<<< Date Index >>>     <<< Thread Index >>>

[IP] more on Beyond the DNS





Begin forwarded message:

From: Tobin Maginnis <ptm@xxxxxxxxxxxxxxxxxx>
Date: October 1, 2005 10:25:56 PM EDT
To: dave@xxxxxxxxxx
Subject: Re: [IP] Beyond the DNS


Hi Dave,       [For IP if you wish...]

I have enjoyed the fascinating discussion on DNS, but there seems to be several small points that were either implied or assumed which I think could be developed more fully.

One point is the nature of DNS as a parallel entity to networking. In a way, it's similar to how the lymphatic system relates to the circulatory system. The lymphatic system helps identify infectious agents, but it's the circulatory system that does the real work in fighting pathology.

As indicated in an earlier discussion, Domain Name Service (DNS) is implemented with nothing more than a series of hierarchical files that lead to a name (URL prefix) and IP address pair. The actual data transfer in the Internet (including DNS lookup) is carried out through TCP/DGP and IP exchanges.

A second point is that internet access is really a search problem as opposed to a name identification problem. Said another way, Google would probably be just as effective search engine as it is today if it simply searched the IP address space (without using URLs) on port 80 and noted all the resulting web page information.

My third point is that URLs are really a form of advertisement where the domain name register wants you to think of the browser URL field as a top-of-mind search term. So, instead of searching for brain surgery, simply type brain-surgery.com into your browser. (You guessed it, the top listed Google search result for brain surgery is, in fact, brain-surgery.com.)

Not speaking for the general internet population, I will say that I NEVER use top-of-mind search terms as experimental URLs. The reason, of course, is that this trial and error method relies upon on trustworthy advertisers, and I prefer to rely upon the track record of a trusted search engine that provides a context for my search terms.

So call me naive, but I think the worry about the number of root servers is a little silly since: a) it is in the best interests of an advertiser to want a traditional TLD name in a unified name space and b) regardless of the URL, it's the context of your search terms that dictate weather or not you will visit a given URL. So rather put a lot energy into a fully accurate (meaningful) and reliable URL mechanism, I would argue that we should put that effort into more usable and powerful search engines.

Thanks,
Tobin Maginnis

David Farber wrote:

Begin forwarded message:
From: Bob Frankston <Bob2-19-0501@xxxxxxxxxxxxxxxxxx>
Date: October 1, 2005 12:58:15 PM EDT
To: dave@xxxxxxxxxx, 'Ip Ip' <ip@xxxxxxxxxxxxxx>
Cc: "'Strata R. Chalup'" <strata@xxxxxxxxxxx>, 'John R Levine' <johnl@xxxxxxxx>, "'David P. Reed'" <dpreed@xxxxxxxx>
Subject: Beyond the DNS
I've been meaning to catch up on writing about these ideas but it's
difficult to do it as a full essay -- it's easier to do so in response to
some email in a venue that (I hope) is tolerant of typos. In fact, one
recent post I did the class omission of a "not" - I thought it was obvious enough so didn't send a correction -- those of you who were puzzled were
right in being puzzled.
I want respond to the latest round of DNS discussions based on the
Neustar/Cellular attempt to confuse the DNS issues even more. I'll attempt
to summarize my current thoughts and the hard problems that need to be
solved or, far better, finessed by restating the problem/solution space. I'm giving only a brief overview but I realize it may be difficult for many of the readers to feel comfortable with the approach I take anymore than Bellheads can accept the cacophony of the Internet being a transport for high quality sound. At least there's a simple physical model of packets traveling around - even when it's wrong. I remember when I realized that token and Ethernets don't really have packets on the wire -- the network wire is typically not long enough to hold even a single bit once you work
out the math.
The approach I'm taking replaces the hierarchical world of wires and
routers with a world based on capability algebras and topologies. But it's not that alien -- we can recognize some of the properties in today's net.
To the extent that we define relationships in terms of pairs of IP
addresses, the relationships are independent of the path or wire or even when there is a wire. This has interesting implications for public policy -- especially the FCC (and its counter-parts around the world) whose whole existence is premised on the idea that the path not only matters but is worth trillions of dollars. The path no longer matters and those trillions
of dollar might as well be Monopoly money rather than monopoly money.
The problem of decentralizing the Internet is an interesting one that I've been thinking about for a long time (with David Reed and others being very helpful). Just as the Internet is not a fancy version of the phone system, the replacement for the DNS is not a replacement for the DNS. Nor is the
next iteration a fixed Internet.
There isn't a single monolithic P2P community but we can see examples. IM
systems typically have their own namespaces independent of the DNS.
Thinking a little further it's useful to note that the DNS "solves" two
problems -- one very poorly and the other only as an illusion.
The first "solution" is providing stable handles in lieu of the IP address which is not stable because it has to serve the roles of both handle (name)
and path. But the DNS entries are leased and reused so aren't really
stable. But they are stable in the wrong way -- they are difficult to
change and overstay their welcome. This is why John Levine posited that the CellCos may want their own mechanism for mobility -- I disagree, but I can understand the problems with using the DNS and its very long TTLs -- over a
second!
The other problem is mapping intent to entry -- the names used as keys are
dangerously misleading but 'nuf said on that.
We don't need all this stuff. You can coin your own stable handle using a GUID (Globally Unique ID) which is self-generated. It's fundamental to a
lot of software and systems. A crypto-GUID is even better -- it's
unguessable.
The routing is not a layer but an optional service if two end points want to exchange packets. These end points are not computers but abstractions
such as a conversation. Since naming is independent of path it is
intrinsically mobile. Maintaining the relationships is a matter of finding
new path and that's an engineering problem that has many solutions. In
fact, I claim it's easier than today's approach which requires the net
track all the LANs while depriving of the ability to dynamically update the
path identifiers to facilitate routing.
Note that in this scheme the net is no longer a LAN of LANs -- routing is
not a layer and the model is not hierarchical.
The other problem is finding end points and the big change is that you are found only if you list yourself where you want to be found and in doing so
you choose who is allowed to find you.
There are lots of interesting implications beyond simply obviating the DNS
and ICANN authority that derives from the DNS and beyond making the
relegating the IP address to the status of a temporary circuit identifier. One is that the end point identifier itself becomes a resource that can be
used as a capability. It's also a flat name space -- no @. You can't
enumerate the end points but you can create algebras and topologies in
interesting ways for access control. Access control being intrinsically
ambiguous -- it can mean you don't have a path or that you don't have
authority and you can't necessarily distinguish between the two. It's just
a hint of how to think about this model.
It's a model that is happening anyway in limited forms in the P2P world. It is as different from today's Internet as the Internet is from the phone network yet is far more in keeping with the End-to-End argument. Encryption is also fundamental so you don't worry about bits getting to the wrong end points and you don't have to trust any particular path so all paths are
"safe" even if they aren't all effective.
Global (not just local) meshing just happens. Since relationships are
defined independent of the path or particular wire -- or whether there is a
wire.
It's wonderful except ... how do you know which bits really mean what. You may assume that WIPO will give you an authoritative mapping of a name like "Cadillac Dog Food" into the bits associated with that trademark in the appropriate context. It's hard to know that a given set of bits represent
Joe Smith. To the extent the bits are capabilities they are also "true
names" that can allow me to present myself authoritatively. Dealing with
this requires some crypto concepts and dealing with exposures.
We also have to presume failures and want to be able to handle devices like switches embedded deeply within physical structures. We don't even have an
effective definition of failure but that's a longer deeper discussion.
In today's Internet we think we understand the answer and we also treat the DNS as authoritative. Nice simplifying assumptions and it allows us to get a lot done. The same simplifying assumptions that allow us to go surfing and make it easy to go phishing - and you can't easily facilitate one and
prevent the other ...
-------------------------------------
You are subscribed as ptm@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting- people/




-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/