North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

[Fwd: 10 years and no ubiquitous security]

  • From: William Allen Simpson
  • Date: Wed Mar 13 19:11:08 2002 
In remembrance:

-------- Original Message --------
Subject: 10 years and no ubiquitous security
Date: Wed, 13 Mar 2002 18:49:35 -0500
From: William Allen Simpson <[email protected]>
Organization: DayDreamer
To: [email protected]
CC: [email protected]

10 years ago this week, we had an IETF meeting in San Diego.

10 years ago on Tuesday, Phil Karn sprawled out across my hotel room bed 
and drew the packet header that became ESP.  (Remember when we were 
small enough to have hotel room BOFs?)  

10 years today, at a lunch meeting, Phil Karn gathered a group of us, 
and we agreed to pursue IP Security, as "the most important thing 
missing from the Internet".  (Most real work was still done in lunch and 
dinner BOFs last time I attended IETF, and presumably that tradition 
continues now.)

10 years ago tomorrow, Brian Lloyd and I had a "rubber hose" lunch 
meeting with Steve Kent, who as a member of the IAB had refused to allow 
the PPP WG to publish CHAP in our RFC as an official authentication 
protocol.  (He had previously mandated that we remove all security 
protocol negotiation.)  He backed down, but we had to change the name 
from "cryptographic" to "challenge".

Steve Kent refused to charter the IPSec WG.  We had to reform the 
structure of the IAB (removing Steve Kent) -- which was good for many 
other reasons, although its efficacy was short-lived.

After all these years, ESP itself is remarkably unchanged.  (The 
sequence field is 32 bits instead of 16 bits, but we did that in 1993.)  
Remember, by 1995 we had multiple interoperable implementations.

Roughly 5 years ago, IPSec was supposed to be disbanded, because its 
work was complete.  Instead, somebody named Steve Kent secretly took 
over the WG editorship (with no consensus, or even WG discussion), and 
his "appointment" was enforced upon the new "reform" WG Chairs. 

For 5 more years, IPSec WG has slowly turned out unworkable documents, 
generating endless and fruitless discussion.

Today, IPSec has insignificant deployment, and the WG goeth on forever.

...

Should I remind folks that at that same San Diego IETF, JI and Phil and 
Steve Deering and others of us had a lunch BOF on Mobile-IP?
-- 
William Allen Simpson
    Key fingerprint =  17 40 5E 67 15 6F 31 26  DD 0D B9 9B 6A 15 2C 32