Comments on: Rebuilding the internet?

By: George Pantazis

George Pantazis — Wed, 23 Sep 2009 11:59:51 +0000

Small protocol mistake, you probably meant SMTP and not SNMP :-)

By: Antonomasia

Antonomasia — Fri, 11 Sep 2009 17:38:18 +0000

> which carried our email before snmp
116.121.112.111.32.97.108.101.114.116

By: Iang (40 years on, packets still echo on, and we're still dropping the auth-shuns)

Fri, 11 Sep 2009 13:58:22 +0000

“Digital signature technology can help here but just wasn’t available at the time the TCP/IP protocol suite was being standardized in 1978.”
Right, but that’s just the tech. Unfortunately, it isn’t the meaning of authentication or authorisation or any other auth-shun. There is no way to code this meaning, it’s human. Consequently, it is inevitable that good auth schemes have to be designed for each application, where the humans are, and customised heavily and differently for each application. For this reason, there probably can’t be “a standard way to authenticate” and while many try, they only seem to succeed in re-learning the same lesson: push the auth to the top layer.

By: Adam

Adam — Thu, 10 Sep 2009 21:13:39 +0000

MikeA,
Unfortunately that’s a bug in the blog.

By: Adam

Adam — Thu, 10 Sep 2009 20:53:35 +0000

MikeA,
Unfortunately that’s a bug in the blog.

By: Andy Steingruebl

Andy Steingruebl — Thu, 10 Sep 2009 19:47:20 +0000

I’ll make the same point here that I made on Gunnar’s blog and in separate emails….
The question here isn’t necessarily of end-user authentication. The question/problem is about network-level authentication. None of the protocols even have the idea of authentication data, much less what it should look like.
When you look at protocols such as IPv4 UDP, there is precisely no authentication data,, and spoofing without explicit network rules is entirely possible.
When you look at a same layer protocol such as IPv6, spoofing of off-subnet addresses is not possible in the same way, because of how the design works.
This is, in my opinion, a step forward. Perfection, no. Some basic ability to tell where packets came from = good.

By: MikeA

MikeA — Thu, 10 Sep 2009 16:18:35 +0000

Wow, Vint is so cool, even his blog comments have redundancy :) Must be nice knowing that such a nice (I’ve met him breifly once, and he was conversational even though he didn’t know me from, well, Adam) and visionary guy reads, and takes time to comment to, this blog :D
Anyway, I did pop on to comment, but I think Dr Cerf summed it up nicely. I think he would have liked to have done several things, given the possibility if it could be revisited now, but at the time it was kinda “make do” – I don’t believe that the threat(s) we have now were even considered in the begining, and it’s difficult (and in a way incorrect) to put in mitigations for a threat that does’t exist or on the horizon.

By: vint cerf

vint cerf — Thu, 10 Sep 2009 14:52:49 +0000

I have only a moment to respond. The point is that the current design does not have a standard way to authenticate the origin of email, the host you are talking to, the correctness of DNS responses, etc. Does this autonomous system have the authority to announce these addresses for routing purposes? Having standard tools and mechanisms for validating identity or authenticity in various contexts would have been helpful. Digital signature technology can help here but just wasn’t available at the time the TCP/IP protocol suite was being standardized in 1978.

By: vint cerf

vint cerf — Thu, 10 Sep 2009 14:52:31 +0000

By: Alex

Alex — Thu, 10 Sep 2009 11:39:20 +0000

Me too, but I just assumed that either:
1.) He was much smarter than I and had a model that I couldn’t imagine he was referencing without details
2.) He didn’t have a model in mind at all, but wishes he had taken the time to really consider the probability that lack of auth would become a significant problem.