[e2e] new mailing list policy in effect
Jon Crowcroft
Jon.Crowcroft at cl.cam.ac.uk
Sun Feb 22 03:29:00 PST 2004
if i hear someone say "tragedy of the commons" i'll get ver vyer cross
have you read the harbin paper? i bet not
the commons is not like the internet for 2 fundamental reasdons
1/ we pay to access the internet
2/ the grass on the commons does not renew itself the minte the cows stop eating it - it takeslonger to regrow the
grass than the cows take to DIE. thats why the situation is completely different.
but you are right to mention it a bit since the solutions and problems with solutions (e.g. a varieity of
impossibility results in welfare economics) come out of studuies of games and sharing of resources
but its not the same problem, nor are the solutions the same- for example the solutions to the commons were fencing
- this led to an inequitable partition of resources (75% of land owned by 5% of people) which is self sustaining
and is not the solution you'd like in a free market (social choice has too much memory - i.e. you inherit stuff:-)
In missive <1077446997.13592.20.camel at euclid.student.uu.se>, Richard Gold typed:
>>On Sat, 2004-02-21 at 10:12, Jon Crowcroft wrote:
>>> there's an interesting analogy in what has happened to e-mail and lists and bboards after we piecemeal deploy
>>> anti-spam measures, and what has happened to the internet after we piecemeal deploy anti-dos measures - nats,
>>> firewalls, and other local-view only measures to remove locally perceived threats, and spam filters, balkanize
>>> connectivity at the service and information layers respectively, and both do potentially as much damage as good -
>>> we need to design some mechanism (in the mechanism-design sense) to make sure people have incentives to align their
>>> filters to maintain end2end-ness - i have no idea how to do this - it seems like the hardest challenge in the
>>> Internet today is to create distributed systems that tend towards maintaining end-to-end transparency despite a
>>> background distributed threat.....
>>
>>Isn't this the Tragedy of the Commons? The balkanization that you
>>describe sounds to me like the Enclosure acts. Although interestingly,
>>in that case, the decision was more top-down than the bottom-up,
>>unilateral actions we see taken now.
>>
>>I would argue that our model of connectivity needs to be more
>>fine-grained than just filtering out whole ranges of things (be it port
>>ranges or net blocks) that we think could be harmful. A more expressive
>>model would allow us to be more selective in what we filter out. Of
>>course, managing the complexity of such a model is just one of the
>>trade-offs that would have to be explored.
I would argue that the model of unsolicited transmission needs to be retained (i.e the ability to send from
ANYWHERE to somewhere) but the share of resource you get in doing so has to be determiend by the receiver based on
some a priori knowledge - if it is unsolicted by me, then that means i need this a priori knowledge from someone
else (e.g. you) - this requires a mechanism for sharing such information - in a sense, the roles of the IANA in
allocating address space and domain roots in the old days are a clue as to how to do this - but we need a
more decentralized system for allocating and distributing a priori knowledge - the slightly higher success of PGP
than CA hierarchies is another clue that there is some value in distributed trust - but the failure of either
scheme is a pointer to the fact that we need to do something new...but also simple...
various proposals in this space (roscoe et al capabilities, hashcash, tcp puzzled, etc etc) are promising, but all
seem (to me ) to lack some bootstrapping mechanism - the problem is also that the signaling for the schemes
themeselves needs to be robust against ddos too
i dont have any solutions to offer, but i am guessing it may be that we need a major effort to build a new
infrastructural service, the way that the router infrastructure, then the dns, then the www server and more
recently some of the p2p service infrastructures have grown - this new infrastructural service has to provide an
way to share acquired knowledge about objects good behaviour (starting from the fact that an IP address is not
spoofed, and an email source address is not bogus or just temporary, going through a bunch of other layers in
between) - its abit like the infrastructural service that is built by the firewall and virus checker companies to
exchange and update your defenses, but this is a POSITIVE database - a set of recommendations for people
of course it has to respect privacy some how, and have all sorts of checks against false boosting of ratings
('gold is the new platinum' :-)
and that is a hard hard thing to devise!
cheers
jon
More information about the end2end-interest
mailing list