OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   Re: [xml-dev] Re: Can A Web Site Be Reliably Defended Against DoS Attack

[ Lists Home | Date Index | Thread Index ]

>There were people who said the ISO networking stack was
>much better than TCP/IP

I asked Marshall Rose about this.  He is one of the best "protocol 
wonks" in the world.  As one of his accomplishments, he did a very 
comprehensive open source implementation of the ISO protocols known as 
ISODE; here's one of the release announcements (note the date of the 

I asked him about denial of service attacks and he said "clnp/tp4 
doesn't contain any security advances over ip/tcp."  He then added
"in one sense, an OSI-based Internet would be more secure against DDoS:
there would certainly be fewer servers, desktops, and routers, and they
would be running much, much slower..."

BTW, the Internet's end-to-end principal makes it architecturally 
possible to have mutually authenticated communicating endpoints. Search 
for "RSVP IETF" and you can see that years ago real time delivery 
guarantees and QoS was possible, too.  If TCP/IP is 80/20, then it's at 
least an 80/20 unlike most others in that: *its architecture allows the 
last 20% to be done.*  VoIP might be a driver for real QoS.

I don't know what GE engineers you spoke with, but it appears to me that 
they were showing off and deriding something they didn't fully understand.

"Once the rockets go up
who cares where they come down?
That's not my department,"
says Werner von Braun.
    --Tom Lehrer


Rich Salz, Chief Security Architect
DataPower Technology                           http://www.datapower.com
XS40 XML Security Gateway   http://www.datapower.com/products/xs40.html
XML Security Overview  http://www.datapower.com/xmldev/xmlsecurity.html


News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS