[
Lists Home |
Date Index |
Thread Index
]
They knew that what you are suggesting wasn't done. That
is the problem of 80/20; not that it can't be done, but
that it won't be done until the problem is big. It
is the Titanic thing: it wasn't how many but who died
that forced changes.
Again, I'm not talking about the problem of someone not getting
their Amazon page up, but of a server used for communicating
in real time to low-latency response assets. It is the
mission and the risk not being considered in the customer
pull vs technology push thought. Your example is
precisely illunminating: let's choose speed and
ubiquity over safety and reliability. The GE engineers did
the right thing: don't outdrive your headlights.
"And we know for certain that some lovely day,
someone will set the spark off, and we will all be blown away."
- also Tom Lehrer
I don't care if the OSI stack was better or worse. Spilt milk.
1. Instead of wiping out mouths from Microsoft venom, let's
acknowledge the root problem: as currently implemented, there
is no credible defense for DDoS.
2. Let's talk about fixing that so we don't have to rely
on social behavior to patch incomplete designs.
3. Let's make sure the press and the customer know the
risks.
len
From: Rich Salz [mailto:rsalz@datapower.com]
>There were people who said the ISO networking stack was
>much better than TCP/IP
I asked Marshall Rose about this. He is one of the best "protocol
wonks" in the world. As one of his accomplishments, he did a very
comprehensive open source implementation of the ISO protocols known as
ISODE; here's one of the release announcements (note the date of the
announcement)
http://www-mice.cs.ucl.ac.uk/multimedia/misc/tcp_ip/8808.mm.www/0096.html
I asked him about denial of service attacks and he said "clnp/tp4
doesn't contain any security advances over ip/tcp." He then added
"in one sense, an OSI-based Internet would be more secure against DDoS:
there would certainly be fewer servers, desktops, and routers, and they
would be running much, much slower..."
BTW, the Internet's end-to-end principal makes it architecturally
possible to have mutually authenticated communicating endpoints. Search
for "RSVP IETF" and you can see that years ago real time delivery
guarantees and QoS was possible, too. If TCP/IP is 80/20, then it's at
least an 80/20 unlike most others in that: *its architecture allows the
last 20% to be done.* VoIP might be a driver for real QoS.
I don't know what GE engineers you spoke with, but it appears to me that
they were showing off and deriding something they didn't fully understand.
"Once the rockets go up
who cares where they come down?
That's not my department,"
says Werner von Braun.
--Tom Lehrer
|
