[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: 10 years and no ubiquitous security
> Today, IPSec has insignificant deployment, and the WG goeth on forever.
>
> ...
>
> Should I remind folks that at that same San Diego IETF, JI and Phil and
> Steve Deering and others of us had a lunch BOF on Mobile-IP?
You're not the only one who was "around back then". I think most of us
remember the world slightly differently from you. Whatever.
People still can't get basic DNS deployment right, and that's quite a
bit older than IPsec or Mobile-IP. (I deployed my first nameserver 14
years ago).
Unfortunately, standards are irrelevant without ubiquitous deployment of
software that is (reasonably) easy to use; it hasn't been a
inter-geek-net for a long time.
Look at SSH; it *still* isn't completely standardized, but it is much
easier to use (and more important, deploy) than IPsec. On the other
hand, there's pkix; heavily documented and standardised, but hideously
difficult to deploy and use.
Of course, IPsec doesn't solve many problems, either, but that's an
entirely separate debate. <ducking>
--
Harald Koch <chk@pobox.com>
"It takes a child to raze a village."
-Michael T. Fry