Stories
Slash Boxes
Comments

SoylentNews is people

Vint Cerf's Dream Do-Over: 2 Ways He'd Make the Internet Different

posted by janrinok on Saturday September 24 2016, @11:04PM   Printer-friendly
from the if-only-I-could-do-it-over dept.

Arthur T Knackerbracket has found the following story:

Vint Cerf is considered a father of the internet, but that doesn't mean there aren't things he would do differently if given a fresh chance to create it all over again.

"If I could have justified it, putting in a 128-bit address space would have been nice so we wouldn't have to go through this painful, 20-year process of going from IPv4 to IPv6," Cerf told an audience of journalists Thursday during a press conference at the Heidelberg Laureate Forum in Germany.

IPv4, the first publicly used version of the Internet Protocol, included an addressing system that used 32-bit numerical identifiers. It soon became apparent that it would lead to an exhaustion of addresses, however, spurring the creation of IPv6 as a replacement. Roughly a year ago, North America officially ran out of new addresses based on IPv4.

For security, public key cryptography is another thing Cerf would like to have added, had it been feasible.

Trouble is, neither idea is likely to have made it into the final result at the time. "I doubt I could have gotten away with either one," said Cerf, who won a Turing Award in 2004 and is now vice president and chief internet evangelist at Google. "So today we have to retrofit."

Original Submission

 
This discussion has been archived. No new comments can be posted.
Vint Cerf's Dream Do-Over: 2 Ways He'd Make the Internet Different | Log In/Create an Account | Top | 33 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 1, Interesting) by Anonymous Coward on Sunday September 25 2016, @01:15AM

    by Anonymous Coward on Sunday September 25 2016, @01:15AM (#406097)

    Explain to me again why NAT and private use IPv4 address tables are so terrible? I understand that the telcos, FB, and (I assume) Google don't like them because they keep thinking they ought to be able to track "their customers" (whether those people actually signed up for their services or not) and their devices around 24x7x365.

    And Cisco doesn't like NAT because they've been pushing IPv6 for twenty years (literally) and have co-authored over one hundred RFCs about it (not exaggerating) so they can convince corporate buyers they need to keep upgrading their routers and switches to stay up to date.

    Of course, hackers (the evil kind) love the idea that every device out there will have a permanent, unique IP address, possibly along with transient IP addresses if it's a mobile device. That makes their job so much easier.

    Starting Score:    0  points
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  
    Total Score:   1  

  • (Score: 0) by Anonymous Coward on Sunday September 25 2016, @01:31AM

    by Anonymous Coward on Sunday September 25 2016, @01:31AM (#406110)
    NAT breaks the end to end nature of the Internet and makes true peer to peer communication very cumbersome. Hackers (the good kind) would also love the idea that every device out there will have a routeable IP address, as it makes peer to peer applications much easier. And who says that IPv6 addresses need to be permanent on every device? There is nothing that mandates this. There exists a divide these days from people who have true, routable IP addresses and those who don't. The former are able to publish content, the latter are only able to consume. And if you wanted privacy and security, that is also possible with a large address space, and easier. You want a stateful firewall and a VPN, which are designed primarily for security, not a kludge for the purpose of allowing multiple hosts to share limited IP addresses.

    • (Score: 0) by Anonymous Coward on Sunday September 25 2016, @01:40AM

      by Anonymous Coward on Sunday September 25 2016, @01:40AM (#406118)

      How many permanent IP addresses does the world need? Probably less than 100 million. OK, we'd run out of them eventually, but a 64-bit address space would solve that problem for at least the next 30 years.

      You don't need a 128-bit address space when almost all of the IP addresses are transient.

      • (Score: 0) by Anonymous Coward on Sunday September 25 2016, @04:54AM

        by Anonymous Coward on Sunday September 25 2016, @04:54AM (#406166)
        Right. And as Bill Gates once said, 640KB should be enough for everyone.

      • (Score: 2) by Pino P on Sunday September 25 2016, @09:01PM

        by Pino P (4721) on Sunday September 25 2016, @09:01PM (#406392) Journal

        Limiting the Internet to 100 million addresses that can accept incoming connections is like saying "Only one person out of 70 should be allowed to run a website or other publicly accessible resource."

  • (Score: 1, Informative) by Anonymous Coward on Sunday September 25 2016, @08:14AM

    by Anonymous Coward on Sunday September 25 2016, @08:14AM (#406193)

    If you want to see why it is a terrible thing go look at the NAT code inside of most routers. It is a sight to behold. Most actual router code is pretty simple.

    NAT also creates another attack surface. Yep. Several recent attacks have been working around NAT to get into peoples networks. Instead of a clean firewall. Several smart guys long ago figured out the 'hole punch'. https://en.wikipedia.org/wiki/Hole_punching_(networking) [wikipedia.org]

    NAT is a hack to work around a shortage. We actually ran out of IPs years ago.

    Also ipv6 has private ranges and can do NAT. *IF* you really really really want to.

    Of course, hackers (the evil kind) love the idea that every device out there will have a permanent
    That is why you have a real firewall.

    possibly along with transient IP addresses if it's a mobile device
    You have not worked at a phone company or ISP have you? 99.999999% of them are static or for all intents static.

    That makes their job so much easier.
    It makes everyone's job easier. I dont make shit code just to make someone elses life slightly harder. If you think NAT will stop hackers you are dreaming.

    Instead of worrying about ipv4 vs ipv6 I suggest you worry more about the problems in the core network routing and how easy it is to screw up.

    • (Score: 2) by Pino P on Sunday September 25 2016, @09:03PM

      by Pino P (4721) on Sunday September 25 2016, @09:03PM (#406394) Journal

      How would you go about adding "a real firewall" to, say, a USB LTE modem?

      • (Score: 0) by Anonymous Coward on Monday September 26 2016, @09:05AM

        by Anonymous Coward on Monday September 26 2016, @09:05AM (#406581)

        You stick it in the USB-port of the firewall.

        Oh, you mean a single (laptop, probably) computer? Secure the computer, instead of putting a firewall in front of it.