Great Circle Associates Firewalls
(April 1997) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: NCSA - Dissing MJR? Not so.
From: "Marcus J. Ranum" <mjr @ nfr . net>
Organization: V-ONE Corp Baltimore office
Date: Wed, 9 Apr 1997 17:28:10 +0000
To: "'firewalls @ greatcircle . com'" <firewalls @ greatcircle . com>, Jonathan McCown <JMCCOWN @ ncsa . com>
Comments: Authenticated sender is <mjr @ mail . clark . net . >
Reply-to: mjr @ clark . net 
Jonathan McCown <JMCCOWN @
 ncsa .
 com> writes:
> Marcus helped us in the beginning, but felt we were
> not rigorous enough.  

Actually, that's not *quite* it. I feel there's an inherent tension
in any certification process depending, in a nutshell, on who is
paying for it. It's not that I felt that NCSA wasn't being rigorous
enough -- it's that I felt NCSA would always be between a rock
and a hard place, and your efforts would always be hampered
by questions about choosing the right level of rigorousness!!

When I think back to the discussions we had back then (and this was a
while ago!) I recall that I was mostly annoyed that the people who
really "owned" the problem stayed silent. Folks like NIST and other
(ahem) nameless branches of the government that also, because of
funding or procurement politics or office politics or the fact that
they've got an obsolete spook mindset couldn't contribute to a
certification effort.

I recall the bulk of the discussion went something like this --

mjr (philosophizing): The problem with certification is that to
                              certify something, you must first 
                              decide what is "good" and then only
                              certify things that are "good." This 
                              will tend to annoy those who don't
                              agree on your definition of "good."
Bales & Tippett:       BUT - a certification programme can be
                              useful without a globally accepted
                              definition of "good." We start with a
                              baseline criterion and keep raising
                              the bar from there.

Truth is, I think both positions are reasonable, but they can't
co-exist very well. What's funny is that in the long run, I think
my philosophical position was too extreme. I was ignoring the
fact that firewall technologies are now all approximately
equally "good" and that the biggest factor affecting an individual
firewall's security is how the end user configures it. I guess a
good analogy would be NTSB testing seatbelts -- as long as it
is strong enough, then the real problem is making sure that
the user *wears* it.

mjr.
-----
Marcus J. Ranum, Network Flight Recorder, Inc.
<A HREF=http://www.amazon.com/exec/obidos/ISBN=047118148X>New BooK!</A>
Personal:   http://www.clark.net/pub/mjr
Work:       http://www.nfr.net
Indexed By Date Previous: Re: Secure Email Client packages
From: Richard Hoffbeck <rwh @ visi . com>
Next: Cisco PIX vs Sun SPF vs Gauntlet.
From: Dan Brown <dbrown @ css . gov>
Indexed By Thread Previous: How to permit "IDENT" through PIX
From: Olivier Scotti <oscotti @ bnp . fr>
Next: NCSA - Dissing MJR? Not so.
From: Jonathan McCown <JMCCOWN @ ncsa . com>
Google
 
Search Internet Search www.greatcircle.com