Re: Fundamental changes to Internet architecture

[John Dupuy <jdupuy-list () socket net>]

At 06:29 AM 7/1/2005, you wrote:

> On Friday 01 Jul 2005 11:28 am, Michael.Dillon () btradianz com wrote:
> >
> > I guess I'm not the only one who thinks that we could benefit from some
> > fundamental changes to Internet architecture.
> >
> > http://www.wired.com/news/infostructure/0,1377,68004,00.html?tw=wn_6techhea
> >d
> >
> > Dave Clark is proposing that the NSF should fund a new demonstration
> > network that implements a fundamentally new architecture at many levels.
>
> '"Look at phishing and spam, and zombies, and all this crap," said Clark.
> "Show me how six incremental changes are going to make them go away."'
>
> Well I suppose it is a good sales pitch, but I'm not terribly sure that these
> are a network layer problems.
>
> We could move to a network layer with more security that makes it impossible
> for network carriers to identify or intercept such dross, which might at
> least deal with the crowd who think "filter port 25 outgoing" is the solution
> to all the Internets woes ;)

Raw research often produces rewards and unexpected results, so I applaud 
and encourage work in this direction.

However, philosophically: security=less trust vs. scalability=more trust. 
intelligent=smart-enough-to-confuse vs. simple=predictable. Thus, a very 
Intelligent Secure network is usually a nightmare of unexplained failures 
and limited scope.

This is why researchers should sometimes ignore experience-hardened network 
technicians :)

I look forward to seeing what he comes up with.

John