|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: Stupid Question: Network Abuse RFC?
On Sun, 13 Jan 2008, Paul Ferguson wrote: In addition to RFC2142, it would appear that these are largely ignored just as much as any other operational IETF documents. The IETF (and other groups) developing "Best Common Practices" seem to sometimes forget 1. Is it a practice? 2. Is it a common practice? 3. Is it a best common practice? If no one is doing it, and they are largely ignored, did the IETF really do its job of consulting with the operational community to identify practices that are common and considered best? It is the organizational version of "running code." It seemed like many of the Internet "operational" people stopped going to the IETF in the 1990's and I don't know those people have really settled down anywhere else. NANOG/MERIT deliberately decided not to get into the standards development or publishing business. RIPE does publish somethings. NRIC has the same problem as the IETF and published a ton of "Best Practices" that no one practiced, and I think tended to cause operations people to start ignoring NRIC. Instead often what you get is a group of people from one industry writing what they wish a group of people in another industry would practice. For example, the financial industry writing what they wish merchants would do for security. Or the e-mail industry writing what they wish networks would do for security. Or the music industry writing what they wish universities would do for security. Although you need a some overlap, I think you get much better "buy-in" when people from the same industry are developing their operational standards.
|