Vint Cerf is widely credited as one of the creators of the Internet.
So, when he stood up at linux.conf.au in Brisbane to say that the net is
currently in need of some "serious evolution," the attendees were more than
prepared to listen. According to Vint, it is not too late to create a
better Internet, despite the fact that we have missed a number of
opportunities to update the net's infrastructure. Quite a few problems
have been discovered over the years, but the solutions are within our
His talk started back in 1969, when he was hacking
SIGMA 7 to make it talk to the ARPAnet's first Internet message
processor (IMP). The net has
grown a little since then; current numbers suggest that there are around
768 million connected machines - and that doesn't count the vast
numbers of systems with transient connections or which are hiding behind
corporate firewalls. Nearly 2 billion users have access to the net.
But, Vint said, that just means that the majority of the world's population
is still waiting to connect to the net.
From the beginning, the net was designed around the open architecture ideas
laid down by Bob Kahn. Military requirements were at the top of the list
then, so the designers of the net created a system of independent networks
connected via routers with no global control. Crucially, the designers had
no particular application in mind, so there are relatively few assumptions
built into the net's protocols. IP packets have no understanding of what
they carry; they are just hauling loads of bits around. Also important was
the lack of any country-based addressing scheme. That just would not make
sense in the military environment, Vint said, where it can be very
difficult to get an address space allocation from a country which one is
The openness of the Internet was important: open source, open
access, and open standards. But Vint was also convinced from an early date
that commercialization of the Internet had to happen. There was no way
that governments were going to pay for Internet access for all their
citizens, so a commercial ecosystem had to be established to build that
The architecture of the network has seen some recent changes. At the top
of the list is IPv6. Vint was, he said, embarrassed to be the
one who decided, in 1977, that 32 bits would be more than enough for
the net's addressing system. Those 32 bits are set to run out any day
now, so, Vint said, if you're not doing IPv6, you should be. We're seeing
the slow adoption of non-Latin domain names and the DNSSEC protocol. And,
of course, there is the increasing prominence of mobile devices on the net.
One of the biggest problems which has emerged from the current Internet
is security. He was "most disturbed" that many of the problems are
not technical, they are a matter of suboptimal user behavior - bad
passwords, for example. He'd like to see the widespread use of two-factor
authentication on the net; Google is doing that internally now, and may try
to support it more widely for use with Google services. The worst
problems, he said, come from "dumb mistakes" like configuration errors.
So where are security problems coming from? Weak operating systems are
clearly a part of the problem; Vint hoped that open-source systems would
help to fix that. The biggest problem at the moment, though, is browsers.
Once upon a time, browsers were simple rendering engines which posed little
threat; now, though, they contain interpreters and run programs from the
net. The browser, he said, has too much privilege in the system; we need a
better framework in which to securely run web-based applications. Botnets
are a problem, but they are really just a symptom of easily-penetrated
systems. We all need to work on the search for better solutions.
Another big issue is privacy. User choices are a part of the problem here;
people put information into public places without realizing that it could
come back to haunt them later. Weak protection of information by third
parties is also to blame, though. But, again, technology isn't the
problem; it's more of a policy issue within businesses. Companies like
Google and others have come into possession of a great deal of
privacy-sensitive information; they need to protect it accordingly.
Beyond that, there's the increasing prevalence of "invasive devices,"
including cameras, devices with location sensors, and more. It is going to
be increasingly difficult to protect our privacy in the future; he
expressed worries that it may simply not be possible.
There was some talk about clouds. Cloud computing, he said, has a lot of
appeal. But each cloud is currently isolated; we need to work on how
clouds can talk to each other. Just as the Internet was created through
the connection of independent networks, perhaps we need an "intercloud" (your
editor's term - he did not use it) to
facilitate collaboration between clouds.
Vint had a long list of other research problems which have not been solved;
there was not time to talk about them all. But, he says, we have
"unfinished work" to deal with. This work can be done on the existing
network - we do not need to dump it and start over.
So what is this unfinished work? "Security at all levels" was at the top
of the list; if we can't solve the security problem, it's hard to see that
the net will be sustainable in the long run. We currently have no
equivalent to the Erlang
distribution to describe usage at the edges of the network, making
provisioning and scaling difficult. The quality of service (and network
neutrality) debate, he said, will be going on for a very long time. We
need better distributed algorithms to take advantage of mixed cloud
There were, he said, some architectural mistakes made which are now making
things harder. When the division was made between the TCP and IP layers,
it was decided that TCP would use the same addressing scheme as IP. That
was seen as a clever design at the time; it eliminated the need to
implement another layer of addressing at the TCP level. But it was a
mistake, because it binds higher-level communications to whatever IP
address was in use when the connection was initiated. There is no way to
move a device to a new address without breaking all of those connections.
In the designers' defense, he noted, the machines at the time, being
approximately room-sized, were not particularly mobile. But he wishes they
had seen mobile computing coming.
Higher-level addressing could still be fixed by separating the address used
by TCP from that used by IP. Phone numbers, he said, once were tied to a
specific location; now they are a high-level identifier which can be
rebound as a phone moves. The same could be done for network-attached
devices. Of course, there are problems to be solved - for example, it must
be possible to rebind a TCP address to a new IP address in a way which does
not expose users to session hijacking. This sort of high-level binding
would also solve the multi-homing and multipath problems; it would be
possible to route a single connection transparently through multiple ISPs.
Vint would also like to see us making better use of the net's broadcast
capabilities. Broadcast makes sense for real-time video, but it could be
applied in any situation where multiple users are interested in the same
content - for software updates, for example. He described the use of
satellites to "rain packets" to receivers; it is, he said, something which
could be done today.
Authentication remains an open issue; we need better standards and some
sort of internationally-recognized indicators of identity. Internet
governance was on the list; he cited the debate over network censorship in
Australia as an example. That sort of approach, he said, is "not very
effective." He said there may be times when we (for some value of "we")
decide that certain things should not be found on the net; in such
situations, it is best to simply remove such materials when they are
found. There is no hope in any attempt to stop the posting of undesirable
material in the first place. Governance, he said, will only become more
important in the future; we need to find a way to run the net which
preserves its fundamental openness and freedom.
Performance: That just gets harder as the net gets bigger; it can be
incredibly difficult to figure out where things are going wrong. He said
that he would like a button marked "WTF" on his devices; that button could
be pressed when the net isn't working to obtain a diagnosis of what the
problem is. But, to do that, we need better ways of identifying
performance problems on the net.
Addressing: what, he asked, should be addressable on the Internet?
Currently we assign addresses to machines, but, perhaps, we should assign
addresses to digital objects as well? A spreadsheet could have its own
address, perhaps. One could argue that a URL is such an address, but URLs
are dependent on the domain name system and can break at any time.
Important objects should have locators which can last over the long
Along those lines, we need to think about the long-term future of complex
digital objects which can only be rendered with computers. If the software
which can interpret such an object goes away, the objects themselves
essentially evaporate. He asked: will Windows 3000 be able to interpret a
1997 Powerpoint file? We should be thinking about how these files will
remain readable over the course of thousands of years. Open source can
help in this regard, but proprietary applications matter too. He suggested
that there should be some way to "absorb" the intellectual property of
companies which fail, making it available so that files created by that
company's software remain readable. Again, Linux and open source have
helped to avoid that problem, but they are not a complete solution. We
need to think harder about how we will preserve our "digital stuff"; he is
not sure what the solution will look like.
Wandering into more fun stuff, Vint talked a bit about the next generation
of devices; a network-attached surfboard featured prominently. He talked
some about the sensor network in his house, including the all-important
temperature sensor which sends him a message if the temperature in his wine
cellar exceeds a threshold. But he'd like more information; he knows about
temperature events, or whether somebody entered the room, but there's no
information about what may have happened in the cellar. So maybe it is
time to put RFIDs on the bottles themselves. But that won't help him to
know if a specific bottle has gotten too warm; maybe it's time to put
sensors into the corks to track the state of the wine. Then he could
unerringly pick out a ruined bottle whenever he had to give a bottle of
wine to somebody who is unable to tell the difference.
The talk concluded with some discussion of the interplanetary network.
There was some amusing talk of alien porn and oversized ovipositors, but
the real problem is one of arranging for network communications within the
solar system. The speed of light is too slow, meaning that the one-way
latency to Mars is, at a minimum, about three minutes (and usually quite a
bit more). Planetary rotation can interrupt communications to specific
nodes; rotation, he says, is a problem we have not yet figured out how to
solve. So we need to build tolerance of delay and disruption deep into our
protocols. Some thoughts on this topic have been set down in RFC 4838, but there is more
to be done.
We should also, Vint said, build network nodes into every device we send
out into space. Even after a device ceases to perform its primary
function, it can serve as a relay for communications. Over time, we could
deploy a fair amount of network infrastructure in space with little added
cost. That is a future he does not expect to see in its full form, but he
would be content to see its beginning.
There was a question from the audience about bufferbloat. It is,
Vint said, a "huge problem" that can only be resolved by getting device
manufacturers to fix their products. Ted Ts'o pointed out that LCA
attendees had been advised (via a leaflet in the conference goodie bag) to
increase buffering on their systems as a way of getting better network
performance in Australia; Vint responded that much harm is done by people
who are trying to help.
to post comments)