This story appeared on Network World Fusion at

This story appeared on Network World Fusion at
http://www.nwfusion.com/columnists/2001/0409bradner.html

'Net Insider:

Almost a joke

By Scott Bradner
Network World, 04/09/01

Since at least the late 1970s it has been a tradition in the Internet Engineering Task Force (IETF) to publish April Fools' Day RFCs. Starting with the telnet randomly lose option (RFC 748) in 1978 and continuing to the present day, the RFC editor has published real-looking but bogus technical specifications on the first of April. The purpose of these ersatz standards is to entertain and, sometimes, to make a point.

The most well-known April Fools' Day RFC is the 1990 "Standard for the transmission of IP datagrams on avian carriers" (RFC 1149), which was updated nine years later by RFC 2549, "IP over Avian Carriers with Quality of Service." These are parodies of the rush to run the Internet Protocol over just about any type of media - in this case, carrier pigeons.

But they also can be used to see if a router or host vendor is paying attention. Last year a European firm issued a request for proposals that listed a large number of IETF RFCs and asked that bidders indicate which ones they supported. RFC 1149 was one of the listed RFCs. A number of would-be vendors checked the box to indicate they supported the technology, but at least two vendors were not fooled. Juniper Networks said that the RFC "was not serious" and Cisco said they only supported the technology April 1st.

This year, three April Fools' Day RFCs were published: RFC 3091, or "Pi Digit Generation Protocol," which describes a service that generates the value of pi for hosts that can not do it for themselves; RFC 3092, a scholarly treatise on the "Etymology of 'Foo' "; and RFC 3093, written by Harvard graduate student Mark Gaynor and myself on a "Firewall Enhancement Protocol (FEP)."

This RFC is also a parody, but one that a number of people have already noted may be a bit too close to the truth for comfort. In it, we describe a way to run the Internet Protocol suite over HTTP, the transport protocol for the World Wide Web. Our stated rationale for this is the growing number of firewalls, which generally pass HTTP unmolested, being used by organizations are inhibiting the ability of the people behind the firewalls to try out new applications. In the RFC we claim that the FEP does not change the security barrier created by a firewall, since firewalls are generally ineffective if the attacker has a confederate on the inside.

There is a serious point lurking beneath the humor. The dynamic growth of the Internet was driven by the thousands of new applications whose development was enabled by the wide-open Internet. Now legitimate security worries are placing barriers in the 'Net. But these barriers slow innovation and the 'Net is the worse for them.

Disclaimer: Humor, or what passes for humor at the Lampoon, has been an undercurrent at Harvard for a long time but the University was not involved in the above joke.

All contents copyright 1995-2002 Network World, Inc. http://www.nwfusion.com