[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SOI QUESTIONS: 2.3 Authentication styles

To: Stephen Kent <kent@bbn.com>
Subject: Re: SOI QUESTIONS: 2.3 Authentication styles
From: "Chinna N.R. Pellacuru" <pcn@cisco.com>
Date: Fri, 21 Jun 2002 12:59:57 -0700 (PDT)
cc: IP Security List <ipsec@lists.tislabs.com>
In-Reply-To: <p05100300b9392e6d9498@[128.89.88.34]>
Sender: owner-ipsec@lists.tislabs.com

On Fri, 21 Jun 2002, Stephen Kent wrote:

> At 8:32 AM -0700 6/21/02, Chinna N.R. Pellacuru wrote:
> >Steve,
> >
> >If you think the RFC 2401 issue that you bring up is a technical reason
> >for rejecting L2TP+IPsec, think again.
> >
> >For the benefit of people who didn't go through this discussion I would
> >like to say that, IMHO, this issue of RFC 2410 and L2TP+IPsec not being
> >able to mandate 'static packet filtering', is not only NOT a technical
> >issue, but also the most absurd issue that we(all supporters of
> >L2TP+IPsec) had to put up with, in the discussion. It should be amply
> >clear to anyone who is reading this thread that there is no consistency in
> >Steve's argument.
> >
> >Ofcourse there are always some people who want to take credit for
> >everything, and even take credit for the fact that something useful was
> >rejected!
> >
> >We had so much of technical discussion, but in the end, it just felt like
> >there was any technical reason that we did not address. We may not have
> >had the moral majority, but a lot of stuff that goes on here doesn't have
> >it too.
> >
> >I think, RFC 2401 is the single biggest hurdle for IPsec technology. How
> >can we document 'IPsec architecture' in a single document 5 years ago.
> >IPsec is being used in so many different scenarios, and in so many
> >different and creative ways. To think that we can provide so much useless
> >information in an RFC, and still make it useful is beyond me. I generally
> >advice people who want to start on IPsec to just skip RFC 2401, and come
> >back to it only after they know IPsec a little bit, so that they can weed
> >out the useless stuff efficiently. I think the duality of this WG, not
> >being able to decide whether 'remote access' belongs here or not, is
> >somewhat due to our closed definition of 'IPsec architecture'.
> >
> >     chinna
>
> I hope few people take any advice from you, given the above
> exhortation to create non-complaint implementations.
>
> There is a disturbing trend in your messages, which I expect most
> list members have noted as well. You begin to raise technical issues,
> but when the claims are challenged or the assertions refuted, you
> transition to different arguments, never fully responding to the
> original challenges or rebuttals. This may be a good debate technique
> before an naive audience, but it fails for a technical audience such
> as this mailing list.
>
> Steve

This is exactly what you are doing. I couldn't articulate what you are
doing any better, so I'll let your words stand for what you are doing.

    chinna

>

__
chinna narasimha reddy pellacuru
"Moral Clarity: Def. When you do it, it is moral relativism, when I do it,
it is the repudiation of moral equivalence."

References:
- Re: SOI QUESTIONS: 2.3 Authentication styles
  - From: Stephen Kent <kent@bbn.com>

Prev by Date: apology
Next by Date: Re: SOI QUESTIONS: 2.3 Authentication styles
Prev by thread: Re: SOI QUESTIONS: 2.3 Authentication styles
Next by thread: Re: SOI QUESTIONS: 2.3 Authentication styles
Index(es):
- Date
- Thread