OpenBSD in April's issue of the CACM

classic Classic list List threaded Threaded
21 messages Options
12
Reply | Threaded
Open this post in threaded view
|

OpenBSD in April's issue of the CACM

Wilhelm Brandt
I was just reading the April's issue of the Communications of the ACM (the
flagship magazine of the Association for Computing Machinery), and noticed
that OpenBSD and its developers were mentioned in one article, in a rather
negative way:

"Unfortunately, there is a segment of the open source community that
is
incapable of playing well with others, when those others don't play
the way
they want them to. For those who have not had to deal with these
 people, it's
a bit like talking to a four-year-old. When you explain
checkers to your
niece, she might decide that she doesn't like your
rules and follows her own
rules. You humor her, she's being creative,
and this is amusing in a
four-year-old. If you were playing chess with a
 colleague who suddenly told
you that the king could move one, two, or
three places in one go, you would
be pissed off, because this person
would obviously be screwing with you, or
insane.  Have I lost my mind?! What does this have to do with VRRP or network
protocols? The
 OpenBSD team, led as always by their Glorious Leader (their
words, not
mine), decided that a RAND license just wasn't free enough for
them.
They wrote their own protocol, which was completely incompatible with
VRRP. Well, you say, that's not so bad; that's competition, and we all
know
that competition is good and brings better products, and it's the
glorious
triumph of Capitalism. But there is one last little nit to this
 story. The
new protocol dubbed CARP (Common Address Redundancy
Protocol) uses the exact
same IP number as VRRP (112). Most people, and
KV includes himself in this
group, think this was a jerk move. "Why
would they do this?" I hear you cry.
Well, it turns out that they
believe themselves to be in a war with the
enemies of open source, as
well as with those opposed to motherhood and apple
pie. Stomping on the
same protocol number was, in their minds, a strike
against their enemies
 and all for the good. Of course, it makes operating
devices with both
protocols in the same network difficult, and it makes
debugging the
software that implements the protocol nearly impossible."
Here is the link to the article:
http://cacm.acm.org/magazines/2012/4/147357-the-network-protocol-battle/abstr
act

If you are not a member of the ACM, you can read it in ACM Queue, in which it
was published in January: http://queue.acm.org/detail.cfm?id=2090149

I somehow feel this is a very distorted view of what really happened. Perhaps
it would be good if somebody "official" wrote a Letter to the Editor
(Communications of the ACM publish them in every issue)?

Wil.

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD in April's issue of the CACM

Chris Bennett-11
On Tue, May 29, 2012 at 09:06:37PM +0100, Wilhelm Brandt wrote:

> I was just reading the April's issue of the Communications of the ACM (the
> flagship magazine of the Association for Computing Machinery), and noticed
> that OpenBSD and its developers were mentioned in one article, in a rather
> negative way:
>
> "Unfortunately, there is a segment of the open source community that
> is
> incapable of playing well with others, when those others don't play
> the way
> they want them to.



I don't want to play well with others.
I love the OpenBSD way.
You can play.
You can contribute, maybe accepted, maybe not.
Oh well, that's the way it goes. If my works sucks,
I won't be in the corner crying. Maybe my work will improve.
Maybe I don't care.
I'm accomplishing my software goals for myself with OpenBSD.
Hell, you can even sell it, change it, do whatever you want with it,
leaving in the license and author information, of course.



>For those who have not had to deal with these
>  people, it's
> a bit like talking to a four-year-old. When you explain
> checkers to your
> niece, she might decide that she doesn't like your
> rules and follows her own
> rules. You humor her, she's being creative,
> and this is amusing in a
> four-year-old. If you were playing chess with a
>  colleague who suddenly told
> you that the king could move one, two, or
> three places in one go, you would
> be pissed off, because this person
> would obviously be screwing with you, or
> insane.r

Now who is throwing a temper tantrum here?
The happy four year old or the stubborn do it my way only jerk?


>Have I lost my mind?! What does this have to do with VRRP or network
> protocols? The
>  OpenBSD team, led as always by their Glorious Leader (their
> words, not
> mine), decided that a RAND license just wasn't free enough for
> them.
> They wrote their own protocol, which was completely incompatible with
> VRRP. Well, you say, that's not so bad; that's competition, and we all
> know
> that competition is good and brings better products, and it's the
> glorious
> triumph of Capitalism. But there is one last little nit to this
>  story. The
> new protocol dubbed CARP (Common Address Redundancy
> Protocol) uses the exact
> same IP number as VRRP (112). Most people, and
> KV includes himself in this
> group, think this was a jerk move. "Why
> would they do this?" I hear you cry.
> Well, it turns out that they
> believe themselves to be in a war with the
> enemies of open source, as
> well as with those opposed to motherhood and apple
> pie. Stomping on the
> same protocol number was, in their minds, a strike
> against their enemies
>  and all for the good. Of course, it makes operating
> devices with both
> protocols in the same network difficult, and it makes
> debugging the
> software that implements the protocol nearly impossible."


Who cares. I don't.



> Here is the link to the article:
> http://cacm.acm.org/magazines/2012/4/147357-the-network-protocol-battle/abstr
> act
>
> If you are not a member of the ACM, you can read it in ACM Queue, in which it
> was published in January: http://queue.acm.org/detail.cfm?id=2090149
>
> I somehow feel this is a very distorted view of what really happened. Perhaps
> it would be good if somebody "official" wrote a Letter to the Editor
> (Communications of the ACM publish them in every issue)?
>
> Wil.

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD in April's issue of the CACM

Dominguez, Roland
In reply to this post by Wilhelm Brandt
I let my membership expire years ago and haven't seen a reason to
rejoin...ever.

If you are not a member of the ACM, you can read it in ACM
Queue, in which it
was published in January:
http://queue.acm.org/detail.cfm?id=2090149

I somehow feel this is a very
distorted view of what really happened. Perhaps
it would be good if somebody
"official" wrote a Letter to the Editor
(Communications of the ACM publish
them in every issue)?

Wil.

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD in April's issue of the CACM

Theo de Raadt
In reply to this post by Wilhelm Brandt
> I was just reading the April's issue of the Communications of the ACM (the
> flagship magazine of the Association for Computing Machinery), and noticed
> that OpenBSD and its developers were mentioned in one article, in a rather
> negative way:
>
> "Unfortunately, there is a segment of the open source community that
> is
> incapable of playing well with others, when those others don't play
> the way
> they want them to. For those who have not had to deal with these
>  people, it's
> a bit like talking to a four-year-old. When you explain
> checkers to your
> niece, she might decide that she doesn't like your
> rules and follows her own
> rules. You humor her, she's being creative,
> and this is amusing in a
> four-year-old. If you were playing chess with a
>  colleague who suddenly told
> you that the king could move one, two, or
> three places in one go, you would
> be pissed off, because this person
> would obviously be screwing with you, or
> insane.  Have I lost my mind?! What does this have to do with VRRP or network
> protocols? The
>  OpenBSD team, led as always by their Glorious Leader (their
> words, not
> mine), decided that a RAND license just wasn't free enough for
> them.
> They wrote their own protocol, which was completely incompatible with
> VRRP. Well, you say, that's not so bad; that's competition, and we all
> know
> that competition is good and brings better products, and it's the
> glorious
> triumph of Capitalism. But there is one last little nit to this
>  story. The
> new protocol dubbed CARP (Common Address Redundancy
> Protocol) uses the exact
> same IP number as VRRP (112). Most people, and
> KV includes himself in this
> group, think this was a jerk move. "Why
> would they do this?" I hear you cry.
> Well, it turns out that they
> believe themselves to be in a war with the
> enemies of open source, as
> well as with those opposed to motherhood and apple
> pie. Stomping on the
> same protocol number was, in their minds, a strike
> against their enemies
>  and all for the good. Of course, it makes operating
> devices with both
> protocols in the same network difficult, and it makes
> debugging the
> software that implements the protocol nearly impossible."
> Here is the link to the article:
> http://cacm.acm.org/magazines/2012/4/147357-the-network-protocol-battle/abstr
> act
>
> If you are not a member of the ACM, you can read it in ACM Queue, in which it
> was published in January: http://queue.acm.org/detail.cfm?id=2090149
>
> I somehow feel this is a very distorted view of what really happened. Perhaps
> it would be good if somebody "official" wrote a Letter to the Editor
> (Communications of the ACM publish them in every issue)?

I've seen this discussed in a few places.  It is completely distorted.
This will be my only mail about this, because there are always people
who want to rewrite history and the that author is one of them.

We have the email archives of the private communications with IETF,
IANA, Cisco, HP, Nokia, and other organizations to try to solve this
protocol/service issue going back almost 2 years before we released
the first CARP and pfsync code outside our group.

IANA refused to give us new unique protocol and service number because
we had not gone through the process of following the rules layed out
by the IETF VRRP guys.

Yet, we had discussions all the way up to the top to try to
solve this.  Let me quote the signature from one email -- and I had more
than 30 emails with this guy trying to find a way out of this:

        Robert Barr
        Patent Counsel
        Cisco Systems
        408-525-9706

Robert Barr was the one who could have said:  Sure, we abandon the claim
of HSRP on VRRP, and guess what?  We'd have simply gone to VRRP.

My vrrp email folder has 145 emails in it, all of them leading up to
the point where we abandoned efforts to work with IETF/IANA/Companies
and instead deployd a new protocol.  THE TERMS GIVEN TO USE WERE
IMPOSSIBLE.

IANA was saying that there was *no way in hell* that we would get new
protocol or service numbers, unless we submitted our work to a
standards commitee and let them mangle it.  Unlike the CACM author,
we're not stammering idiots.  We know exactly what would have
happened.  CARP would have been absorbed into IETF's VRRP plan and
spat out the other side in a few years with all the patent glue stuck
to it again.

There were too many people with big skin in the battle, since Alcatel
and Cisco were using the super lame VRRP / HSRP patent issue as one of
the components in some huge patent battles they had going on at the
time.

As a result of the big companies being involved in a patent war, IANA
abrogated their responsibility of being responsible, and instead
decided to be as spiteful and unrecognizing of the reason why we had
invented CARP.  Players in their midst were not toing to let an open
source alternative to a patented protocol come into being, when VRRP
was the very first RAND-licenced patented standard ever to come into
existance.

Everyone knows that the HSRP / VRRP patent thing is a load of bull.
But since this was the foundation of the RAND rules at IETF, noone
wants to back down on that one.  They'll back down on 200 other
patents first.

The story of this is described in the artwork for our 3.5 release, in the
left-hand column of http://openbsd.org/lyrics.html#35

Finally, unlike what the author says, VRRP and CARP interoperate just
fine today.  In the early days, when a few vendors had really buggy
VRRP their routers crashed.  But that is a reliablility/security problem,
since anyone could have injected such packets to cause those crashes.

And which vendors would those be?  HMM.  I WONDER!  Why, they'd be the
ones who I accuse of using their considerable clout at the IETF and
IANA to not give us unique numbers we can use.

After all, anyone can tell that the /etc/protocols file is full!

We went through every single step of politics to try to solve things.

Then we decided to deploy on the same fashion as VRRP, but with the
version number cranked.  We told all the people at IANA, IETF and
Cisco that we were going to take this action.  I just re-read that
mail.

At that point, they declined to ever reply again.  Who's the child now?

I will quote something one chunk of mail from Robert Barr at
Cisco:

    From: "Robert Barr " <[hidden email]>
    To: "'Theo de Raadt'" <[hidden email]>
    Subject: RE: Patent claims on VRRP
    Date: Tue, 21 Oct 2003 20:33:25 -0700
   
    I hope CARP is successful, I really do.
    Please think about my risk management comments tho. I am not trying to win
    any argument, just sharing my reality.

The author of the ACM article is a whining pathetic liar who lives in
the heart of the land where those powerful vendors operate.  It would
be really difficult for him to have another opinion on this matter.  He's
also a FreeBSD developer.

On the other hand, the ACM should be ashamed for having allowed that to
be published.  That, I think they should be contacted about.  Except check
out this URL:

    http://www.acm.org/acmelections/Secretary-Treas_G_Neville-Neil.pdf

See how this works?  George V. Neville-Neil is total slimeball.  Follow
the money and influence.

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD in April's issue of the CACM

Bryan Irvine
On Tue, May 29, 2012 at 1:40 PM, Theo de Raadt <[hidden email]>
wrote:

>> I was just reading the April's issue of the Communications of the ACM (the
>> flagship magazine of the Association for Computing Machinery), and noticed
>> that OpenBSD and its developers were mentioned in one article, in a rather
>> negative way:
>>
>> "Unfortunately, there is a segment of the open source community that
>> is
>> incapable of playing well with others, when those others don't play
>> the way
>> they want them to. For those who have not had to deal with these
>>  people, it's
>> a bit like talking to a four-year-old. When you explain
>> checkers to your
>> niece, she might decide that she doesn't like your
>> rules and follows her own
>> rules. You humor her, she's being creative,
>> and this is amusing in a
>> four-year-old. If you were playing chess with a
>>  colleague who suddenly told
>> you that the king could move one, two, or
>> three places in one go, you would
>> be pissed off, because this person
>> would obviously be screwing with you, or
>> insane.  Have I lost my mind?! What does this have to do with VRRP or
network

>> protocols? The
>>  OpenBSD team, led as always by their Glorious Leader (their
>> words, not
>> mine), decided that a RAND license just wasn't free enough for
>> them.
>> They wrote their own protocol, which was completely incompatible with
>> VRRP. Well, you say, that's not so bad; that's competition, and we all
>> know
>> that competition is good and brings better products, and it's the
>> glorious
>> triumph of Capitalism. But there is one last little nit to this
>>  story. The
>> new protocol dubbed CARP (Common Address Redundancy
>> Protocol) uses the exact
>> same IP number as VRRP (112). Most people, and
>> KV includes himself in this
>> group, think this was a jerk move. "Why
>> would they do this?" I hear you cry.
>> Well, it turns out that they
>> believe themselves to be in a war with the
>> enemies of open source, as
>> well as with those opposed to motherhood and apple
>> pie. Stomping on the
>> same protocol number was, in their minds, a strike
>> against their enemies
>>  and all for the good. Of course, it makes operating
>> devices with both
>> protocols in the same network difficult, and it makes
>> debugging the
>> software that implements the protocol nearly impossible."
>> Here is the link to the article:
>>
http://cacm.acm.org/magazines/2012/4/147357-the-network-protocol-battle/abstr
>> act
>>
>> If you are not a member of the ACM, you can read it in ACM Queue, in which
it
>> was published in January: http://queue.acm.org/detail.cfm?id=2090149
>>
>> I somehow feel this is a very distorted view of what really happened.
Perhaps

>> it would be good if somebody "official" wrote a Letter to the Editor
>> (Communications of the ACM publish them in every issue)?
>
> I've seen this discussed in a few places.  It is completely distorted.
> This will be my only mail about this, because there are always people
> who want to rewrite history and the that author is one of them.
>
> We have the email archives of the private communications with IETF,
> IANA, Cisco, HP, Nokia, and other organizations to try to solve this
> protocol/service issue going back almost 2 years before we released
> the first CARP and pfsync code outside our group.
>
> IANA refused to give us new unique protocol and service number because
> we had not gone through the process of following the rules layed out
> by the IETF VRRP guys.
>
> Yet, we had discussions all the way up to the top to try to
> solve this.  Let me quote the signature from one email -- and I had more
> than 30 emails with this guy trying to find a way out of this:
>
>        Robert Barr
>        Patent Counsel
>        Cisco Systems
>        408-525-9706
>
> Robert Barr was the one who could have said:  Sure, we abandon the claim
> of HSRP on VRRP, and guess what?  We'd have simply gone to VRRP.
>
> My vrrp email folder has 145 emails in it, all of them leading up to
> the point where we abandoned efforts to work with IETF/IANA/Companies
> and instead deployd a new protocol.  THE TERMS GIVEN TO USE WERE
> IMPOSSIBLE.
>
> IANA was saying that there was *no way in hell* that we would get new
> protocol or service numbers, unless we submitted our work to a
> standards commitee and let them mangle it.  Unlike the CACM author,
> we're not stammering idiots.  We know exactly what would have
> happened.  CARP would have been absorbed into IETF's VRRP plan and
> spat out the other side in a few years with all the patent glue stuck
> to it again.
>
> There were too many people with big skin in the battle, since Alcatel
> and Cisco were using the super lame VRRP / HSRP patent issue as one of
> the components in some huge patent battles they had going on at the
> time.
>
> As a result of the big companies being involved in a patent war, IANA
> abrogated their responsibility of being responsible, and instead
> decided to be as spiteful and unrecognizing of the reason why we had
> invented CARP.  Players in their midst were not toing to let an open
> source alternative to a patented protocol come into being, when VRRP
> was the very first RAND-licenced patented standard ever to come into
> existance.
>
> Everyone knows that the HSRP / VRRP patent thing is a load of bull.
> But since this was the foundation of the RAND rules at IETF, noone
> wants to back down on that one.  They'll back down on 200 other
> patents first.
>
> The story of this is described in the artwork for our 3.5 release, in the
> left-hand column of http://openbsd.org/lyrics.html#35
>
> Finally, unlike what the author says, VRRP and CARP interoperate just
> fine today.  In the early days, when a few vendors had really buggy
> VRRP their routers crashed.  But that is a reliablility/security problem,
> since anyone could have injected such packets to cause those crashes.
>
> And which vendors would those be?  HMM.  I WONDER!  Why, they'd be the
> ones who I accuse of using their considerable clout at the IETF and
> IANA to not give us unique numbers we can use.
>
> After all, anyone can tell that the /etc/protocols file is full!
>
> We went through every single step of politics to try to solve things.
>
> Then we decided to deploy on the same fashion as VRRP, but with the
> version number cranked.  We told all the people at IANA, IETF and
> Cisco that we were going to take this action.  I just re-read that
> mail.
>
> At that point, they declined to ever reply again.  Who's the child now?
>
> I will quote something one chunk of mail from Robert Barr at
> Cisco:
>
>    From: "Robert Barr " <[hidden email]>
>    To: "'Theo de Raadt'" <[hidden email]>
>    Subject: RE: Patent claims on VRRP
>    Date: Tue, 21 Oct 2003 20:33:25 -0700
>
>    I hope CARP is successful, I really do.
>    Please think about my risk management comments tho. I am not trying to
win

>    any argument, just sharing my reality.
>
> The author of the ACM article is a whining pathetic liar who lives in
> the heart of the land where those powerful vendors operate.  It would
> be really difficult for him to have another opinion on this matter.  He's
> also a FreeBSD developer.
>
> On the other hand, the ACM should be ashamed for having allowed that to
> be published.  That, I think they should be contacted about.  Except check
> out this URL:
>
>    http://www.acm.org/acmelections/Secretary-Treas_G_Neville-Neil.pdf
>
> See how this works?  George V. Neville-Neil is total slimeball.  Follow
> the money and influence.
>

Theo,

I couldn't help but notice that you completely side-stepped the
'glorious leader' part.  So, is it true then?  ;-)

-B

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD in April's issue of the CACM

Theo de Raadt
In reply to this post by Dominguez, Roland
> I let my membership expire years ago and haven't seen a reason to
> rejoin...ever.
>
> If you are not a member of the ACM, you can read it in ACM
> Queue, in which it
> was published in January:
> http://queue.acm.org/detail.cfm?id=2090149

Yes, and people can even comment there, too.  Looks like a few already
have.  However, it is unlikely that the ACM staff will read those
comments unless this is brought to their attention, so I agree with
you in general:

> I somehow feel this is a very
> distorted view of what really happened. Perhaps
> it would be good if somebody
> "official" wrote a Letter to the Editor
> (Communications of the ACM publish
> them in every issue)?

However, I myself will not send them a letter.  If an organization
with the size and reputation of ACM cannot self-police their own
authors before publishing, then they do not have a high reputation
after all, and it is not worth my time writing a dispute to them.
However, others might want to...

I want to make it very clear that we tried very hard to get this
resolved correctly with the right organizations.  They left no leeway.

The IETF and IEEE way is "Only we build standards, and then we invite
vendors to add IPR statements for things they snuck in".

Early on, the CARP codebase was basically a VRRP clone.  Developers
wanted it into the tree; something like it was needed for pfsync to
work well.

Normally we don't care about patents, but this situation was risky.
VRRP was the *very first* standard that the IETF accepted a IPR
statement for; it was the start of the RAND scheme of allowing
standards to have patent claims; of mandating the publishing of the
rights-holders by name in the standard document; the IETF/ISG were
playing a game with the vendors to make sure that patent statements
were in the face of anyone trying to follow the standards, so that
they could not later claim they did not know.  It was corporatism to
the top.  IETF claims having those IPR statements there is not their
own claim, but that position is retarded.

What if tomorrow I requested IETF to add a Theo de Raadt IPR statement
to about 20 standards.  They'd laugh at me.  For the big boys though,
they bend you over.

Since VRRP was the first one, we had to be careful, and it was
valuable to try to improve the situation through politics.

Secondly, at the time Cisco and Alcatel were in a big battle over various
patents, and the Cisco HSRP / VRRP IPR bullshit was included, not just
as the foundation of the IETF IPR model, but as an item on its own.  We
did not want to get dragged in.

So that is why CARP became incompatible.  Some developers, primarily
Ryan McBride, intentionally build a protocol that would point-by-point
avoid any of the claims of the patents Cisco / HP / IBM held here, and
then he adapted the proposed VRRP clone code to that new model.  At
the same time I continued laying on political pressure to find another
way.  Eventually we had to get ports and services to make CARP and
pfsync work nicely, and then IANA stood up and did not want to talk
about the situation because we had not followed the process of only working
through IETF.

In that model, only rich companies can design protocols on an open
internet.  Not a world I want to live in.  Any vendor can decide if
they want our stuff to pollute their network.  Somehow, in 2005
FreeBSD and other projects decided they did, partially because the
VRRP patents did worry them too.

I dug a bit into the archives, and wow there is some crazy stuff to
show.  I cannot show it as a whole, since a lot of people at vendors
also affected by the patents did stick their necks out to try to solve
this, and it would require substantial editing to clean it.

But I can show some bits, if they are mostly by me.  Here is a mail
from early on showing how neither IETF nor Cisco wanted to improve the
situation.  This mail is mostly written by me (I did fix one spelling
error), which makes it easier to show; it shows what we wanted to
solve.  It shows that we are not babies, but much more grown up and
trying to be responsible to society than the companies trying to fuck
everyone over.  It is better than my normal form, so some other
developer must have helped me write the mail.

Yes, this mail is in response to private but cc'd mails sent by two
very big organization heads.  I don't care if that makes them unhappy.
The points I make in this mail are way bigger than their positions.
If you are not familiar with their names you'll need to google a bit
to realize I was talking to "The Right People" (even if they kept
saying they are not).  For one of them, check out how the revolving
door works:

    Fred Baker <[hidden email]>
and
    en.wikipedia.org/wiki/Fred_Baker_(IETF_chair)

That is what we are up against.  I also did talk a lot to Robert
Barr.  None of it was going anywhere.

So I was there, fighting that patent battle -- and we tried to do it
by going after the *very first network patent* recognized by people who
lied about being about standards.

And where was George V. Neville-Neil?  According to his resume he was
working for Wind River in their VxWorks network group, which means he
was working on a software product designed to be sold to these kinds
of big vendors influencing IETF, IEEE, and IANA, so you can follow the
money and realize why he was quiet about patents then, and now accuses
those who fight patents.  He does not understand that it is people
just like him, making loads of money, that are the real problem, and
that he is just not qualified to rewrite history.

By the way, nowadays he is also on the board of directors of the FreeBSD
Foundation:

    http://forums.freebsd.org/showthread.php?t=30292

Partisan politics?  No, you don't say.

------
From: Theo de Raadt <[hidden email]>
To: Fred Baker <[hidden email]>
cc: Bob Hinden <[hidden email]>
Subject: Re: VRRP and OpenBSD
In-reply-to: Your message of "Sat, 25 Aug 2001 09:47:15 +0800."
             <[hidden email]>
Date: Fri, 24 Aug 2001 21:48:11 -0600
From: Theo de Raadt <[hidden email]>

> At 04:33 AM 8/25/2001, Bob Hinden wrote:
> >They also view that statements on the IETF web site and in the VRRP RFC as
> >the IETF having validated Cisco's claims.
>
> I have forwarded your note to corporate counsel, which is the folks that
> handle these issues. In many respects, I'm just another engineer at Cisco
> when it comes to the business side of things.

Thanks.

> That said, the above statement is preposterous. The IETF statement is that
> Cisco has asserted that certain things are true. Whether Cisco's assertion
> is in fact true is not the IETF's to say.

Unfortunately, IETF including such a statement in their literature
will be interpreted by a court as us having been informed before
implimenting.  Secondly, courts may be stupid, but the fact that a
body of engineers as large as IETF saw no problem with such claims,
and took no particular issue, will serve in part as validation of the
existance of such claims.  Even if IETF goes out of it's way to say
that no such validation is happening.

I consider this similar to how IETF had to get involved in the SSH
trademark issue last year.  It may be IETF's wish to avoid such
things, but there are many of us who will actively try to prod IETF
into doing the right thing.

An internet depending on protocols that can only be implimented if you
hold a large patent portfolio?  How completely obsurd.

Now, in the future, IETF is in a position to avoid such things from
the start.  Now that VRRP is a standard, the only way I feel for us to
be heard in the future is for us to destroy VRRP by purposely
producing incompatible versions which avoid the patent.  Let us create
an example.  You may not agree with such a direction, but hey, in our
eyes doing so is not a "win vs. lose" situation, but rather a "win
vs. cannot lose" situation.

In any case, I suspect that these types of issues are going to pop up
with increased frequency in IETF proceedings.

Anyways, thanks for your help.

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD in April's issue of the CACM

Theo de Raadt
In reply to this post by Theo de Raadt
Wow, and look at this:

http://www.freebsd.org/news/status/report-2011-10-2011-12.html#The-New-CARP

Look at that last entry about talking to IANA!

Yet we -- who wrote the protocol -- never received a mail from any
of them.

So it is OK for him to accuse of us not going through the proper
channels, but he'll criticize us at every opportunity (google a bit,
you'll see) and he'll never talk to about why that happened.

George Neville-Neil is an hypocrite.

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD in April's issue of the CACM

mehma sarja
In reply to this post by Theo de Raadt
On 5/29/12 4:35 PM, Theo de Raadt wrote:
> However, I myself will not send them a letter. If an organization with
> the size and reputation of ACM cannot self-police their own authors
> before publishing, then they do not have a high reputation after all,
> and it is not worth my time writing a dispute to them. However, others
> might want to... I want to make it very clear that we tried very hard
> to get this resolved correctly with the right organizations. They left
> no leeway.
Thanks for the long post - it is obvious what happened and a good
history lesson. This changes something for me - over the next few
months, I will make a willful change away from Linux and FreeBSD where
possible and towards an OS which champions something we all should hold
precious, OpenBSD. I can see migrating file servers and firewall/boot
server over. The application server may be a bit difficult.

--
Yudhvir
`(/`)`('`(5`)`(0

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD in April's issue of the CACM

Eric Furman-3
In reply to this post by Wilhelm Brandt
And they came across so well themselves.
Ad hominem attacks on people they obviously know nothing about
except what they've been told. Real mature.
I thought it was pretty funny, actually.
Ya wanna know what really happened?
Big Corp came up with a good idea, but then implemented it
Badly and in addition tried to make it proprietary.
Of course everyone in the Open Source community knows that
NO protocol should be so. Protocols should be standards
based.

On Tue, May 29, 2012, at 09:06 PM, Wilhelm Brandt wrote:

> I was just reading the April's issue of the Communications of the ACM
> (the
> flagship magazine of the Association for Computing Machinery), and
> noticed
> that OpenBSD and its developers were mentioned in one article, in a
> rather
> negative way:
>
> "Unfortunately, there is a segment of the open source community that
> is
> incapable of playing well with others, when those others don't play
> the way
> they want them to. For those who have not had to deal with these
>  people, it's
> a bit like talking to a four-year-old. When you explain
> checkers to your
> niece, she might decide that she doesn't like your
> rules and follows her own
> rules. You humor her, she's being creative,
> and this is amusing in a
> four-year-old. If you were playing chess with a
>  colleague who suddenly told
> you that the king could move one, two, or
> three places in one go, you would
> be pissed off, because this person
> would obviously be screwing with you, or
> insane.  Have I lost my mind?! What does this have to do with VRRP or
> network
> protocols? The
>  OpenBSD team, led as always by their Glorious Leader (their
> words, not
> mine), decided that a RAND license just wasn't free enough for
> them.
> They wrote their own protocol, which was completely incompatible with
> VRRP. Well, you say, that's not so bad; that's competition, and we all
> know
> that competition is good and brings better products, and it's the
> glorious
> triumph of Capitalism. But there is one last little nit to this
>  story. The
#############################################################

> new protocol dubbed CARP (Common Address Redundancy
> Protocol) uses the exact
> same IP number as VRRP (112). Most people, and
> KV includes himself in this
> group, think this was a jerk move. "Why
> would they do this?" I hear you cry.
> Well, it turns out that they
> believe themselves to be in a war with the
> enemies of open source, as
> well as with those opposed to motherhood and apple
> pie. Stomping on the
> same protocol number was, in their minds, a strike
> against their enemies
>  and all for the good. Of course, it makes operating
> devices with both
> protocols in the same network difficult, and it makes
> debugging the
> software that implements the protocol nearly impossible."
###############################################################

My favorite part is above. This shit cracks me up.
Now imagine if there were proprietary tcp protocols.
All sorts of different devices running there own version.
Yes it would be a nightmare.

> Here is the link to the article:
> http://cacm.acm.org/magazines/2012/4/147357-the-network-protocol-battle/abstr
> act
>
> If you are not a member of the ACM, you can read it in ACM Queue, in
> which it
> was published in January: http://queue.acm.org/detail.cfm?id=2090149
>
> I somehow feel this is a very distorted view of what really happened.
> Perhaps
> it would be good if somebody "official" wrote a Letter to the Editor
> (Communications of the ACM publish them in every issue)?
>
> Wil.

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD in April's issue of the CACM

Theo de Raadt
> My favorite part is above. This shit cracks me up.
> Now imagine if there were proprietary tcp protocols.
> All sorts of different devices running there own version.
> Yes it would be a nightmare.

I think you are mixing up things.  TCP?  No, that was another time, a
little later:

http://m.zdnet.com.au/cisco-to-patent-security-fix-139148177.htm
http://kerneltrap.org/node/3085

just google "cisco tcp patent" and add openbsd in there to see a
few more things.

Eventually almost all vendors handled this by integrating fixes
similar to what Markus Friedl had done in our network stack around a
year beforehands, which was then much further extended by Fernando
Gont over the two years.

Hmm, but in that mess, there is Robert Barr again.

http://www.ietf.org/ietf-ftp/IPR/cisco-ipr-draft-ietf-vrrp-ipv6-spec.txt
https://datatracker.ietf.org/ipr/421/

IETF and Cisco, sitting in a tree....

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD in April's issue of the CACM

ropers
With apologies for the "we" because I don't really speak for the
OpenBSD project, but maybe people will like this:

Port 112

"KV" demands that we atone
When we use ports we do not "own"
But leaves the corporate actors fine
Who take things that are yours and mine

KV sides with the corporate actor
Using the commons to encumber
And free CARP would a port still lack
Had we not gone and claimed it back

--
after a 17th/18th century protest poem,
author anonymous/unknown

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD in April's issue of the CACM

ropers
Alternatively:

KV sides with the corporate actor
Using the process to encumber

Or:

KV sides with the corporate actor
Killing the commons to encumber

On 30 May 2012 09:36, ropers <[hidden email]> wrote:

> With apologies for the "we" because I don't really speak for the
> OpenBSD project, but maybe people will like this:
>
> Port 112
>
> "KV" demands that we atone
> When we use ports we do not "own"
> But leaves the corporate actors fine
> Who take things that are yours and mine
>
> KV sides with the corporate actor
> Using the commons to encumber
> And free CARP would a port still lack
> Had we not gone and claimed it back
>
> --
> after a 17th/18th century protest poem,
> author anonymous/unknown

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD in April's issue of the CACM

Nomen Nescio
In reply to this post by Wilhelm Brandt
Unfortunately the "A" in ACM should really mean "Academic" instead of
"Association." The article you quoted is despicable and unbecoming of any
serious publication/organization. Because of their academic bent, there is
political correctness gone amok. But this went too far. It was mean-
spirited, hypocritical, but most of all stupid.

The best thing that came out of that inane, poorly-written piece, was Theo's
response here. Yes, OpenBSD people can be (usually strive to be?) a pain in
the ass, and they are just as childish (or not) as other humans, but when it
comes to technical issues, it is a safe bet things were done for the right
reasons. You cannot say that about many other projects.

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD in April's issue of the CACM

David Diggles-2
On Wed, May 30, 2012 at 12:10:34PM +0200, Nomen Nescio wrote:
> Unfortunately the "A" in ACM should really mean "Academic" instead of
> "Association."

Heh, I was going to say it reminds me of the efforts of the Unseen University,
to eradicate Sourcery from the Discworld.

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD in April's issue of the CACM

Simon Perreault-3
In reply to this post by Theo de Raadt
On 2012-05-29 19:40, Theo de Raadt wrote:
> http://www.freebsd.org/news/status/report-2011-10-2011-12.html#The-New-CARP
>
> Look at that last entry about talking to IANA!

The entry in question is:
"4. Work with IANA to get an official protocol number. gnn@ to handle."

This shows ignorance about how IANA works. You cannot "work with IANA".
IANA is a clerk. It maintains registries. It is a bookkeeping job. It
cannot make decisions of its own.

The IETF, and its steering group the IESG, are the ones who lay down the
rules that IANA must obey.

Protocol numbers are maintained at:
http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xml

The important bit is the "Registration Procedures", which are:
"IESG Approval or Standards Action"

These terms are defined here:
http://tools.ietf.org/html/rfc5226#section-4.1

       IESG Approval - New assignments may be approved by the IESG.
             Although there is no requirement that the request be
             documented in an RFC, the IESG has discretion to request
             documents or other supporting materials on a case-by-case
             basis.

       Standards Action - Values are assigned only for Standards Track
             RFCs approved by the IESG.

See also this RFC which specifically applies to protocol-numbers:
http://tools.ietf.org/html/rfc5237

Even though the IESG Approval route may look easier, in practice it is
exceptional for registrations to go through this path. There needs to be
some justification for not writing an RFC, usually based on urgency. In
the present case I don't see how they could present such a justification.

Simon

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD in April's issue of the CACM

Peter Laufenberg
In reply to this post by Eric Furman-3
>Ad hominem attacks on people they obviously know nothing about

Actually it's this kind of slander that brought me to OpenBSD. While looking for an OS that didn't embrace "Trusted Computing", I came across Theo's wikipedia entry which pounded on him so extensively that it raised a flag. Extra points for the stab from Linus "no-lube-needed/I-can't-feel-a-thing-by-now". Without the slander I probably would have stuck with Plan 9.

If you care about setting the record straight (or avoid further distortions) I suggest a short "in response to" section on openbsd.org, more reputable publications may pick it up and of course love being able to quote someone else criticising the powerful. Cherry on the cake would be a quip from Berners-Lee on how the Internet would look had he patented HTTP.

As for ACM, I dropped my subscription a year ago cause they were wasting my time on the crapper (admittedly quality reading time:)

> From: Peter Laufenberg [mailto:[hidden email]]
> Sent: Thursday, August 18, 2011 5:28 PM
> To: [hidden email]
> Subject: Re: Welcome to your second year as an ACM member!
>
> Hi,
>
> I would like to unsubscribe from ACM immediately; I understand there may be remaining months on my last credit card charge.
>
> My main motive is the wildly uneven quality of CACM articles. F.ex. the one about home networking explaining what "D-H-C-P" is so it can spawn a dozen pages.
>
> Thanks

Reply | Threaded
Open this post in threaded view
|

Re: Plan 9 to OpenBSD (Was Re: OpenBSD in April's issue of the CACM)

Peter Laufenberg
I'm not sure what you mean by social but Plan 9 development from Bell is pretty slow/opaque and the rest of the community scattered and headless. I don't care for Inferno and Rob Pike unfortunately took a job at Google ("why Rob, why??":-). Plan 9's file paradigm is great but their 3-button mouse UI is crap.

Security-wise Plan 9 doesn't have any creds, good or bad, but hardware support without source review is worthless, i.e. "you don't know where that code has been". OpenBSD's proactive about security and privacy (f.ex autoconfigprivacy to mask your MAC on ipv6 sockets), pf is unmatched, etc.

The only thing I miss is an X-less framebuffer in OpenBSD even it'd support just a console and text editor. IMHO X has to die, it's a huge pile of crap.

-- p


>Hi,
>
>Peter Laufenberg wrote on Wed, May 30, 2012 at 07:51:13AM MST:
>> Actually it's this kind of slander that brought me to OpenBSD. While looking
>> for an OS that didn't embrace "Trusted Computing", I came across Theo's
>> wikipedia entry which pounded on him so extensively that it raised a flag.
>> Extra points for the stab from Linus
>> "no-lube-needed/I-can't-feel-a-thing-by-now". Without the slander I probably
>> would have stuck with Plan 9.
>I have been using OpenBSD exclusively for the last 6 months and I really do
>prefer it (both technically and socially) to Linux (which I had used for the
>past 15 years) and FreeBSD (which I used to administer at work). I only
>started learning about Plan 9 over the past few months and I really like what
>I see so far. The one thing that is keeping me from trying to make more use of
>it is the lack of drivers for some of my hardware. I am curious about what led
>you to go from Plan 9 to OpenBSD. Were they technical in nature or social, or
>a little of both?
>
>Thanks,
>
>David

Reply | Threaded
Open this post in threaded view
|

Re: Plan 9 to OpenBSD (Was Re: OpenBSD in April's issue of the CACM)

Alexandre Ratchov-2
On Wed, May 30, 2012 at 09:27:32PM +0200, Peter Laufenberg wrote:
>
> The only thing I miss is an X-less framebuffer in OpenBSD even
> it'd support just a console and text editor. IMHO X has to die,
> it's a huge pile of crap.
>

A lot of us are dreaming of a framebuffer console (and X), but
nobody wrote the code yet.

-- Alexandre

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD in April's issue of the CACM

Kevin Chadwick-2
In reply to this post by Theo de Raadt
On Tue, 29 May 2012 17:35:40 -0600
Theo de Raadt wrote:

> to realize I was talking to "The Right People" (even if they kept
> saying they are not).  For one of them, check out how the revolving
> door works:
>
>     Fred Baker <[hidden email]>
> and
>     en.wikipedia.org/wiki/Fred_Baker_(IETF_chair)
>
> That is what we are up against.  I also did talk a lot to Robert
> Barr.  None of it was going anywhere.
>
> So I was there, fighting that patent battle -- and we tried to do it
> by going after the *very first network patent* recognized by people who
> lied about being about standards.

I knew about the protocol refusal. I had no idea Ciscos fell over on
deployment however. That's hilarious, they should pay the OpenBSD devs
for fixing their firewalls.

Would no work get done if members of supposedly independent bodies had
to have independent employees. It reminds me a little of Apple having a
member on the html5 standards team that vetoed Googles member (the other
apparently) as Apple wanted mp4 rather than having ogg as the
specified standard.

p.s. All the phones in use on the web and their accel
chips would have been replaced by now anyway.

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD in April's issue of the CACM

Kostas Zorbadelos
In reply to this post by Theo de Raadt
Theo de Raadt <[hidden email]> writes:

>> If you are not a member of the ACM, you can read it in ACM
>> Queue, in which it
>> was published in January:
>> http://queue.acm.org/detail.cfm?id=2090149
>
> Yes, and people can even comment there, too.  Looks like a few already
> have.  However, it is unlikely that the ACM staff will read those
> comments unless this is brought to their attention,

My ACM subcription ended a few months ago without renewing. I had seen
the article on Queue and fortunately I used the correct link in the
comments ;-)
If I still had a subscription and saw this article on CACM, I would be
really annoyed. Having an article on a personal space on a web site is
not (in my opinion) the same as a written article in the official
membership magazine of ACM.
I would definitely like to write them about it in complain, but I
certainly am not qualified to talk about the issue. The voice of the
main developers or OpenBSD project's representatives is much stronger
and authoritative.

Regards,
Kostas

12