[ NNSquad ] Re: FCC paths to Internet network management? (from IP)

[Ed Jankiewicz <edward.jankiewicz@sri.com>]

Food for thought:

1.  as someone working on IPv6 standards, transition and deployment I 
see IPsec as an intrinsic part of the "value proposition" for IPv6 (and 
no need to start that argument, it is already going on plenty of other 
places if you want to tune in.)  IPsec empowers end-to-end encryption, 
and if widely used would make it virtually impossible for ISPs to 
inspect content and micromanage use of the Internet based on application 
and content format.  Of course, they could still attempt to do this 
based on the header content that is in the clear, such as the addresses 
of "known offenders" and those reputed to consort with them.

2.  Speaking of IPsec, I fear that ISPs may have reasons to block 
end-to-end IPsec because it interferes with their ability to "manage" 
bandwidth based on content, and if they do they will (IMHO) be violating 
IETF standards.  

3.  Why is restoring "end-to-end" (another IPv6 selling point) 
considered a "good thing" and in fact a defining principle of The 
Internet, while "peer-to-peer" is a "bad thing" that must be quashed?  I 
see this as a subtle semantic distinction colored by a value judgment on 
the content.  Ignoring that for a moment, the entire point of The 
Internet (from its very early days when it was simply the little i 
internet...) was to be an open pipe to allow end nodes to exchange files 
with each other without "management" by anyone in the middle.  Call that 
"peer-to-peer" or "end-to-end" as you like.

4.   IETF standards generally define only two types of nodes:  Host and 
Router.  The concept of "Server" is not embodied in IP at all, nor 
should it be; the distinction between a client or server is an 
application layer concept, from the network viewpoint both are Hosts.  
Simply put, a Host is the source/destination of IP packets, and a Router 
forwards any packets not addressed to itself.  Firewalls and such are 
necessary evils, but their nature is to violate this principle, by 
modifying or blocking packets not addressed to them.  There should 
always be a very good reason, mutually acceptable to the network 
operator and its customers, for any blocking. 

Personally, I support metering, tiered pricing or other limitations 
based on bandwidth utilization, but do not support ISPs making 
distinctions between client and server or judgment based on content, and 
in particular am especially concerned about the prospect of IPsec being 
rendered moot.  The IETF has no "protocol police" to enforce their 
standards, so only we (consumers in a free market) or the regulators 
(FCC) can do that.  With so many folks having limited choice in 
broadband access, we don't truly have a free market and have to live 
with some regulation to ensure everyone plays nice.

Ed J.

Lauren Weinstein wrote:
> The following is my personal opinion, not a statement on behalf
> of NNSquad.
>
> At the risk of sounding a bit like Bob Frankston, I don't accept the
> premise that ISPs have any intrinsic right to monitor my
> applications and micromanage my use of the Internet, beyond flow
> control as necessary to keep their networks healthy.  Even the fact
> that a user is choosing to run application A or application B can be
> viewed as an element of content that should be none of the ISPs'
> business.
>
> Even if users choose to run 24/7 VPNs, with all applications layered
> within those encrypted channels, ISPs' main concerns should be that
> those subscribers' bandwidth usage stays within their contractual
> limits and that their overall throughput is managed to the extent
> necessary to avoid unfair impacts on other subscribers or the network
> itself.
>
> This implies that any subscriber should be able to run servers if
> they wish.  If a subscriber were determined to be engaging in
> illegal activities or actions that were disrupting other users (e.g.
> spam), they would be subject to appropriate actions, of course, but
> it's inappropriate to treat subscribers as if they were
> untrustworthy crooks on an a priori basis.  
>
> "Disrupting other users" by this definition doesn't include the
> simple running of protocols that make heavy use of subscribed
> circuits.  If ISPs have a problem with user throughput, they should
> be able to throttle the speed (not block!) as necessary.  But such
> throttling rules should be spelled out clearly, so that when a person
> pays for a circuit of a specific advertised "up to this speed," they 
> have some clue as to what they're actually paying for.
>
> This all doesn't address the problem of how to avoid ISPs managing
> bandwidth in ways that favor their own entertainment and related
> delivery systems over outside services, but that's another story.
>
> --Lauren--
> NNSquad Moderator
>
>  - - -
>
>   
> > At 10:48 PM 2/28/2008, Lauren Weinstein wrote:
> >  
> >
> >     
> > > Brett Glass says: "Sixth, there should be no obfuscation of P2P."
> > >
> > > Bzzzz!  Sorry, no can do, at least if we're talking about some sort
> > > of enforced ban.  I'm personally not a user of P2P currently, but I
> > > reserve the right to encrypt any or all of my Internet traffic for
> > > security and privacy purposes as I see fit, and most security
> > > consultants worth their salt recommend encrypting as much as
> > > possible, given the nature of the Internet today.
> > >       
> > Encrypt the content if you will, but if you try to obfuscate the
> > fact that you are DOING P2P, in violation of a contract you made
> > with your ISP, you are being dishonest. And if you announce from
> > the start your intent to be dishonest, then there can never be
> > a truce, much less a mutually beneficial agreement. And you will
> > be exactly the kind of customer whom we will be glad to send
> > packing. We like doing business honestly, with honest people.
> >
> > --Brett Glass
> >
> >     
>
>