Suresh Ramasubramanian wrote:
On Sat, Apr 12, 2008 at 2:34 AM, Barry Shein <bzs@world.std.com> wrote:
The lesson one should get from all this is that the ultimate harm of spammers et al is that they are succeeding in corrupting the idea of a standards-based internet.
huh? i think that, with their attacks, they are actually helping to drive improvements in the standards. of course, the disfunction of the standards organizations does not make this as clean a process and as much of a win as it could be. but considering that security was not very thoroughly designed in the original standards, we're not doing all that badly. it's always gonna be a chase.
The lesson here is that different groups at the same ISPs go to different places
i am not sure that is so much a lesson as an observation. the lesson may be, in part, that this is sub-optimal. can it be changed? how?
Packet pushers go to *NOG. And the abuse desks mostly all go to MAAWG. And any CERTs / security types the ISP has go to FIRST and related events. And most of them never do coordinate internally, run by different groups probably in different cities ...
"dear coo/ceo/whomever: i want approval to send the five folk who go to nanog, and the five folk who go to maawg, and the five folk who go to first to *all* go to the new frobnitz joint conference." think that'll fly? otoh, being on the frobnitz program committee would be an interesting lesson and exercise in industry physics. when i first joined acm ('67), i could keep up with a significant portion of the literature. now i maybe see a single digit percentage. the field has broadened. the ops and other applied areas have similarly broadened and specialized. we are victims of our own success. randy