[ih] Gateway Issue: Certification (was Re: booting linux on a 4004)

[Jack Haverty]

Thanks, Greg and Barbara.   I hadn't heard of UNH's lab or NIST's test 
suites.  It's good to see that somebody's doing something.

I think a real measure of such testing and certification is the extent 
to which organizations, or even individuals, are using such tests and 
certificates to influence their purchasing decisions.    I don't recall 
ever seeing a NIST or UNH logo or other indication that a product passed 
their tests or that an ISP I might sign up with provides some specific 
certified "capability".   But of course I wasn't really looking for such 
labelling either.  I wonder if Copilot has any info on that...?

NIST's states that certain "IPV6 capabilities ... have since failed to 
achieve significant support ..."   That statement implies that NIST has 
data about what "capabilities" are in fact present in products and/or 
actually used in operational networks.   I wonder what they know, how 
they learned it, and whether or not they certified it by testing.

I haven't used Copilot, but I've been playing a bit with GPT4All running 
on my desktop.  So far, I'm not impressed much.  I fed it a large folder 
of "network stuff" I've collected over the decades - emails, papers, 
reports, documents, and anything else I've gleaned from the email forums 
or the Web.   I then asked it when was the first gateway on the 
Internet.  It reported back that the first gateway on the Internet was 
the Arpanet circa 1970.   Not quite what I expected.

Jack

On 10/4/24 10:40, Barbara Denny via Internet-history wrote:
>   Since you mentioned NIST. Just a FYI pulled from the UNH site.
> 'We offer ISO/IEC 17025 accredited testing designed specifically for the USGv6 Test Program. USGv6 is a test program designated by NIST that provides a proof of compliance to IPv6 specifications outlined in current industry standards for common network products. It is meant as a strategic planning guide for USG (United States Government) IT acquisitions to help ensure the completeness, correctness, interoperability and security of early IPv6 product offerings so as to protect early USG investments in the technology."
>
> Also more on USGv6
> https://www.nist.gov/programs-projects/usgv6-program/usgv6-revision-1
>
> It is rather interesting (too mild a word?) about their potential IETF involvement.
> As an example from the site
> "To remove specifications for IPv6 capabilities included in the first version of the profile, but that have since failed to achieve significant support in commercial products and network deployments."
> barbara
>      On Friday, October 4, 2024 at 12:19:16 AM PDT, Greg Skinner via Internet-history<internet-history at elists.isoc.org>  wrote:
>   
>   On Oct 3, 2024, at 9:44 PM, Jack Haverty<jack at 3kitty.org>  wrote:
>> On 10/3/24 19:13, Greg Skinner wrote:
>>> Here are some key IETF specifications that are typically supported:
>> Bing says macOS implements a "wide range" of specifications are "typically" supported?  Does that mean they are or aren't implemented in the code?  Who says so - the programmer, the Marketing literature, or an independent trusted third party?  What document did they use as specifications for all those protocols and mechanisms?  What does "support" mean?  There are also hordes of ancillary RFCs defining methods for things like queue management, flow control, retransmission, etc.  Which, if any, of them are implemented?  Did anybody test the code to see if it correctly follows the specs?  Who?
>>
>> Sorry, such documentation tells me very little.
>>
>> Jack
>> <OpenPGP_0x746CC322403B8E50.asc>
> OK, so I decided to make my question to Bing Copilot a bit more specific, just to see what came up.
>
> ====
>
> Is there an independent trusted third party that I can use to verify that BGP implementations conform to IETF BGP standards?
>
> Yes, there are independent third parties that can verify BGP implementations for conformance to IETF standards. One notable example is the **University of New Hampshire InterOperability Laboratory (UNH-IOL)**. They offer testing services for various networking protocols, including BGP, to ensure compliance with industry standards¹.
>
> Would you like more details on how these verification processes work or information on a specific aspect of BGP conformance?
>
> Source: Conversation with Copilot, 10/3/2024
> (1) RFC 4271 - A Border Gateway Protocol 4 (BGP-4) - IETF Datatracker.https://datatracker.ietf.org/doc/html/rfc4271.
> (2) Updated BGP Operations and Security - Internet Engineering Task Force.https://www.ietf.org/archive/id/draft-fiebig-grow-bgpopsecupd-00.html.
> (3) RFC 7353 - Security Requirements for BGP Path Validation - IETF Datatracker.https://datatracker.ietf.org/doc/rfc7353/.
> (4) undefined.https://datatracker.ietf.org/drafts/current/.
> (5) undefined.https://trustee.ietf.org/license-info%29.
> (6) RFC 9552: Distribution of Link-State and Traffic Engineering ....https://www.ietf.org/rfc/rfc9552.html.
> (7) RFC 7454 - BGP Operations and Security - IETF Datatracker.https://datatracker.ietf.org/doc/rfc7454/.
>
> ====
>
> It is able to give the UNH Interoperability Lab (which Barbara mentioned earlier) as a resource.  (I have heard of them, but have never interacted with them, as far as I can remember.)  Visiting a few of their pages reveals that they (claim to) do testing of several IETF protocols. [1]
>
> I’m not trying to claim that they should be held in the same regard as the NIST, but I haven’t seen anything yet that would cause me to distrust their claims.  (But I am reading this as someone who has a few decades of experience with the IETF.)  I don’t know how someone who, for example, is fairly new to IETF protocols, but very knowledgeable about IEEE 802 protocols would feel.
>
> --gregbo
>
> [1]https://www.iol.unh.edu/solutions/test-tools/intact
>
>    

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 665 bytes
Desc: OpenPGP digital signature
URL: <http://elists.isoc.org/pipermail/internet-history/attachments/20241004/931ba381/attachment.asc>