Edward B. DREGER
2008-04-14 00:36:07 UTC
Bottom line first
We need OOB metadata ("trust/distrust") information exchange that scale
better than the current O(N^2) nonsense, yet is not PKI
And now, the details... which ended up longer reading than I intended
My apologies. As Mark Twain said, "I didn't have time to write a shor
letter, so I wrote a long one instead." :-
When it comes to establishing trust
* The current SMTP model is O(N^2)
* I posit that the current IP networking model is sub-O(N)
* PKI models are pretty much O(1)
Polynomial-order just doesn't scale well. It's mathematical fact, an
particularly painful when the independent variable is still increasin
quickly
Many operators seem to reject PKI as "power in too few hands". I'll no
disagree with that
Conclusion: What we need is something that scales better than O(N^2)
but that is not as "few trusted keepers of the world" as PKI
Let's look to one of the current hot tickets: social networking. Who i
whose friend, who is in whose network, blah blah blah. (The junior hig
students seem to grok the concept of trust being semi-transitive!
Let's also draw upon operational lessons from a couple old-timers.
recall using a critter known as "NNTP". And once upon a time, before m
days on the Internet, lived a funny little beast called "UUCP"
We track email quality from all mailservers that hit us. I can whip u
a list of MXes/organizations that I'm willing to "trust" -- and let'
leave that term imprecisely-defined for now
Here's what I propose
Establish a "distrust protocol". Let path weight be "distrust". Th
"trust path" is of secondary importance to "path weight", although no
completely irrelevant. SMTP endpoint not in graph? Fine; have som
default behavior
Let _trust_ be semi-transitive, a la BGP -- a technology that we know
understand, and at least sort of trust to run this crazy, giant networ
that dwarfs even a 50M-user provider
Let actual _content_ still be end-to-end, so that we do not simpl
reincarnate NNTP or UUCP
Alternatively
I'm open to other suggestions
Or, there's plan "C"
We continue to argue, banter, carp, fuss, grumble, moan, swear, whine
et cetera (I decided against running the alphabet) over the problem
Hey, it's worked/working great so far, right
Edd
-
Everquick Internet - http://www.everquick.net
A division of Brotsman & Dreger, Inc. - http://www.brotsman.com
Bandwidth, consulting, e-commerce, hosting, and network buildin
Phone: +1 785 865 5885 Lawrence and [inter]nationa
Phone: +1 316 794 8922 Wichit
_______________________________________________________________________
DO NOT send mail to the following addresses
***@brics.com -*- ***@intc.net -*- ***@everquick.ne
Sending mail to spambait addresses is a great way to get blocked
Ditto for broken OOO autoresponders and foolish AV software backscatter
We need OOB metadata ("trust/distrust") information exchange that scale
better than the current O(N^2) nonsense, yet is not PKI
And now, the details... which ended up longer reading than I intended
My apologies. As Mark Twain said, "I didn't have time to write a shor
letter, so I wrote a long one instead." :-
When it comes to establishing trust
* The current SMTP model is O(N^2)
* I posit that the current IP networking model is sub-O(N)
* PKI models are pretty much O(1)
Polynomial-order just doesn't scale well. It's mathematical fact, an
particularly painful when the independent variable is still increasin
quickly
Many operators seem to reject PKI as "power in too few hands". I'll no
disagree with that
Conclusion: What we need is something that scales better than O(N^2)
but that is not as "few trusted keepers of the world" as PKI
Let's look to one of the current hot tickets: social networking. Who i
whose friend, who is in whose network, blah blah blah. (The junior hig
students seem to grok the concept of trust being semi-transitive!
Let's also draw upon operational lessons from a couple old-timers.
recall using a critter known as "NNTP". And once upon a time, before m
days on the Internet, lived a funny little beast called "UUCP"
We track email quality from all mailservers that hit us. I can whip u
a list of MXes/organizations that I'm willing to "trust" -- and let'
leave that term imprecisely-defined for now
Here's what I propose
Establish a "distrust protocol". Let path weight be "distrust". Th
"trust path" is of secondary importance to "path weight", although no
completely irrelevant. SMTP endpoint not in graph? Fine; have som
default behavior
Let _trust_ be semi-transitive, a la BGP -- a technology that we know
understand, and at least sort of trust to run this crazy, giant networ
that dwarfs even a 50M-user provider
Let actual _content_ still be end-to-end, so that we do not simpl
reincarnate NNTP or UUCP
Alternatively
I'm open to other suggestions
Or, there's plan "C"
We continue to argue, banter, carp, fuss, grumble, moan, swear, whine
et cetera (I decided against running the alphabet) over the problem
Hey, it's worked/working great so far, right
Edd
-
Everquick Internet - http://www.everquick.net
A division of Brotsman & Dreger, Inc. - http://www.brotsman.com
Bandwidth, consulting, e-commerce, hosting, and network buildin
Phone: +1 785 865 5885 Lawrence and [inter]nationa
Phone: +1 316 794 8922 Wichit
_______________________________________________________________________
DO NOT send mail to the following addresses
***@brics.com -*- ***@intc.net -*- ***@everquick.ne
Sending mail to spambait addresses is a great way to get blocked
Ditto for broken OOO autoresponders and foolish AV software backscatter