Paul Mockapetris, Inventor, DNS, and David Conrad, CTO, ICANN
Moderator: Matthew Prince, Co-Founder & CEO, Cloudflare
MP: You guys wrote all this stuff; why is the internet so broken?
PM: People complain about security flaws, but there is no security in original design of dns. I think of it that we haven’t had the right investment in rebuilding the infrastructure.
Original stuff was only good for 10 years, but we’ve been using it for 30.
DC: The fact that we were able to get packets from one machine to another in the early days was astonishing in itself.
MP: So what are you worried about in terms of Internet infrastructure that we aren’t even thinking about?
PM: i’m worried about the fact that a lot of places like the IETF are very incremental in their thinking, and that people aren’t willing to take the next big jump. E.g. hesitancy to adopt blockchain
Being able to experiment and try new stuff is important.
The idea that you can't change anything because it will affect the security and stability of the internet. we need to weigh benefits and risks or we will eventually die of old age.
DC: Typically, security of routing system. There are people out there who might route stuff inappropriately. I’m not confident about some solutions that have been proposed.The complexity of the system is starting to bite us pretty hard.
Also, more so, I worry about ability of bad guys to redirect cannons at any service or target. Way too easy to overwhelm anything in the infrastructure.
MP: So if a lot of this is about being stuck in the incremental world and not making inventions, is it getting worse or better? Is there any hope?
PM: Some of it is more basic technology. Stevie Wonder said that when you believe in things you don’t understand, then you suffer. We need to think about routing as a computational problem with bilateral or multilateral agreements. And people can control their destiny a little bit more.
It’s also a competitive marketplace.
Think about using tech so people can update the agreements that they have
MP: But how do you move things forward, given incrementalism? What is path to actually replace dns with blockchain? Do we need to move away from bottom-up internet governance?
PM: I don’t know exactly how you do it.. It's the case that organizations have gotten big enough that they can make their own custom equipment. The software has always defined the network. So how can you have interfaces to allow collaboration with as much control and reliability as you’d like?
I think the next frontier is to think about ways to do distributed synchronization contracts. Coordinating addresses and names by your own tools. We need more investment in the capabilities of the infrastructure.
DC: I agree; we have reached stage of semi-equilibrium w standards, resulting in ossification of underlying infrastructure. This also permits thinking outside box. After awhile, people will get tired of the proprietary stuff and start another round of standardization. It’s a cycle.
E.g. DNS over HTTP
There have been increasing calls for standardization corporations to formulate a standard way of doing these things.
The other problem is that you start getting vested interests who don’t want progress; they like the niche that they’ve developed for themselves. And they like revenue streams.
The cycle of disruption and equilibrium will continue. The IETF is struggling to understand how it will remain relevant moving forward in a way that allows for disruptive technologies t come in and change the underlying game.
MP: Related to internet governance debate, what do you saw to Ted Cruz when he says US gave up control of internet? Does he have a point?
DC: NO. Fundamentally, internet is network of networks. You can get into questions at a point about what happens when an app reaches critical mass; does it have regularity implications. By and large, internet has no mechanisms of control.
MP: it seemed like the internet was working okay before, why did the US stroke the provision that says we can go in and potentially veto what ICAN was doing
What was rationale?
DC: Part of it was misunderstanding. The primary role of US govt was to make sure ICANN didn’t do something stupid. And after 12 years of not having anything stupid happen, they realized that not doing anything to the root zone was causing a lot of political problems internationally. So they decided to let the contract expire.
MP: There was/is real risk that the internet gets governed by a much more political organization that would transform the way the internet is governed to a top-down organization. Unlike what Cruz says, the move by the last administration to say they wouldn't be able to control the internet anymore was a brilliant political move.
DC: Alternative to Cruz’s approach is fragmented internet, with national networks connected with gateways.
And that has implications with regards to the ability of internet organizations to reach markets they would like to reach
MP: Can we avoid that? Can we have a non-fragmented internet? I’m less sure that this is the case today vs. 4 years ago.
PM: the internet has cracks in it today. The only real issue is how fragmented is it gonna get. When i was visited china once, at the local hotel you had open internet, but only for westerners who happens to be visiting. It is going to fragment, political people will press their agenda.
I wish i could make a deal with the US government where i could say, okay you can have my data but you should be protecting me from other people. Negotiations are going to continue.
MP: is there something technically that you wish you had done in the design that would have better resisted that fragmenting?
PM: when I was at ICAN, people were saying that the US govt should not be control of all of this; and that was a great attitude, but the US govt can be persuasive. There will be different shades. You can’t expect people to think that the internet isn’t part of the regular world. It is. So regular rules will be applied to it.
MP: what’s changed? Do you feel less idealistic and optimistic, or have you always been pessimistic?
PM: My message is: should i look at telegram or signal? I can’t do anything about the US govt, but i want to protect my privacy from commercial organizations. To me it’s more that we have ot think about being more aggressive about thinking about protecting our privacy ourselves. But we should be asking the govt to protect us and not just the storehouse holding all our conversations.
Until we make security user-friendly, we won’t use it as much, and then it won’t protect us.
DC: the technology for filtering, for blocking moves with other technologies. And it’s getting better over time. I'm not particularly optimistic but i think that ultimately the network derives value from the number of people who connect to it. Once you filter or block significant parts of internet, it begins to lose value.
There is an effort to try to protect the data that is being transferred. Ther ewill be man-in-the-middle taps and data taps, but ultimately the value that the internet brings will provide a way to ensure the infrastructure continues to operate. There will be islands and gateways, but when GDP start depending on connectivity, that sends a signal to govts.
MP: a lot of the world that looked to the US for internet leadership, they see where growth is coming from, and that is China.
DC: China has imposed strict control of info, but look at europe and india which are more open:
But you also look at Europe and India and other places moving toward a more open regime focused on privacy. It is unfortunate that the US is stepping back from the leading role that they had.
PM: this whole business about filtering being harmful is not where we are today. Is there anyone in the audience who doesn't want to use anti-spam on email?
MP: but that’s your decision, not the govt’s.
PM” reputation filtering is my first line of defense. The fact that filtering is good tech doesn’t mean it can’t be used for bad or good. We should be worried about sharpening that up rather than worrying about censorship.
One question i always want to ask is: is email routing more secure than PGP? If you connect me to a billion more people, i don’t have time to talk to them.
MP: but if there’s the opportunity to talk to one, isnt; there some value?
PM: being selective about who you connect to… why would you talk to some unknown person if you wouldn’t go to a restaurant without looking at reviews?
Q: you talked about fragmentation; when will great firewall of china have adverse effect on chinese government? When will cracks start to reappear in that?
DC: Depending on who you talk to, the great firewall of china is either the best thing that god has created or it is already impacting the ability of chinese companies to work in a global market.
Because there is so much potential for growth in china, control is winning. But as soon as chinese organizations look for larger markets, you’ll start to see changes in the way that firewall is operating
MP: When we travel over there, the lack of ability to run a google search and find code that you need, that is something that engineers on the ground in China complain about today. If chinese companies were to stop thinking about their market being only inside china. Think snapchat. The country will start to look more outward.
PM: The jury is still out. Darwin isn’t necessarily in favor of liberalism. Be comforted by specific examples like market access. But there is still reason to be scared.
MP: Ok, final question - Bitcoin @ $4,500 or IPv4 addresses @ $12.00 - what is better investment?
All our sessions will be streamed live! If you can't make it to Summit, here's the link: cloudflare.com/summit17