Date: Wed, 25 Sep 1996 14:18:03 -0700 (MST) From: Terry Lambert <terry@lambert.org> To: jgreco@brasil.moneng.mei.com (Joe Greco) Cc: terry@lambert.org, jgreco@brasil.moneng.mei.com, wollman@lcs.mit.edu, jhs@FreeBSD.org, current@FreeBSD.org, commercial@FreeBSD.org Subject: Re: Licensing Software Message-ID: <199609252118.OAA06767@phaeton.artisoft.com> In-Reply-To: <199609252027.PAA08673@brasil.moneng.mei.com> from "Joe Greco" at Sep 25, 96 03:27:13 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> > This is a non-problem.
>
> Bull. If we continue to promote tying licenses, we are participating
> in creating the problem. You are either part of the problem or part
> of the solution.
"Yes or no: have you stopped beating children?"
You might as well argue that "it's the US farmer's fault for not
distributing the food properly that causes famine in Ethiopia"
This is the fundamental logical flaw, called "the law of the excluded
middle" which you get when you use silly Aristotilian means, which by
their formulation are only amenable to binary answers.
This is neither a part of a problem NOR a part of the soloution; it
is a perpetuation of a problematic situation for which we admit there
is no resonable soloution (or we would be discussing the soloution
rather than the acceptability of perpetuating the situation).
> > IPv6 solves this problem by making my address ranges independent of
> > my ISP/NSP: the address range is sufficiently enlarged, I can get a
> > range assignment of my own.
>
> I have yet to see a convincing argument that there will be a sufficient
> advance in router technologies to allow this.
>
> Do you understand why CIDR is currently deployed? Because routers can't
> handle the zillions of individual route advertisements.
I understand that IPv6 includes a variant prefixing mechanism which
allows address space addignment to perpetuate CIDR, and that when
using this mechanism, you can not include the prefix into you "unique
host ID", and thereby resolve the supposed "problem" caused by the
variant portion of the address space and/or CIDR requirements.
CIDR itself is a piece of crap soloution to allow perpetuation of
the idea that a service and a host share an identity, and therefore
there is no such thing as an equivalent for a server which exports a
connection oriented service of any kind. Service anonymity, if it
were implemented this way, could similarly resolve the route congestion
problem by localizing service references to any given network geometry,
and offloading the majority of heavy traffic from the backbones.
Of course, if you did this, the "pipe" would be completely commoditized,
and all these phone companies who have been crawling over each others
boies to "win" the ability to provide the pipes would lose their
investment in that battle.
C'est La Guerre.
> What you are saying is that somehow magically due to the address space
> getting bigger, this problem will solve itself.
No, I'm saying the problem is solvable using the CIDR abomination in
the prefix domain Garrett has already identified without resorting
to the NSP/ISP "owning" the address space.
Consider an address space divided as:
[ A ][ B ][ C ]
Where:
(A) Variant range for CIDR convenience, assigned per NSP/ISP
based on locality in the physical network topology
(B) Address space uniquifier for a given subscriber, independent
of network topology
(C) Addreses of machines in the subscriber region.
In a switch from NSP-to-NSP, only the (A) range changes; the (B) range
prevents (C) range collisions in the [ A ][ C ] space descriptor.
Thus we can (to our stupidity's content) perpertuate CIDR
"efficiently" and "conveniently", abomination though it is.
> I contend that there will be more discrete networks and that the problem
> will be worse.
I contend that this is purely a management issue, which must be
resolved by a purely management-based resoloution process. Even if
we take 6 bytes and give them the same tuples as the card hardware
address, that leaves 10 bytes for NSP/gemoetry identification and
subscriber identification.
> > > There is a definite need to be able to flexibly renumber.
> >
> > There's a need for a lot of things which somply aren't being addressed,
> > or less simply, are being purposely ignored.
>
> Such as...?
The fact that CIDR is necessitated by the stupid host/service
identity mechanism, and DNS "rotor" lists are not a good soloution
to the problem of cluster identification, and are an even worse
soloution to the problem of load balancing over time.
> > > Of course, when you switch Ethernet cards, you are screwed.
> >
> > So:
> >
> > A) Either: Don't switch ethernet cards
> > B) Or: accept that as part of the overhead associated with
> > switching ethernet cards, and make the decision, when
> > you make it, after taking that fact into account
>
> Yes, which isn't great after a lightning strike fries all of your NIC's
> because one machine had an internal modem and suffered a wire strike.
This is the universe's way of teching you to prevent these situations
before they arise. The problem is not that the fry occurred, but
that you allowed the situation to arise whereby a fry was possible in
the first place.
In simplest terms, being more stupid costs more money. It is an
evolutionary pressure which disincents stupidity. We should raise
such things to the status of *law* instead of decrying them! Luckiliy,
the universe has done this for us in this particular case...
> > > Although I will tend to think that's a better solution than IP address :-)
> >
> > Bleah. Show me a functioning IPv6 network where the variant portion
> > of the address can't be ignored to achieve the same effect as using
> > IP addresses.
>
> I don't see why it should be tied to something as potentially transient as
> the IP address.
Because IP address is less transient than other interfaces.
Because you can not change your IP address on a whim because there
is other software on the same side of the kernel "spoofability"
barrier for the interface for getting the IP address, on which
your system is dependent for continuing functionality. For IPv6,
substitute "[ B ][ C]" for "IP address" and you get equivalent
results.
...not because it is impossible to spoof, but because it is harder
to spoof than other approaches.
> > And even where they don't, you can "spoof" the hardware by trapping
> > the user mode programs access to the kernel mode dongle driver, and
> > lying. So even a hardware soloution -- isn't.
>
> Absolutely.
>
> Solution? Hm.
There is none. What we are looking for is "good enough", not
perfect. Once we admit this fact to ourselves, then we need a
mechanism whereby we can enforce a probability "trade off" that
is acceptable to vendors who want to sell by license. Any other
soloution fails to promote vendors porting to the platform.
Again, I point out that many PC UNIX and UNIX-clone OS's *HAVE*
functioning ("good enough") license management software. There
has been no good reason put forward for preventing FreeBSD from
having the same services available. It is up to the software
vendors, not us, to define "good enough".
Regards,
Terry Lambert
terry@lambert.org
---
Any opinions in this posting are my own and not those of my present
or previous employers.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199609252118.OAA06767>