on the DNS is definitely not a good idea.
-- Christian Huitema
. So, each transaction failure induces an additional 2
or 3 second delay. A single DNS query requires 2 or 3 transactions. We can
thus deduce that packet loss rates between 1 and 5% imply that 4 to 20% of
DNS queries experience at least one retransmission.
-- Christian Huitema
At 09:27 AM 12/3/99 +0100, Harald Tveit Alvestrand wrote:
At 11:43 01.12.99 -0500, Christian Huitema wrote:
At 10:49 PM 11/30/99 -0500, Keith Moore wrote:
note also that DNS is often slow, and seems less reliable than IP.
by increasing the reliance on DNS you increase the probability
he v6 spec.
-- Christian Huitema
. It is a problem that we are stuck with today,
that multi-address multi-homing actually gives us the hope of solving.
-- Christian Huitema
Just as a follow-up question: Can somebody tell me how many
route entries there
are in edge and core routers nowadays?
Route entries = local routes + BGP acquired routes. For the latter, the
current value is about 78,000, according to the Telstra Internet BGP table
maintained by Geoff
Steve,
Suppose, rhetorically, that we were to encrypt every IP packet using IPSEC.
What happens if a box takes your packet and deliver it to the "wrong"
address, for example to an ISP controlled cache? Well, the cache cannot do
anything with it, except drop it to the floor. We are thus faced
Now consider the NATv6 alternative. The average net admin is already
comfortable with NAT at the ISP boundary (hell, some even like it).
She will already be running NAT, if for no other reason than to deal
with IPv4-IPv6 transition. NATv6 is much less onerous than NATv4,
because the
I agree completely with what you say about needing to push
the multi-address complexity to the host. As you kindly
pointed out (and I self-servingly expand on here), this is
an architecture I put forth about a decade ago in a sigcomm
paper (in Zurich, I don't remember the year).
The paper
stumbled on the fact that SIP is a peer to peer protocol, while we needed a
master slave protocol. However, interworking between SIP and SGCP is very
easy...
(SGCP is one of the ancestors of MGCP.)
-- Christian Huitema
-Original Message-
From: Yixin Zhu [mailto:[EMAIL PROTECTED]]
Sent
All of that can be done in pure ASCII.
... that is, if you speak english. You can definitely write the way of
Shakespeare, but you have a tiny problem writing the way of Molière, let
alone Confucius. Then, there are things that are hard to do in writing,
however able is your prose. Maps and
NS does, the results
are cumulative...
Christian Huitema
-Original Message-
From: Craig Simon [mailto:[EMAIL PROTECTED]]
Sent: Friday, May 26, 2000 1:25 PM
To: [EMAIL PROTECTED]
Subject: Cite on DNS-related traffic.
I recall once seeing a graph shown by Christian Huitema
indicating that
The notation of OID strings as 1.3.6.1.4.1 started appearing in the ISODE
ASN.1 compiler, in the late 80's. It was not part of the ASN.1 standard; in
fact, ASN.1 defines its own set of format, that can mix numbers and
litterals. In ASN.1, this was called a "value notation." A standard ASN.1
OK, we have come to use and like the 802.11 nets at the IETF meeting. What
will happen if many attendees also turn up BlueTooth devices? AFAIK, they
operate on the same frequency band, and the BT devices emit enough noise to
seriously hamper 802.11 operation!
Christian Huitema
for
references to external standard is that these standards often don't meet 2
important IETF criteria: they are not always available for free, and they
may evolve independently of the IETF control.
By the way, this debate should move to poisson.
-- Christian Huitema
-Original Message-
From
up last call, Bob Hinden
asked the IESG to consider publication of the analysis document as an
informational RFC on January 7, 1999. Nothing happened...
-- Christian Huitema
at a minimum, we need an IETF
specification on how to detect that a domain name part is using a non ascii
encoding, so that DNS servers don't get lost.
-- Christian Huitema
have to evacuate a room, we are in for the headlines. In
fact, if we continue breaking the fire code in every room of every
meeting, this outcome is almost guaranteed.
-- Christian Huitema
tion. Peer-to-peer applications assume that every host can
be a server.
-- Christian Huitema
The point being that if you have an arbitrary bunch of firewalls and
NATs between any two points, then you are forced into telephone-like
"call set-up" scenarios, which don't really scale to large groups,
specially when the application consists of sporadic messages to
arbitrary destinations.
one bit every 2
hours. There are very many ways to not achieve that...
-- Christian Huitema
. If the error distribution is heavy tailed, which is the
case on very many technologies, all bets are off... This is one of the
ways to not achieve the desired result.
-- Christian Huitema
-Original Message-
From: James P. Salsman [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 09, 2001 4
tds. The macros tend to have an even shorter
lifespan that the languages themselves, which make them even poorer
candidates for an archival function. Frankly, the energy spent every
fice years in questioning the ascii format would be better spent in
writing transition tools...
-- Christian Huitema
.
-- Christian Huitema
in a requirement to eliminate false negative. This is the
IETF, we ought to be able to engineer that.
-- Christian Huitema
the
network..]
You may or may not like the specific result, but the specification here
is very clear: you MUST NOT do X unless you are in condition Y, in
which case another rule applies. There is nothing in the process that
prevents writing a specification that way.
-- Christian Huitema
As well as a number of gateways using UUCP, BITNET or even X.400...
From: vint cerf [mailto:[EMAIL PROTECTED]]
yes - Phone Net (University of Delaware developed) and the Telenet
(X.25)
vint
At 11:03 AM 1/24/2002 -0500, Michael Hammer wrote:
Quick question: Could one university
Actually, the name is brouteur,
from the French verb brouter, to browse the herbivore
action of eating grass, not the web variation. A broute[u]r is a
device that is peacefully munching at your data, like a cow in a pasture.
-Original Message-
From: Ed Mier
[mailto:[EMAIL
.
pick address at random and use hackers' tools to remotely sense the type
of the equipment; it is bad practice, and your results would be tainted
by statistical errors due to firewall practices.
-- Christian Huitema
-Original Message-
From: Jian Bo Huang [mailto:[EMAIL PROTECTED]]
Sent
used by the game application.
-- Christian Huitema
Diffie-Hellman mandatory, RSA optional. Maybe this
should be documented.
-- Christian Huitema
, it is to find a way to
ensure speedy disclosure of intellectual property issues that affect a standard.
-- Christian Huitema
. In the case
of the DNS, certificates would most probably have to be handed over TCP.
Randy's warning of old horses and saddlebags comes to mind.
-- Christian Huitema
valid and
up-to-date PKI certificate. Amusing, isn't it?
-- Christian Huitema
to secure the protocol. I
don't know whether expending that energy on ARP is in fact a good idea,
since ARP is almost as old as IPv4, and we are moving to IPv6. But for
IPv6, there is no question: we should certainly develop a secure
vbersion of neighbor discovery.
-- Christian Huitema
are on a campaign to promote ECN, then maybe you should first
try to promote this specification to the next standard level... You may
also want to take a stab at revising the Requirements for IP Version 4
Routers; the last edition, RFC 1812 by Fred Baker, dates from June
1995.
-- Christian Huitema
, at the time, much more practical. They
withstood time much better.
-- Christian Huitema
expect improvements over time.
So, we have at least one conceptual solution: use a variation of Mobile
IPv6 to improve host multi-homing; solve site-multi-homing by treating
it as a variation of host-multi-homing.
-- Christian Huitema
policy implemented by
some obscure corner of the network.
That being said, whining about lack of transparency is not going to change the
behavior of the operators. The IETF should rather do something useful, e.g. make sure
that IPSEC is easy to deploy...
-- Christian Huitema
locals, 102 hands rising
for their elimination.
In short, it was not a hasty discussion, there was an informed debate,
opinions evolved during the discussion, and a consensus was reached. I
believe that if you had been in the room you would feel closer to that
consensus.
-- Christian Huitema
would say at least 18.
I suggest that this discussion resumes on the IPv6 mail list after the
minutes are published.
-- Christian Huitema
with a single network interface, is
nothing new.
My Windows-XP laptop currently has 14 IPv6 addresses, and 2 IPv4
addresses. The sky is not falling.
-- Christian Huitema
contacted the peer and obtained an explicit
statement that the planned exchange should not take place -- the
equivalent of a 4XX or 5XX error in SMTP or HTTP.
-- Christian Huitema
. As bad as spam is, a
lot of the countermeasures have a significant cost. It is probably
necessarily so, as making e-mail easy to send also makes spam easy to
send, but different measures have different side effects, and that is
worth documenting.
-- Christian Huitema
The only question left is if there are any *technical* components to
doing so
(which would be the IETF's preserve), and, if so, what they are.
It surprises me that so many people are so eager to declare defeat
before even trying the protocol route. (With current protocols defeat
is
. Even an RSA pair is not all that hard, considering that a set of
N prime numbers can generate N.(N-1)/2 key pairs. The logical
consequence of authenticated e-mail is bound to be authenticated spam...
-- Christian Huitema
bear, and the amount of identity
checks to whatever the public is willing to accept, which today is an
e-mail reachability test. So, the spammers will be slowed down, but not
much.
-- Christian Huitema
authorities
in Windows XP, Internet Explorer and other Microsoft products are
documented at:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur
ity/news/rootcert.asp
-- Christian Huitema
to carry
video conferences services. I remember taking part to one such
conference in a DARPA locale.
-- Christian Huitema
of the current problems
with IPv4, and if applications get written that take advantage of the
way IPv6 solves these problems. I personally believe so, and I am busy
enabling application writers doing that. We shall see...
-- Christian Huitema
water works. His one-eyed devotion to
this
task was, well, determined. Keith sort of puts me in mind of Cato...
Carthage was eventually destroyed, but Cato died before that.
-- Christian Huitema
of the problem.
By the way, while Microsoft certainly contributed to the fundation of the UPNP Forum,
the UPNP/IGD is not exactly a Microsoft specification.
-- Christian Huitema
. It propagates by social engineering,
when users open some executable attachments. User can do click on
attachments with many mailers, not just Outlook and OE. In fact, the
latest versions of Outlook automatically strip such attachments.
-- Christian Huitema
include its own DNS code, probably in order to get the MX
records of its targets. This DNS agent is parameterized to start any
look-up at the A-root, with the side effect of overloading this root
server.
-- Christian Huitema
this mean we can stop the virus and associated spam just by
switching
off the A root?
I would suggest that you engage in serious testing before trying
anything like that!
-- Christian Huitema
release -- say, Sobig.G.
The better question for the IETF is whether we should do something to
SMTP to make it less easy to send spoofed mail.
-- Christian Huitema
with you.
Please explain or retract. I was the note-taker during that particular
session, and I don't recall ever stating that the chair's decision did
not reflect the result of the meeting.
-- Christian Huitema
that registry managed
in much the same way as the current registry of port numbers.
-- Christian Huitema
and brand it bad. It is far better to let the market be judge.
-- Christian Huitema
and routers so that their neck of the Internet is in
good health!
-- Christian Huitema
. The current size is
about double the size of 1992. That is significant, but not quite an
order of magnitude.
-- Christian Huitema
, October 26, 2003 9:35 PM
To: Christian Huitema; [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: Proposed statement quotes wrong numbers
Christian,
thanks for the correction.
We can quibble about the exact dates for a while, but I've made the
quip
quite a few times that the IETF has
of
Cryptographically Generated Addresses (CGA):
http://www.ietf.org/internet-drafts/draft-ietf-send-cga-02.txt
The purpose of SEND is secure neighbor discovery, i.e. preventing such
things as ARP spoofing.
-- Christian Huitema
not agree more!
Obviously, we need some amount of peer review before a white paper
draft becomes a white paper RFC, but I guess we know how to do that.
-- Christian Huitema
using Teredo now. As we go on deploying IPv6, we
have a chance to support these more complex topologies.
-- Christian Huitema
, nobody knows you're a dog. (A dog,
sitting at a computer terminal, talking to another dog.)
-- Christian Huitema
protocol and port, they can receive packets from the same five tuple
but are not guaranteed to receive other packets. This has an important
consequence for many IETF designed protocols, including indeed path MTU
discovery.
-- Christian Huitema
___
Ietf
public before the meeting and after.
-- Christian Huitema
___
Ietf mailing list
[EMAIL PROTECTED]
https://www1.ietf.org/mailman/listinfo/ietf
the customer by voice to check.
So the solution to Spam has to be a massive surrender of privacy!
I am afraid that you are falling in the very trap that you often
denounce, present you personal definitive solution to Spam...
-- Christian Huitema
messages.
-- Christian Huitema
___
Ietf mailing list
[EMAIL PROTECTED]
https://www1.ietf.org/mailman/listinfo/ietf
that describes Classical IP and ARP over Automatic
Teller Machines...
-- Christian Huitema
___
Ietf mailing list
[EMAIL PROTECTED]
https://www1.ietf.org/mailman/listinfo/ietf
format, so a large
random number can be used instead of a short registered number. In other
cases, like name resolution, that may require a technical break-through.
But we should definitely think about it!
-- Christian Huitema
___
Ietf mailing list
[EMAIL
to point to?
-- Christian Huitema
___
Ietf mailing list
[EMAIL PROTECTED]
https://www1.ietf.org/mailman/listinfo/ietf
.
-- Christian Huitema
___
Ietf mailing list
[EMAIL PROTECTED]
https://www1.ietf.org/mailman/listinfo/ietf
something like The earliest work was submitted to the IETF by Paul
Vixie [Vixie]; others include ... ASCII bits are cheap.
-- Christian Huitema
___
Ietf mailing list
[EMAIL PROTECTED]
https://www1.ietf.org/mailman/listinfo/ietf
the successive
versions.
-- Christian Huitema
___
Ietf mailing list
[EMAIL PROTECTED]
https://www1.ietf.org/mailman/listinfo/ietf
to the ISOC and the IETF
under any copyrights in the contribution. Note the words unlimited
perpetual -- definitely not limited to 6 months.
-- Christian Huitema
___
Ietf mailing list
[EMAIL PROTECTED]
https://www1.ietf.org/mailman/listinfo/ietf
y not be easy to use...
-- Christian Huitema
___
Ietf mailing list
[EMAIL PROTECTED]
https://www1.ietf.org/mailman/listinfo/ietf
, November 06, 2004 3:11 PM
To: Christian Huitema; Bob Braden; [EMAIL PROTECTED]; [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RE: IPv4 consumption statistics and extrapolations
I think Christian made very important points.
I'd like to add one point that I'm sure will sound like
TCP and OSI will continue in parallel or whether one will
replace the other. The proposal in 1992 to base an IPng on CLNP was
pretty much a continuation of these discussions, and it did indeed come
in quite early in the process.
-- Christian Huitema
for
the proposals that lead to IPv6 was precisely to have none of the OSI
baggage. For better or worse, it was mostly defined as just IPv4 with
larger addresses.
-- Christian Huitema
___
Ietf mailing list
[EMAIL PROTECTED]
https://www1.ietf.org/mailman
passes a resolution approving the RFC. This is the
ISOC ink.
Simple, and uses the tools of each organization.
-- Christian Huitema.
___
Ietf mailing list
[EMAIL PROTECTED]
https://www1.ietf.org/mailman/listinfo/ietf
a particular bank account structure does not appear helpful.
What is helpful, on the other hand, is a yearly report explaining how
the contributions are actually used. Even large companies like Microsoft
don't like signing $100,000 checks without knowing how the money will be
spent.
-- Christian Huitema
unattended at a Paris airport, in a train station, or generally in a
public place. The standard procedure is to blow it preventively...
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
Could you please pursue this rather technical discussion on a
specialized list, rather than the main IETF list?
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
, there
should be some kind of automatic exemption, maybe by allowing drafts to
use an N+1 version number.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
requires being a little bit more proactive. Keeping
the version number while changing the prefix is probably a good idea.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
of every country outside the European Union --
including the US. Do you see the parallel with the current US
legislation?
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
the best possible job for the duration of
your mandate, then voluntarily withdraw and let someone take the next
watch.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
, which in my
mind is too long. As you point out, in practice, people tend to not stay
much longer than 4 years -- and we should thank them for serving even
that long. There were a few examples of AD serving for 10 years or more,
it is not the case anymore, and that is very well.
-- Christian Huitema
as more efficient
than complete fragmentation. On the other hand, there is no excuse for
delays created by bureaucratic processes and arbitrary pocket vetoes.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman
should not lure clients to
accept challenges from unauthenticated servers.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
available for numbering both the hop by hop
and the end to end options. That makes for a grand total of 32, of which
three are assigned by basic IPv6 specs. So, there really are good
reasons to be somewhat conservative with the assignments.
-- Christian Huitema
?
For those interested in self training, I recommend the book Writing
Secure Code, Second Edition by Michael Howard and David LeBlanc
(http://www.microsoft.com/mspress/books/5957.asp).
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1
this knowledge in the local name servers, thus avoiding undue
traffic to the root servers without risking interop issues and name
conficts in local naming plans.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
name as it move to
different locations. There were ample debates of this point in the
working group, and the decisions to not creating special names and
not linking names to topology do reflect WG consensus.
-- Christian Huitema
___
Ietf mailing list
Ietf
that use in applications.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
interfaces, and not
through others. To be sure, systems end up sending the requests on
multiple interfaces.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
they would not be breaking any regulation.
-- Christian Huitema
___
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
revisions. An XML format is going
to be much less stable than the current status!
As a preparation tool, XML2RFC is probably OK. But it cannot be as
stable and future proof as ASCII text as a final product format.
-- Christian Huitema
___
Ietf mailing
1 - 100 of 190 matches
Mail list logo