OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   Re: [xml-dev] Re: Can A Web Site Be Reliably Defended Against DoS Attack

[ Lists Home | Date Index | Thread Index ]

Marshall Rose is a, maybe the, world's foremost authority on this 
subject, though not the guy to to ask for an unbiased opinion.

I participated in the Corporation for Open Systems (COS) in the '80's, a 
hotbed of Pro-OSI sentiment sponsored by virtually everyone in computing 
or telephony. Nearly all the wonks who attended network standards 
meetings for a living came there to set up parallel committees to attend 
and they seemed to universally agree that at least one of the ISO 
transport propocols was better than TCP, though they didn't agree on 
which one. The debate was somewhat clouded by the fact that every time 
they pointed out a deficiency in TCP, some university hacker would fix 
it. Then, of course, the Internet tsunami swept all the arguments away. 
Still, the way I remember it there was COS, all the king's horses and 
all the king's men on one side and Marshall Rose, in absentia, on the 
other. Sic transit gloria COS.

Bob Foster

Rich Salz wrote:
 >> There were people who said the ISO networking stack was
 >> much better than TCP/IP
 > I asked Marshall Rose about this.  He is one of the best "protocol
 > wonks" in the world.  As one of his accomplishments, he did a very
 > comprehensive open source implementation of the ISO protocols known as
 > ISODE; here's one of the release announcements (note the date of the
 > announcement)
 > http://www-mice.cs.ucl.ac.uk/multimedia/misc/tcp_ip/8808.mm.www/0096.html
 > I asked him about denial of service attacks and he said "clnp/tp4
 > doesn't contain any security advances over ip/tcp."  He then added
 > "in one sense, an OSI-based Internet would be more secure against DDoS:
 > there would certainly be fewer servers, desktops, and routers, and they
 > would be running much, much slower..."
 > BTW, the Internet's end-to-end principal makes it architecturally
 > possible to have mutually authenticated communicating endpoints. Search
 > for "RSVP IETF" and you can see that years ago real time delivery
 > guarantees and QoS was possible, too.  If TCP/IP is 80/20, then it's at
 > least an 80/20 unlike most others in that: *its architecture allows the
 > last 20% to be done.*  VoIP might be a driver for real QoS.
 > I don't know what GE engineers you spoke with, but it appears to me that
 > they were showing off and deriding something they didn't fully 
 > "Once the rockets go up
 > who cares where they come down?
 > That's not my department,"
 > says Werner von Braun.
 >    --Tom Lehrer
 >     /r$


News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS