Re: BofA+Netscape

["Perry E. Metzger" <perry@imsi.com>]

Marc Andreessen says:
> >I told you in Email, Mr. Andreessen, that new transport level security
> >protocols are useless now that IPSP has come near to standardization
> >and now that prototype implementations are nearly available.
> 
> Great, IPSP looks fantastic and we look forward to supporting it
> as it moves through and beyond the "near" phase.

Given that you haven't read any IPSP documents, I can only interpret
your comments as sarcasm. If they aren't sarcasm, they represent more
of the same "why bother to do any research" attitude that got you into
trouble in the first place.

When I wrote you mail explaining that solutions on top of the
transport layer were becoming rapidly obsolete, you dismissed me off
hand, not even having bothered to check the literature on the
subject.

I don't mind an informed discussion in which individuals like yourself
say things like "I don't like the encapsulation formats proposed in
IPSP because they don't give me enough flexibility to do X" or things
of that nature. I wouldn't mind a "we examined IPSP and found it
lacking". However, you didn't even bother to look at anything I
mentioned. You dismissed it without knowing what it was. Your fellows
seem so ignorant on the subject that they think that network layer
security requires changes to the routing infrastructure (it does not
-- it can even be implemented at user level using BPF or NIT, though I
don't recommend that.)

The thing I find truly outrageous about the Netscape crowd is that you
apparently did some navel staring, came up with an idea internet
security, and proceeded to go off and do it. Not for one moment did
you consider the possibility that others might have already done
something worth looking at, or that it might even be already developed
and on its way to standardization.


Perry