[ih] IETF relevance (was Memories of Flag Day?)
Dave Taht
dave.taht at gmail.com
Wed Sep 6 10:52:10 PDT 2023
On Wed, Sep 6, 2023 at 10:37 AM Frantisek Borsik via Internet-history <
internet-history at elists.isoc.org> wrote:
> DSA, DMA, DSM... GDPR in the past, or even that horrible CRA = Cyber
> Resilience Act are just a continued long list of garbage ideas out of
> Brussels.
>
>
> https://www.internetsociety.org/blog/2022/10/the-eus-proposed-cyber-resilience-act-will-damage-the-open-source-ecosystem/
> https://blog.nlnetlabs.nl/open-source-software-vs-the-cyber-resilience-act/
>
> Good intentions don't count, bad results do. Most of the evil in this world
> is done by people with good intentions.
>
That stings. Had we been able to imagine 100 Billion potentially malicious
devices on the internet, what would we have done differently? We were
blinded by the potential goodness of the things, and perpetually blindsided
by everything from the Morris worm, to spam. I sometimes look sadly at the
ensign handing "email" to Captain Kirk in the old star treks as a possible
outgrowth of the only way to ensure that a message got through, and was
acknowledged, in that future.
This enormous thread on hackernews went by on how to deal with IoT over the
past few days. The FCC was proposing to mere slap a label on devices
attesting to their cybersecurity. It was wonderful to see the FCC reach out
to that forum... with 866 well thought out, and often heated, responses as
I write.
https://news.ycombinator.com/item?id=37392676
To bring this thought back to the IETF component, as technologists, we have
failed, and the conventional mechanisms of society towards mis-deeds and
malfeasance need to migrate to the internet.
>
> All the best,
>
> Frank
>
> Frantisek (Frank) Borsik
>
>
>
> https://www.linkedin.com/in/frantisekborsik
>
> Signal, Telegram, WhatsApp: +421919416714
>
> iMessage, mobile: +420775230885
>
> Skype: casioa5302ca
>
> frantisek.borsik at gmail.com
>
>
> On Wed, Sep 6, 2023 at 2:31 PM Dave Crocker via Internet-history <
> internet-history at elists.isoc.org> wrote:
>
> > On 9/5/2023 9:36 PM, Jack Haverty via Internet-history wrote:
> > > My email program claims to have the ability to handle encrypted email,
> > > cryptographically verified signatures, certificates, and such, and
> > > there are lots of RFCs/Standards describing mechanisms for secure
> > > email. I don't know why none of my legal, medical, or financial
> > > providers chose to use such "on the shelf" technologies.
> >
> > Other than for transit-level email authentication crypto -- working at
> > domain name level -- email-based encryption has been unable to scale.
> > So, yes, your software includes those functions, but no, they are not
> > deemed viable for serious communications at scale.
> >
> > Hence some environments choose messaging functions that they can operate
> > solely under their control. (They rely on https for that 'at scale'
> > part of crypto.)
> >
> > d/
> >
> > --
> > Dave Crocker
> > Brandenburg InternetWorking
> > bbiw.net
> > mast:@dcrocker at mastodon.social
> >
> > --
> > Internet-history mailing list
> > Internet-history at elists.isoc.org
> > https://elists.isoc.org/mailman/listinfo/internet-history
> >
> --
> Internet-history mailing list
> Internet-history at elists.isoc.org
> https://elists.isoc.org/mailman/listinfo/internet-history
>
--
Oct 30: https://netdevconf.info/0x17/news/the-maestro-and-the-music-bof.html
Dave Täht CSO, LibreQos
More information about the Internet-history
mailing list