- From: Roberto Peon <grmocg@gmail.com>
- Date: Fri, 15 Nov 2013 00:14:01 -0800
- To: Bruce Perens <bruce@perens.com>
- Cc: HTTP Working Group <ietf-http-wg@w3.org>
- Message-ID: <CAP+FsNfRWK4pVvGxhwkfcYuhxS=bjM7mUhTMTRKSEM1=mPvUgg@mail.gmail.com>
On Thu, Nov 14, 2013 at 11:58 PM, Bruce Perens <bruce@perens.com> wrote: > On 11/14/2013 11:49 PM, Roberto Peon wrote: > > > When I think about how we got here, I'm fairly certain that there is no > MUST we could put into a document or spec, and there is no social > engineering that would have prevented us from reaching the state that we're > in today w.r.t. middleboxes. > > It seems to me that the major employment of firewall rules is to protect > from the unknown. We don't know what legitimate traffic would ever be on > that port, so we block it. > It is a solvable task to teach that this practice breaks the internet, and > to promote better practices. I don't see that it would be impossible to do > this with MUST rules in a specification, although that isn't the only means > available. > > The problem of port 80 traffic being handled incorrectly becomes much less > important if other ports are available. > Sure, I agree with the premise that we'd be in a better state if ports were available. But that seems like an educational problem, not a mechanical problem, and as such I am dubious about it being solvable in any near or medium-term timeframe (it takes 5+ years to get hardware replaced normally, I think?), assuming it is solvable at all. (Looking at education for even simpler things, apparently education is an extremely difficult problem...) I am in no way opposed to people trying to go down that path, of course... -=R
Received on Friday, 15 November 2013 08:14:30 UTC