Beyond the DNS

[David Farber <dave () farber net>]

Begin forwarded message:

From: Bob Frankston <Bob2-19-0501 () bobf frankston com>
Date: October 1, 2005 12:58:15 PM EDT
To: dave () farber net, 'Ip Ip' <ip () v2 listbox com>
Cc: "'Strata R. Chalup'" <strata () virtual net>, 'John R Levine'  
<johnl () iecc com>, "'David P. Reed'" <dpreed () reed com>
Subject: Beyond the DNS


I've been meaning to catch up on writing about these ideas but it's
difficult to do it as a full essay -- it's easier to do so in  
response to
some email in a venue that (I hope) is tolerant of typos. In fact, one
recent post I did the class omission of a "not" - I thought it was  
obvious
enough so didn't send a correction -- those of you who were puzzled were
right in being puzzled.

I want respond to the latest round of DNS discussions based on the
Neustar/Cellular attempt to confuse the DNS issues even more. I'll  
attempt
to summarize my current thoughts and the hard problems that need to be
solved or, far better, finessed by restating the problem/solution space.

I'm giving only a brief overview but I realize it may be difficult  
for many
of the readers to feel comfortable with the approach I take anymore than
Bellheads can accept the cacophony of the Internet being a transport for
high quality sound. At least there's a simple physical model of packets
traveling around - even when it's wrong. I remember when I realized that
token and Ethernets don't really have packets on the wire -- the network
wire is typically not long enough to hold even a single bit once you  
work
out the math.

The approach I'm taking replaces the hierarchical world of wires and
routers with a world based on capability algebras and topologies. But  
it's
not that alien -- we can recognize some of the properties in today's  
net.

To the extent that we define relationships in terms of pairs of IP
addresses, the relationships are independent of the path or wire or even
when there is a wire. This has interesting implications for public  
policy
-- especially the FCC (and its counter-parts around the world) whose  
whole
existence is premised on the idea that the path not only matters but is
worth trillions of dollars. The path no longer matters and those  
trillions
of dollar might as well be Monopoly money rather than monopoly money.

The problem of decentralizing the Internet is an interesting one that  
I've
been thinking about for a long time (with David Reed and others being  
very
helpful). Just as the Internet is not a fancy version of the phone  
system,
the replacement for the DNS is not a replacement for the DNS. Nor is the
next iteration a fixed Internet.

There isn't a single monolithic P2P community but we can see  
examples. IM
systems typically have their own namespaces independent of the DNS.

Thinking a little further it's useful to note that the DNS "solves" two
problems -- one very poorly and the other only as an illusion.

The first "solution" is providing stable handles in lieu of the IP  
address
which is not stable because it has to serve the roles of both handle  
(name)
and path. But the DNS entries are leased and reused so aren't really
stable. But they are stable in the wrong way -- they are difficult to
change and overstay their welcome. This is why John Levine posited  
that the
CellCos may want their own mechanism for mobility -- I disagree, but  
I can
understand the problems with using the DNS and its very long TTLs --  
over a
second!

The other problem is mapping intent to entry -- the names used as  
keys are
dangerously misleading but 'nuf said on that.

We don't need all this stuff. You can coin your own stable handle  
using a
GUID (Globally Unique ID) which is self-generated. It's fundamental to a
lot of software and systems. A crypto-GUID is even better -- it's
unguessable.

The routing is not a layer but an optional service if two end points  
want
to exchange packets. These end points are not computers but abstractions
such as a conversation. Since naming is independent of path it is
intrinsically mobile. Maintaining the relationships is a matter of  
finding
new path and that's an engineering problem that has many solutions. In
fact, I claim it's easier than today's approach which requires the net
track all the LANs while depriving of the ability to dynamically  
update the
path identifiers to facilitate routing.

Note that in this scheme the net is no longer a LAN of LANs --  
routing is
not a layer and the model is not hierarchical.

The other problem is finding end points and the big change is that  
you are
found only if you list yourself where you want to be found and in  
doing so
you choose who is allowed to find you.

There are lots of interesting implications beyond simply obviating  
the DNS
and ICANN authority that derives from the DNS and beyond making the
relegating the IP address to the status of a temporary circuit  
identifier.

One is that the end point identifier itself becomes a resource that  
can be
used as a capability. It's also a flat name space -- no @. You can't
enumerate the end points but you can create algebras and topologies in
interesting ways for access control. Access control being intrinsically
ambiguous -- it can mean you don't have a path or that you don't have
authority and you can't necessarily distinguish between the two. It's  
just
a hint of how to think about this model.

It's a model that is happening anyway in limited forms in the P2P  
world. It
is as different from today's Internet as the Internet is from the phone
network yet is far more in keeping with the End-to-End argument.  
Encryption
is also fundamental so you don't worry about bits getting to the  
wrong end
points and you don't have to trust any particular path so all paths are
"safe" even if they aren't all effective.

Global (not just local) meshing just happens. Since relationships are
defined independent of the path or particular wire -- or whether  
there is a
wire.

It's wonderful except ... how do you know which bits really mean  
what. You
may assume that WIPO will give you an authoritative mapping of a name  
like
"Cadillac Dog Food" into the bits associated with that trademark in the
appropriate context. It's hard to know that a given set of bits  
represent
Joe Smith. To the extent the bits are capabilities they are also "true
names" that can allow me to present myself authoritatively. Dealing with
this requires some crypto concepts and dealing with exposures.

We also have to presume failures and want to be able to handle  
devices like
switches embedded deeply within physical structures. We don't even  
have an
effective definition of failure but that's a longer deeper discussion.

In today's Internet we think we understand the answer and we also  
treat the
DNS as authoritative. Nice simplifying assumptions and it allows us  
to get
a lot done. The same simplifying assumptions that allow us to go surfing
and make it easy to go phishing - and you can't easily facilitate one  
and
prevent the other ...





-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/