Many aspects of the digital environment are dominated by a small clique of extremely large enterprises. Meta and Twitter may be teetering at the moment, but we have Google, Apple, Microsoft and Amazon who are still strongly dominant in their respective markets. Looking further afield, what about our common infrastructure services that everyone is forced to rely upon? How's the Domain Name System faring? Is the DNS also falling under the influence of these digital hypergiants? Or is the DNS still highly distributed and resisting the trends of centralization? Lets take a look at some DNS data to see if we can answer this question.
There has been a concerted push to shroud many of the IETF's core protocols inside a claok of end-to-end encryption. This level of occlusion of the transactions that occur across the network from the network itself is not without its attendant risks, as Dr Paul Vixie outlined in a presentation at the recent NANOG 86 meeting.
QUIC could be seen as a simple update to TCP, but I think that such a vew is missing the point of QUIC. QUIC represents a significant shift in the set of transport capabilities available to applications in terms of communication privacy, session control integrity and flexibility.
The topic of the robustness of IPv6 Extension Headers has experienced a resurgence of interest in recent months. I’d like to update our earlier report on this topic with some more recent measurement data.
In policy work nothing is ever truly simply black and white. The means to achieve one outcome may well act to impair the work to achieve different outcomes, and the resultant effort often requires some difficult decisions to balance what appears to be some fundamental tensions between various policy objectives. Even a topic like online safety, which should be very straightforward, has some challenges.
How should we engage with evolution and innovation in the Internet’s name space? How can we evolve this name environment if we avoid fragmentation and stay within the confines of the incumbent name system? Are all that we are permitted to vary when we try to innovate in the name space are the values of the labels used within DNS names? This was never a satisfactory answer, and many actors have experimented with various forms of alternative name systems running over the Internet for many years. These efforts inevitably result in a fragmented name space. Is there a better way to respond to these conflicting pressures?
One of the discussion topics at the recent ICANN 75 meeting was an old favourite of mine, namely the topic of Internet Fragmentation. Here, I’d like to explore this topic in a little more detail and look behinds the kneejerk response of declaiming fragmentation as bad under any and all circumstances. Perhaps there are more subtleties in this topic than simple judgements of good or bad.
The entire set of issues of network neutrality, interconnection and settlements, termination monopolies, cost allocation and infrastructure investment economics is back with us again. This time it’s not under the banner of “Network Neutrality,” but under a more directly confronting title of “Sender Pays”. The principle is much the same: network providers want to charge both their customers and the content providers to carry content to users.
A couple of months ago, in July 2022, I wrote about our work in measuring the level of use of QUIC in the Internet. Getting this measurement “right” has been an interesting exercise, and it’s been a learning experience that I’d like to relate here. We’ll start from the end of the previous article and carry on from there.
We’d like to understand the extent to which encrypted DNS technologies have been taken up in the public Internet. To this end, we've been able to analyse the query data from a large open recursive resolver system to provide some insights as to how much use is being made of DNS over HTTPS and DNS over TLS.
IETF114 was held in the last week of July 2022 as a hybrid meeting, with the physical meeting being held in Philadelphia. Here’s my notes on topics that attracted my interest from the week.
There has been much speculation on the evolution of the Internet. Is our future somewhere out there in the blockchains? Is it all locked up in crypto? Or will it all shatter under the pressure of fragmentation? It seems to me that all this effort is being driven by a small number of imperatives: making it bigger, faster and better. Oh, and making it cheaper as well!
There is still much in the way the DNS behaves that we really don't know, much we would like to do that we can't do already, and much we probably want to do better. DNS-OARC Meetings bring together a collection of people interested in all aspects of the DNS, from its design through to all aspects of its operation, and the presentations and discussions at OARC meetings touch upon the current hot topics in the DNS today.
QUIC as recently been standardized by the IETF and is now in the initial stages of deployment. Let's take a look at the current state of the use of QUIC in today's Internet.
The Internet may be many things, but its definitely not free. One way or another the users of the Internet pay for the Internet. But this does not stop various players in the space jostling for relative advantage, claiming others should be paying more while they pay less. This tension is often reflected between carriage providers and content service providers when they try and figure out who should pay whom and how much.
Telecommunications infrastructure is not isolated from the world of politics, and its not just limited to pronoucments of who can provide 5G networks in various countries. The world of undersea cables is similarly being shaped by these same political tensions, and this is clearly evident in the western Pacific Ocean.
Using the DNS without directly using recursive resolvers seems like an approach that is totally alien to the DNS as we know it, so it might be useful to ask: How did we get to this point where a resolverless form of DNS name resolution makes some sense? And, to whom does it make sense?
Potaroo blog