On Mar 20, 2012, at 4:50 PM, Stephen Kent wrote:
> Eric,
>> ...
>>
>> This is being pedantic in a case where I do not think it is helpful.
>
> Well, I guess it's nice to know that you believe that being pedantic can
> sometimes be helpful :-).
For one: pedantic compilers are often helpful when it comes to static analysis.
By extension, _sometimes_ one can make the same argument (about static
analysis) to justify being pedantic for technical discussions... I'm kinda
surprised that you didn't know that... ;)
>
>> You're saying, ``yeah, we changed semantics OUTSIDE of the BGP protocol,
>> so that once _our_ semantics have decided it is ok to proceed, we can let
>> BGP do its thing...'' but the you basically go on to say ``oh yeah, and we
>> put our semantics _in_ BGP (thus changing it), and the results of our
>> process can greatly impact the global routability of BGP... but those aren't
>> changing BGP semantics...'' This falls right into the basic definition of
>> semantics...
>
> So, just for the record, I didn't say what you said above. (And I think you
> left off "... the end of civilization as we know it.") I may have a big
> mouth, but it's very inappropriate to stuff other people's words into it.
Indeed, I was attempting to paraphrase. To clarify, this was how I interpreted
your words, but our audit trail should clearly indicate that you did _not_ say
these things and that I was merely paraphrasing the message I interpreted from
you. Please accept my apologies for any misunderstanding about this.
>
> Let me try another, more concise phrasing. When one adds secruity to a
> protocol, the goal is to enable it to operate in a hostile environment with
> the same semantics that it offered in a non-hostile environment. Of course a
> secure version of a protocol will exhibit some differences in its operation
> from an insecure version, especially when one compares the two version in
> attacks scenarios.
Exactly! This is exactly what a semantic difference is! :)
> If that were not the case, we would not bother adding security to a protocol.
Very debatable. I wouldn't necessarily impugn the addition of security
semantics to a protocol (sometimes additional expressiveness is needed).
> The relevant question is whether the fundamental nature of the protocol is
> altered by the addition of security.
That may be a question you care about... It might even be one that the rest of
us care about, but that is different than claiming you have not added semantics
(which is where this started). This comment is changing the subject.
>
>> Also, the caveat that this is >30 year old thinking does not seem convincing
>> of its correctness (maybe that's just me).
>
> Well I am older than 30, so at least one interpretation of you critical
> comment above is accurate :-).
Speaking of malformed sentences:
s/you/your/
;)
>
> And, yes, maybe it is just you.
Or maybe a line of thought (``thinking'' as you put it) that has gone unchanged
in over 30 years is overdue for having its assumptions challenged. Security
(in particular) is a field in which the landscape changes, and stale vision can
lead to myopia... Many things in the Internet security theater have obviously
changed in 30 years, so the age of lessons does not necessarily correlate with
their relevance. :)
Eric
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr
