[AusNOG] Consensus from the IETF 88 Technical Plenary - Internet hardening

Dobbins, Roland rdobbins at arbor.net
Sat Nov 9 15:36:13 EST 2013 

[The views and opinions stated in this email message are my own, and are not representative of any other individual, group, or organization, including my employer.]

On Nov 9, 2013, at 11:01 AM, Paul Brooks <pbrooks-ausnog at layer10.com.au> wrote:

> This is not about Arbor. This is not about you.

Thank you for that, I'm grateful for the opportunity to finally depersonalize this discussion.

;>

> That said, claiming that making DDoS mitigation harder is too high a price to pay for taking steps to protect the world communications infrastructure from undesirable and often illegal domestic and foreign government snooping of private communications is, with respect, somewhat silly.

I agree with you 100% that there are things that folks can and should do in order to make themselves and their data more resistant to blanket governmental surveillance.  The fact of the matter is that there are existing technological means for raising the bar, but most folks don't utilize them effectively (not that I think raising the bar matters much vs. huge governmental intelligence bureaucracies, mind).

A seemingly-eternal problem with cryptography in general is that it's very difficult to implement correctly, and very difficult for non-specialists to use it effectively.  A lot of people who're a lot smarter than I am have literally spent millennia working on these issues, and yet the usability and efficacy of cryptosystems is still very low.  

While I'm concerned about making DDoS mitigation harder, I'm really concerned about the unintended consequence making it well-nigh impossible (for example, with everything encrypted, all the time, inter-ISP cooperative mitigation efforts go out the window), and about what I believe to be technical placebos which do nothing to resolve the underlying social problems which have resulted in the situation in which we all now find ourselves.

If we can't maintain the availability of the world communications infrastructure, we all lose.  We *must* make sure that any proposed technical defenses against pervasive governmental surveillance make allowances for the ability to maintain availability.

> We're looking at the forest burning,  while you expertly hose down a single tree.

Another way of putting it is that you're looking at the forest burning, while I'm looking at it being bulldozed flat, and the ground being sown with salt, afterwards.

;>

Please understand, I'm very concerned about confidentiality and integrity, and always have been:

<http://www.csoonline.com/article/print/521619>

All I want to see happen is that the underlying societal problems are addressed, and that the entire problem-space, including availability, is taken into account in any proposed technical solutions.  So far, what I've seen is that availability is getting short shrift, per usual, and I'm very concerned about that.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

	  Luck is the residue of opportunity and design.

		       -- John Milton

More information about the AusNOG mailing list