ietf
[Top] [All Lists]

Re: myth of the great transition (was US Defense Department formally adopts IPv6)

2003-06-18 22:32:05
Hi Bob;-)...  And all;-)...

At 12:17 -0700 6/18/03, Bob Braden wrote:
 *> Keith wrote:
 *> > If you want to address denial of service issues you need protocol
 *> > enforcement points.
 *> 
 *> NAT is a denial of service attack, not a means of policy enforcement.
 *> 
 *> 
 *> 

Keith,

I think it would be more accurate to say that a NAT contravenes
the basic Internet prnciple of universal connectivity.

Since 1980 we have believed that universal connectivity was one of the
great achievements of the Internet design.  Today, one must
unfortunately question whether universal connectivity can be sustained
(or is even the right goal) in a networking environment without
universal trust.  Maybe NATs are, in fact, a result of a very deep
problem with our architecture.  If you accept that, then there is no
point in attacking NATs until you can propose a better architectural
solution to the trust problem (hopefully, there will be one!)

Bob Braden


Here!  Here!  Exactly --  Trust in all the people on the net all the time 
failed with the well received demise of the NSF AUP (1994) and the fact that 
misbehavior then no longer threatened loss of Internet access privileges.

This was not widely recognized as a possible at the time, much like the 
fact that the Internet has no center and hence has no place to locate a 
"Central Control Center" which is another contributor to the loss of trust, 
and which prohibits solving the trust problem with centralized enforcement 
of rules of trust, if any such rules might possibly exist.

This of course is one reason why PKIX is not able to deliver public trust, 
because PKIX requires a single Central Control Center to enforce rules of 
trust (whatever those rules might be), and we have already discussed how it 
is that PKIX CA's suffer from lack of trust induction among their users.

So, one fundamental issue in this whole situation is that the basic "Internet 
Operational Model" that underlays these aspects being discussed here is not a 
realistic model for situations with no available "Center".

I model the Internet more accurately with our present International Economy, 
where again, there is NO CENTER, and thus no place to locate a control center 
for that economy.  The decisions that drive the economy depend on interpersonal 
trust which is developed via multiple channels of information flow derived 
from many different communication paths.  

Trust is only derived from accumulated information obtained from multiple 
channels of information flow.

In the U.S. there is no central control for the National Economy.  And, I have 
been saying for years that pretty much every one that ever had a centrally 
controlled Economy, by now wishes they did not have one.  Even China is 
working its way as carefully as possible to become a free economy, trying 
to avoid the collapse that Russia experienced during such a period of change.

The Internet did it like Russia did it, without understanding that it was 
happening and not dealing with the need for new trust induction tools and 
processes.

So, I think all of you out there will agree that we do not want a return to 
a centrally controlled Internet, even if we could have one, so let's stop 
pretending that such a thing can exist, and start working on ways to induce 
trust among ourselves for all of our own private reasons to have trust among 
us in this "uncontrolled space".

Many hark back to the good old days of the trusted users of he ARPAnet, but 
those days are long gone, when we all had to worry about losing our access 
privileges.  I very well recall my efforts to retain my privileges over those 
years of serving as an independent consultant with no permanent sponsor!

Serving as the "Moderator" of MsgGroup for 11 years from 1975-1986 helped to 
carry me along until 1987 when NSFnet made it easier for me to manage.

From my management consulting experience along the way, I strongly recommend 
that we learn to live together in our "open information economy" and avoid 
attempts to apply central controls to build mutual trust.  

The Internet is a Internetwork of Internets.  It is not a network!

To repeat, it has no center, and further, does not even have any edges.

It is just a manifold of information transit pipes, each of which can be made 
to communicate with any other transmission pipe, by taking appropriate actions,
without permission from any central governing agency!  Not even ICANNic.

Cheers...\Stef;-)... 




<Prev in Thread] Current Thread [Next in Thread>