[e2e] e2e principle..where??....

Panos GEVROS P.Gevros at cs.ucl.ac.uk
Mon Jun 4 14:37:46 PDT 2001


"David P. Reed" typed :
 |At 04:59 PM 6/4/01 +0100, Panos GEVROS wrote:
 |>"trust" is the key word i'm borrowing from your message -
 |
 |Is this "trust" in the broadest possible sense?

trust with respect to anything involved in the endpoint-environment 
interaction.
when the actions/responses are predictable and well defined (and there is a 
way to verify that this is indeed the case) - then the endpoint is trusted


 |The automobile highway system functions on a pragmatic model of trust, as 
 |does the air traffic control system.
 |
 |The highway's benefit and risks to other users are highly dependent on the 
 |behavior of its users.  If we had to abandon trust, we wouldn't build 
 |highways and operate them.
 |
 |The Internet is the same.  Small adaptations that incent cooperation and 
 |punish bad behavior go very far towards creating mutually beneficial behavior
 s.
 |
 |But the need for structuring incentives does not mean that the highway 
 |operators have to take steering control away from car owners, nor does it 
 |mean that edge-based solutions won't work.  There exists a minimum of 
 |necessary cooperation, and that minimum seems to be quite small (much less 
 |than AT&T claimed prior to Carterphone!)

in the real-life paradigms (highway, airport) the human factor makes them  
different from the network case ; there is a common (approximately) valuation 
of human life and  death risk and the implicit assumption that there are human 
beings in the driving seat; this makes incentive building easier
(another argument could be that the human controlling ability in many cases is still unmatched by machines hnnce it is preferable)

i think that the amount of control required on the endpoints will be proportional to the complexity of the objective(s) in question, in any case there will always be a necessary and sufficient amount

if the trust between the network and the endpoint is restored that would largely eliminate the need for hidden-middleboxes, and a "smart network", if it can be done at the host in the first place why do it in the network?

the price to pay : 
the endpoints will have to surrender part of the freedom enjoyed today, ``they will behave only as the provider allows them to behave'', according to what they have purchased etc. 
This happens in the current internet business model with ip addresses for instance ; dynamic or static if the client is willing to pay more, and for the link layer with access line types... but these cases are simple, and there is no hidden intelligence nor need for verification (that the client sends faster than its access line!) 

The challenge would be to extend the same model upwards in terms of allowed transport service options congestion/error control, security  
there is the problem that these things are tightly integrated in the OS and they involve intelligence and the verification of system behaviour could be computationally expensive (especially when observed from outside) but there may be ways round it) 

the gain would come from maintaining the end-to-end architecture (with all the good things that these brings), and providing more flexibility compared to the uniform transport service the internet provides today, and more scalability compared to network-centric solutions 

Panos




More information about the end2end-interest mailing list