am supposed to write a 20 page report after reading the article by KV. Somehow i ended up reading the comments, and now i don't know what to include in my report. It interesting to note that the comments are more informative than the article.
Required
|
Tue, 19 Jun 2012 11:58:52 UTC
Proven completely wrong, yet he talks back. What a shameless person! Yeah, now people can really see for themselves, that the article is nothing more than a trivial butthurt (either caused by personal issues or financed by some 'nice' folks).
Kode Vicious
|
Fri, 01 Jun 2012 15:04:27 UTC
Thank you Theo. I believe that people can now see and judge your intent and your actions for themselves.
KV
Martin Schröder
|
Thu, 31 May 2012 21:45:10 UTC
And he was not elected: http://www.acm.org/press-room/news-releases/2012/acm-officers-2012
But he is still an editor of Queue.
Martin Schröder
|
Thu, 31 May 2012 21:41:46 UTC
>Good luck with your coming election as the ACM secretary/treasurer
The election is already over. :-(
Theo de Raadt
|
Thu, 31 May 2012 19:51:46 UTC
Did the IESG board (and the board members who play the revolving door at patent-holding vendors) refuse our protocol request with malice aforethought?
You would not want to ask that question, would you. Asking that would reduce your future employment options.
George, you are a Glorious Tool (first use of this term). Good luck with your coming election as the ACM secretary/treasurer:
http://www.acm.org/acmelections
With your vision, ACM will be on the same road as the IESG: Clouded with prejudice.
Pierre Marquet
|
Thu, 31 May 2012 18:59:10 UTC
Please edit this post and remove the wrong information. Such a post feels authoritative, it's dangerous and can spread in the mind of people. Please don't misinform the poor and unaware public.
There is a fundamental problem here, vendors doing a business lobby right at the IETF table. Patents on standards are very very bad.
Kevin Chadwick
|
Thu, 31 May 2012 17:50:07 UTC
Please apologise and Swallow your pride KV.
Using terms like Glorious Leader in such a fashion otherwise what would be wrong with it and which don't turn up on Google is simply childish.
Theo de Raadt
|
Thu, 31 May 2012 17:22:32 UTC
When you propose that it was malice (your word), you should probably have some proof. Supposition and questioning is below the required standard.
We put CARP on the same protocol as VRRP. Bute note that the packets can be differentiated. A VRRP implementation must validate the packets fully according to the RFC, ignoring any invalid ones, since they are either noise or a "future version". Without such validation, a VRRP implementation will misbehave when a future variation of the protocol arrives. We created no risk for conforming VRRP implementations. See RFC3117 for the principles behind making such decisions.
Essentially, we had to choose one of these:
1) Give up deploying CARP as a protocol, accepting the IESG
refusal of a protocol number.
2) Follow the IETF process: Write up the protocol, hand it to the
conflict-ridden VRRP commitee who would make changes to the
protocol, and eventually discover a Cisco IPR statement
attached to the standard. Robert Barr (Cisco Patent Council) said
he believed -- not even having seen the CARP specification --
that CARP would infringe HSRP. IETF would have killed CARP.
3) Reuse the VRRP protocol number, with a clearly incompatible
and differentiatable packet format.
4) Allocate a new protocol number (say 222), randomly but unused,
without IANA involvement.
We were unaware of any other options. Don't bother inventing other options. It is water under the bridge, CARP is on layer 2 networks everywhere, so we obviously did not choose option 1. You can judge us only for the option we chose, out of the options we saw.
I spent more than a year politic'ing in email with vendors, IESG, and IETF VRRP, and made no headway towards solving the patent debacle -- I exposed myself to lawsuit threads from Cisco. During this time, KAME became aware that VRRP6 had an IPR statement, and deleted their VRRP6 code.
I put OpenBSD and myself out there against restrictive politicies by vendors clearly manipulating standards commitees. You participate in FreeBSD, which has this CARP code in their tree for almost a decade now, and then you attack us!
I believe our choice to put CARP onto the VRRP protocol turned out to be the best for layer 2 networks. In hindsight, it appears better than option 4 described above. VRRP implementations which were doing incomplete validation were fixed; some were found to have holes (HP).
Your accusation of malice without proof, is itself malicious. It is slander. It is far below the standards that ACM holds.
I recommend you read http://www.acm.org/about/code-of-ethics
Kode Vicious
|
Thu, 31 May 2012 14:54:14 UTC
Yet again, neither of you have addressed the question. Was that protocol number chosen with malice aforethought? If you can show that it was not chosen that way then I suggest you write an actual rebuttal and send it to ACM for publication. ACM is usually quite pleased to publish letters.
Chris Lawson
|
Wed, 30 May 2012 23:38:22 UTC
Who are you hoping to convince with this rearguard action, KV? Most of us criticizing you have already read the whole story, and it won't be hard for the casual visitor to unearth the relevant list emails with some quick searching. Your article is a fine example of one-sided agenda-driven story-telling.
Glenn Becker
|
Wed, 30 May 2012 19:56:33 UTC
"I'll even save everyone the time of clicking through the link, here is what he wrote."
You are correct. It works much better without context, doesn't it?
Kode Vicious
|
Wed, 30 May 2012 18:36:39 UTC
I find it interesting that only one of the comments directly addresses what I wrote about. Did the developers of CARP intentionally pick a previously assigned protocol number in order to make a statement?
Not to put too fine a point on it, but it is clear from the statements by Theo de Raadt here: http://kerneltrap.org/node/1021 that adherence to standards or playing well with others were not on his, and therefore OpenBSD's, agenda. I'll even save everyone the time of clicking through the link, here is what he wrote:
> From: Theo de Raadt [email blocked]
> Subject: Re: CARP
> Date: Fri, 17 Oct 2003 16:30:49 -0600
> > I do not understand much of the IETF workings, but I wonder if it
> > makes sense to enter this into the standards track? Or is it worth
> > it?
> Why bother. This issue came up because IETF didn't stand up to Cisco
> years ago.
> The entire issue of RAND "patents allowed in standards" balony came up
> first over VRRP, now other groups have allowed it to happen too, or like
> W3C finally cleaned up their act...
> IETF is the problem.
Glenn Becker
|
Wed, 30 May 2012 15:54:41 UTC
And to think I was considering joining this "professional organization."
I received an invitation in the mail a couple of days ago. I will now file it appropriately, with the appropriate level of disgust.
Russell Garrison
|
Wed, 30 May 2012 13:31:01 UTC
The description of what happened with OpenBSD and CARP leaves much to be desired. We would be much, much worse off without these "four-year-olds" working very hard to provide quality code free from the grasp of patents and IP claims. The best part is that even if you don't agree with them you can still merge their code into your project's code and then perhaps use your "connections" with the IANA to get an official protocol number. OpenBSD has always been dedicated to that concept and that was their reason for ultimately increasing the version number in the header so you would still be able to filter it once your gear was updated. It was not because they are some kind of impatient child who writes a half-baked analogy in a professional blog. Next time please stick to hypothetical scenarios.
Chris Lawson
|
Wed, 30 May 2012 11:37:13 UTC
It's shameful that this article was published under the aegis of a professional organization.
Awesome
|
Wed, 30 May 2012 08:21:20 UTC
"Unlike the CACM author, we're not stammering idiots."
:-)
Bonobo
|
Wed, 30 May 2012 08:18:49 UTC
I never used CARP, but isn't there an option to change the port number like openssh which can be changed from 22 ?
Regarding the article and ACM, maybe the author has an agenda ...
Matthew Dempsky
|
Wed, 30 May 2012 00:28:35 UTC
"The OpenBSD team, led as always by their Glorious Leader (their words, not mine)"
Citation needed.
Alex
|
Tue, 29 May 2012 23:17:51 UTC
Mr. George V. Neville-Neil wrote heavily biased and distorted story about OpenBSD.
It is evident, that ACM editors have not checked the facts (and author's affiliations) before publishing this childish, misleading and offensive article.
I hope that ACM will improve quality of their publications.
Required
|
Tue, 29 May 2012 21:56:52 UTC
Hey George, you were catch with pants down ;-)
http://marc.info/?l=openbsd-misc&m=133832434412686&w=2
Michael MacFaden
|
Mon, 09 Apr 2012 19:13:24 UTC
Not getting a port from IANA? Yeah that's something I would like to read about how transparent that IANA/IETF process was to be able to judge for myself what went on there.
I once worked for a company which like other commercial enterprises had a bevy of silicon valley lawyers. These lawyers went to great pains comparing Cisco/Tony Li's HSRP to VRRP and in the end found that there wasn't much risk of losing a court battle if it were to implement VRRP, be served by Cisco, and end up it court to settle it. The cost of court proceedings however would have been significant. So I suspect that's BSD ran away from the checkers game Cisco must play the game, it must defend patents, make them appear as broad as possible.
BSD either choose not to play the legal game or theyt think there is merit in the HSRP patents over VRRP. Or maybe they thought VRRP wasn't all that great a protocol and could do better. Wanna guess what really happened?
Rich
|
Thu, 05 Apr 2012 13:14:40 UTC
You seem to have missed out quite a bit of the history behind CARP.
Cisco threatened to sue OpenBSD if they (OpenBSD) implemented an open source version of VRRP. Licensing VRRP was not an option (the Cisco terms wouldn't let them). What were OpenBSD to do? They had no choice but to write their own (CARP), and it HAD to be completely different to VRRP in order to avoid being sued.
As the previous commenter also states, OpenBSD did make requests for a port number from IANA (for CARP and for another protocol; pfsync). IANA refused in both cases because OpenBSD had not gone through the "correct channels". I strongly suspect that has they gone through the "correct channels", IANA would still have found some other excuse to refuse the request.
I agree that deliberately using the same port number is not ideal, but I can see why the OpenBSD guys got so wound up about the whole thing that they did this.
Kostas
|
Mon, 30 Jan 2012 18:11:35 UTC
Dear KV,
I really don't mind people having their opinions and express them in any way they seem fit. However in a written document, together with various ironic characterizations I would expect at least a reference to the other gang's opinion. So here it is:
http://www.openbsd.org/lyrics.html#35
I am not an OpenBSD developer nor affiliated with the project in any way. I am just a user of their system (together with a lot of other systems) and I appreciate the hard work they put into it (of course they are not the only ones). Also, no-one can deny that they have offered useful free software to the world despite of the "difficult" reputation of personalities of core people involved. I have not personally had any bad experience with the minor interaction I had in their mailing lists. I hope I don't have any in the future :)
Samson | Fri, 28 Dec 2012 11:14:01 UTC
Required | Tue, 19 Jun 2012 11:58:52 UTC
Kode Vicious | Fri, 01 Jun 2012 15:04:27 UTC
Martin Schröder | Thu, 31 May 2012 21:45:10 UTC
Martin Schröder | Thu, 31 May 2012 21:41:46 UTC
Theo de Raadt | Thu, 31 May 2012 19:51:46 UTC
Pierre Marquet | Thu, 31 May 2012 18:59:10 UTC
Kevin Chadwick | Thu, 31 May 2012 17:50:07 UTC
Theo de Raadt | Thu, 31 May 2012 17:22:32 UTC
When you propose that it was malice (your word), you should probably have some proof. Supposition and questioning is below the required standard. We put CARP on the same protocol as VRRP. Bute note that the packets can be differentiated. A VRRP implementation must validate the packets fully according to the RFC, ignoring any invalid ones, since they are either noise or a "future version". Without such validation, a VRRP implementation will misbehave when a future variation of the protocol arrives. We created no risk for conforming VRRP implementations. See RFC3117 for the principles behind making such decisions. Essentially, we had to choose one of these: 1) Give up deploying CARP as a protocol, accepting the IESG refusal of a protocol number. 2) Follow the IETF process: Write up the protocol, hand it to the conflict-ridden VRRP commitee who would make changes to the protocol, and eventually discover a Cisco IPR statement attached to the standard. Robert Barr (Cisco Patent Council) said he believed -- not even having seen the CARP specification -- that CARP would infringe HSRP. IETF would have killed CARP. 3) Reuse the VRRP protocol number, with a clearly incompatible and differentiatable packet format. 4) Allocate a new protocol number (say 222), randomly but unused, without IANA involvement. We were unaware of any other options. Don't bother inventing other options. It is water under the bridge, CARP is on layer 2 networks everywhere, so we obviously did not choose option 1. You can judge us only for the option we chose, out of the options we saw. I spent more than a year politic'ing in email with vendors, IESG, and IETF VRRP, and made no headway towards solving the patent debacle -- I exposed myself to lawsuit threads from Cisco. During this time, KAME became aware that VRRP6 had an IPR statement, and deleted their VRRP6 code. I put OpenBSD and myself out there against restrictive politicies by vendors clearly manipulating standards commitees. You participate in FreeBSD, which has this CARP code in their tree for almost a decade now, and then you attack us! I believe our choice to put CARP onto the VRRP protocol turned out to be the best for layer 2 networks. In hindsight, it appears better than option 4 described above. VRRP implementations which were doing incomplete validation were fixed; some were found to have holes (HP). Your accusation of malice without proof, is itself malicious. It is slander. It is far below the standards that ACM holds. I recommend you read http://www.acm.org/about/code-of-ethicsKode Vicious | Thu, 31 May 2012 14:54:14 UTC
Chris Lawson | Wed, 30 May 2012 23:38:22 UTC
Glenn Becker | Wed, 30 May 2012 19:56:33 UTC
Kode Vicious | Wed, 30 May 2012 18:36:39 UTC
Glenn Becker | Wed, 30 May 2012 15:54:41 UTC
Russell Garrison | Wed, 30 May 2012 13:31:01 UTC
Chris Lawson | Wed, 30 May 2012 11:37:13 UTC
Awesome | Wed, 30 May 2012 08:21:20 UTC
Bonobo | Wed, 30 May 2012 08:18:49 UTC
Matthew Dempsky | Wed, 30 May 2012 00:28:35 UTC
Alex | Tue, 29 May 2012 23:17:51 UTC
Required | Tue, 29 May 2012 21:56:52 UTC
Michael MacFaden | Mon, 09 Apr 2012 19:13:24 UTC
Rich | Thu, 05 Apr 2012 13:14:40 UTC
Kostas | Mon, 30 Jan 2012 18:11:35 UTC