[81865] in North American Network Operators' Group
Re: Fundamental changes to Internet architecture
daemon@ATHENA.MIT.EDU (John Dupuy)
Fri Jul 1 11:45:00 2005
Date: Fri, 01 Jul 2005 10:44:33 -0500
To: nanog@merit.edu
From: John Dupuy <jdupuy-list@socket.net>
In-Reply-To: <1120217350.18670.TMDA@mercury.zynet.net>
Errors-To: owner-nanog@merit.edu
At 06:29 AM 7/1/2005, you wrote:
>On Friday 01 Jul 2005 11:28 am, Michael.Dillon@btradianz.com wrote:
> >
> > I guess I'm not the only one who thinks that we could benefit from some
> > fundamental changes to Internet architecture.
> >
> > http://www.wired.com/news/infostructure/0,1377,68004,00.html?tw=wn_6techhea
> >d
> >
> > Dave Clark is proposing that the NSF should fund a new demonstration
> > network that implements a fundamentally new architecture at many levels.
>
>'"Look at phishing and spam, and zombies, and all this crap," said Clark.
>"Show me how six incremental changes are going to make them go away."'
>
>Well I suppose it is a good sales pitch, but I'm not terribly sure that these
>are a network layer problems.
>
>We could move to a network layer with more security that makes it impossible
>for network carriers to identify or intercept such dross, which might at
>least deal with the crowd who think "filter port 25 outgoing" is the solution
>to all the Internets woes ;)
Raw research often produces rewards and unexpected results, so I applaud
and encourage work in this direction.
However, philosophically: security=less trust vs. scalability=more trust.
intelligent=smart-enough-to-confuse vs. simple=predictable. Thus, a very
Intelligent Secure network is usually a nightmare of unexplained failures
and limited scope.
This is why researchers should sometimes ignore experience-hardened network
technicians :)
I look forward to seeing what he comes up with.
John
