Suppose could put of a website like http://www.underwriters.org... hrm www.sul.org and gear it as a contact point for software testing. At 10:08 AM 1/23/02 -0600, Alex Audu wrote: Great idea, but you also should not leave out the issue of compliance testing. May be an organization like the Underwriters Laboratories,..or some other newly formed group (opportunity,.. anyone?) could take up the role of compliance testing. Regards, Alex. Franck Martin wrote: I support the idea, what needs to be done is the IETF to come with a trademark and someone to Inform the ISOC about all this discussion and also to register this trademark... Lynn, Could you please read this thread from the IETF archives, it could be interesting for the development of ISOC/IETF. Franck Martin Network and Database Development Officer SOPAC South Pacific Applied Geoscience Commission Fiji E-mail: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] Web site: http://www.sopac.org/ http://www.sopac.org/ Support FMaps: http://fmaps.sourceforge.net/ http://fmaps.sourceforge.net/ This e-mail is intended for its addresses only. Do not forward this e-mail without approval. The views expressed in this e-mail may not be necessarily the views of SOPAC. -Original Message- From: Kyle Lussier [mailto:[EMAIL PROTECTED]] Sent: Wednesday, 23 January 2002 4:04 To: Donald E. Eastlake 3rd; [EMAIL PROTECTED] Subject: Re: Fwd: Re: IP: Microsoft breaks Mime specification We need stronger enforcement of the RFC's, and we need creative thinking as to how to go about that. I like the idea of an easy in IETF Certified trademark, if you abuse it, it can be revoked, and then vendors building contracts around supporting IETF Certified products. It gives CIOs something to rattle about as well. I.e., they can require IETF Certification of products, which guarantees them standards support, as enforced by the IETF community. Just a simple precise trademark construct, with an easy-in application that costs maybe $100 per product, and supported by the IETF. That certification could be revoked down the road. IETF doesn't have to be a conformance body or litigator. It just merely needs to be the bearer of the one true mark :). Kyle Lussier AutoNOC LLC
Software Underwriters Lab
I'm afraid that little if any sofware would pass the kind of destructive testing that labs like UL normally perform. These guys will apply 1,000 volts to a system rated for 100 volts and so on. Can't imagine Windows XPerimental or even Windows Crippled Environment would pass any rigorous testing. Nice idea, but I don't think it will work even if the lawyers would have a field day. Ole Ole J. Jacobsen Editor and Publisher The Internet Protocol Journal Office of the CTO, Cisco Systems Tel: +1 408-527-8972 GSM: +1 415-370-4628 E-mail: [EMAIL PROTECTED] URL: http://www.cisco.com/ipj
What is at stake?
List: U.S. Census data from Feb 19 stress the Internet time warp and hint at the risk of ignoring it. What is at stake when a RFC is faulty or not correctly implemented, for example hurting interoperation or security, grows exponentially in time, and fast. The Internet broke the 60 percent penetration barrier in the U.S. faster than any other medium. For example, some 35 percent of the U.S. population had phone use in 1920, but penetration didn't reach 60 percent until 1950. With the Internet, a comparable increase in usage only took two years. Telephone - surpassed 60 percent in 30 years Cable TV - surpassed 60 percent in 27 years Computers - surpassed 60 percent in 15 years Radio - surpassed 60 percent in 10 years VCR's - surpassed 60 percent in 10 years Television - surpassed 60 percent in 5 years Internet - surpassed 60 percent in 2 years In this scenario, and with all due respect to everyone's opinions, policies that might have been justifiable some 10 or 15 years ago, such as laissez-faire interoperation, conformance verification and trust, cannot be justified by saying the existing system is quite effective or in doing this for the last 10 years, i've yet to suffer a mishap because of this... What was, aint' any more. In addition, within the last ten years the Internet has changed radically from a centrally controlled network to a network of networks -- with no control point whatsoever. There is, thus, further reason to doubt the assertion that what worked ten years ago will work today in the same way. Cheers, Ed Gerck
Re: What is at stake?
Yo All! Well Al Gore invented the internet in the early '80s, and the internet penetration was not 60% by the early '90s, SO I think these numbers are bogus. RGDS GARY --- Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701 [EMAIL PROTECTED] Tel:+1(541)382-8588 Fax: +1(541)382-8676 On Wed, 23 Jan 2002, Ed Gerck wrote: The Internet broke the 60 percent penetration barrier in the U.S. faster than any other medium. For example, some 35 percent of the U.S. population had phone use in 1920, but penetration didn't reach 60 percent until 1950. With the Internet, a comparable increase in usage only took two years.
Re: What is at stake?
The lesson from these numbers of 1999/2000, and that is why (somewhat tongue-in-cheek) I quoted them and did not comment on the Internet being 2 years old, is that they reflect what the public *sees* of the Internet. Let me be clear. The Internet as we know of today really started to exist when it become possible for anyone to have a website AND connect to the Net -- not just those who were university- or military- affiliated. And this was 1995/1996. The US Census only started to collect data on the Internet in 1997 -- before that, the Internet was not even in the radar screen. So, it is no surprise that to the Census the Net started in 1997. That is when it started to matter. We should take note of that date as well. In this process and with all due respect, it seems that many in the IETF were like a frog being slowly boiled -- the frog dies and never jumps before, because the temperature rises so so slowly. Many never realized that the Internet they were talking about -- and some still are -- is just a relic of the past. The lesson that I wanted to drive home is that 10-year arguments are really not appropriate here. The Internet as we know of today did not exist 10 years ago. Ten years ago it was not even really an internet, it was more like a network -- with a central control point. Cheers, Ed Gerck Gary E. Miller wrote: Yo All! Well Al Gore invented the internet in the early '80s, and the internet penetration was not 60% by the early '90s, SO I think these numbers are bogus. RGDS GARY --- Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701 [EMAIL PROTECTED] Tel:+1(541)382-8588 Fax: +1(541)382-8676 On Wed, 23 Jan 2002, Ed Gerck wrote: The Internet broke the 60 percent penetration barrier in the U.S. faster than any other medium. For example, some 35 percent of the U.S. population had phone use in 1920, but penetration didn't reach 60 percent until 1950. With the Internet, a comparable increase in usage only took two years.
Re: What is at stake?
At 6:53 PM -0800 1/23/02, Ed Gerck wrote: In addition, within the last ten years the Internet has changed radically from a centrally controlled network to a network of networks -- with no control point whatsoever. There is, thus, further reason to doubt the assertion that what worked ten years ago will work today in the same way. Really? Could you name the entity (and network) that you claim centrally controlled the Internet a decade ago? BTW, how accurate do you suppose the US Census Bureau data can be in regard to what homes/individuals have/do whatever, given that it collects its data every decade...?
Re: What is at stake?
On Wed, 23 Jan 2002 20:57:14 PST, Ari Ollikainen [EMAIL PROTECTED] said: Could you name the entity (and network) that you claim centrally controlled the Internet a decade ago? I'm pretty sure that there was a total Bozo the Clown in charge of the Internet at that time - I remember foolishness like one site that announced a route for 127/8 which was actually believed by a lot of sites. I'm sure if anybody clueful had been in charge, things like that would not have happened. BTW, how accurate do you suppose the US Census Bureau data can be in regard to what homes/individuals have/do whatever, given that it collects its data every decade...? Odd. I just got a survey from them the other week. They *do* run other surveys than their big constitutionally-mandated one every decade, you know. -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech msg07353/pgp0.pgp Description: PGP signature
Re: What is at stake?
We'll know when the Internet 'matters' on this measure, when they take the management and oversight away from the IETF. Like all other conspiracy theories, this falls down on defining who 'they' are and 'matters'. Australian State and Federal statistics on Internet only began a couple of years ago. But Australia was connected back in '87/'88. I think Jon Crowcrofts descriptions of the 'smoke filled room' days which proceeded the IETF might dispute the idea that 'they' ever a) failed to know what they were doing or b) relinquished control in the first place. What is at stake, is that its very late, and we all need to stop sending email. -George
Re: What is at stake?
Umm... ok - 15 years ago. US DOD, Defense Communications Agency under an agreement with ARPA ran the Internet (all 20-50 networks of it) and its core routing system. In fact the internet was actually called the DOD Internet. It wasn't until around '87 that a non-government sponsored system (e.g. a system that wasn't sponsored or under contract to DOD, NSF, DOE...) was connected to the ARPANet/MILNET core. At 08:57 PM 1/23/2002 -0800, Ari Ollikainen wrote: Really? Could you name the entity (and network) that you claim centrally controlled the Internet a decade ago?
practical proposal -- Re: What is at stake?
Franck Martin wrote: The time is to move from 35% (early adopters) to 60% (beginning of mass distribution), not from 0% to 60%. Yes, as it was exemplified for phone use: 30 years to move from 35% in 1920 to 60% in 1950. To those who were surprised by my posting, please note that I quoted official 1999/2000 US Census Bureau data. These are not bogus numbers, nor a political view, nor data from who invented the Internet. But when the US Census woke up in 1997 to find that the Internet had mushroomed overnight -- and started to collect data on Internet use -- households with Internet access were already 18%. However, how about before 1997? Well, before 1997 Internet use was so marginal in terms of socio- economical consequences that the US Census did not even bothered to collect data on its use! The conclusion is clear. Our Most Valuable experience before 1997 has limited applicability. Thus, IMO, it doesn't help the IETF, nor the Internet as we have it today, to use arguments such as The only problem with that assessment is 25 years of Internet experience, all of which was based of no conformance verification, but quite a bit of effectiveness. What was effective 25 or even 10 years ago is surely important but we need to recognize that it has limited application to today's Internet. For example, it seems that we need (and for some time already) to introduce a public non-conformance list (NCL). The NCL would make no promises to the future (unlike a conformance list), would not imply liability (because it exerts no power), and could help make a good selling point even for those companies listed in the NCL -- Look, we had six NC complaints and we fixed them all! Our product has no current NC complaint. So, as a practical proposal, I would welcome comments from anyone who would like to co-author an ID on this topic. I already got some 30-year experience feedback that could be useful ;-) Cheers, Ed Gerck On Wed, 23 Jan 2002, Ed Gerck wrote: The Internet broke the 60 percent penetration barrier in the U.S. faster than any other medium. For example, some 35 percent of the U.S. population had phone use in 1920, but penetration didn't reach 60 percent until 1950. With the Internet, a comparable increase in usage only took two years.