[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: netsec-reqs document: what is, where it is, what to call it.

To: ericb@digitaljunkyard.net
Subject: Re: netsec-reqs document: what is, where it is, what to call it.
From: gmj@pobox.com
Date: 19 Mar 2003 19:05:31 -0500
Cc: gmj@pobox.com, randy@psg.com, opsec@ops.ietf.org, morrowc@ops-netman.net, lamour@uu.net, mkrause@uu.net
In-reply-to: <gu9wuivdto2.fsf@rivendell.digitaljunkyard.net>
References: <m3y93bqic1.fsf@apire.port111.com><gu9wuivdto2.fsf@rivendell.digitaljunkyard.net>
Reply-to: gmj@pobox.com
User-agent: Gnus/5.0808 (Gnus v5.8.8) XEmacs/21.1 (Cuyahoga Valley)

ericb@digitaljunkyard.net writes:

>  "g" == gmj  <gmj@pobox.com> writes:
> 
> g> Why it's being published?

> One reason is (possibly justifiable) UUNET hubris.  We would present
> our requirements to a vendor, and they'd say "None of our other
> customers are asking for these things."
> 
> By publishing it beyond UUNET, we hoped to spark ideas in other
> customers, to get them to say "Wow, that's a great idea, we want you
> to implement that too."  Basically, "You want it, you just don't know
> you want it yet."  There was also the hope that once the document got
> out, other customers would chime in with their own ideas, which we at
> UUNET had not thought of.
> 
> This document comes from very base origins.

And make se

> 
> g> Why this matters?
> 
> g>      We have comments to integrate now.  We need to know
> g>      what sort of document is being produced to 
> g>      integrate them properly.
> 
> Personally, I think that the original mission of the document is as
> yet uncompleted.  It might be appropriate to split the document, it
> might not.  Whichever way you go, at least one document should come
> out of this where end users swap ideas for security enhancements, and
> then present them to the vendors with the power of collective
> bargaining.
> 
> This is a moving target.  Bad things on the Internet evolve rapidly,
> old requests get implemented or supplanted.  You will never get
> multiple customers with different focuses (or even customers with
> similar focuses) to agree on a set of features, and certainly not a
> priority list for implementation of those features.  It may be that
> this should not really be a document, but that the existing document
> should be a foundation for a forum.  There, enhancements can be
> suggested, discussed, refined, and prioritized.  Different customers
> can sign up for different enhancements, and then vendors can check in
> and make informed decisions on what to implement next.
> 
> SourceForge, anyone?  Push for Cisco to open source IOS?  It worked
> for Mozilla, right?
> 
> ericb
> 

-- 
George M. Jones    |  Contra bonum morem ("Against good custom")
Network Security   |
Architect, JAPH    |
                   |      Seneca (Dialogues, vi, i, 2)
gmj@pobox.com, PGP Finger=CB97 C772 7685 0E15 E27E  C78D A50F 3AAD C1D6 D49E

Follow-Ups:
- Re: netsec-reqs document: what is, where it is, what to call it.
  - From: "Merike Kaeo" <kaeo@merike.com>

References:
- netsec-reqs document: what is, where it is, what to call it.
  - From: gmj@pobox.com
- Re: netsec-reqs document: what is, where it is, what to call it.
  - From: ericb@digitaljunkyard.net

Prev by Date: Re: netsec-reqs document: what is, where it is, what to call it.
Next by Date: Re: netsec-reqs document: what is, where it is, what to call it.
Previous by thread: Re: netsec-reqs document: what is, where it is, what to call it.
Next by thread: Re: netsec-reqs document: what is, where it is, what to call it.
Index(es):
- Date
- Thread