[ih] The Internet Plan; was: Ken Olsen's impact on the Internet
John Curran
jcurran at istaff.org
Wed Feb 16 05:19:48 PST 2011
On Feb 16, 2011, at 7:34 AM, Vint Cerf wrote:
> the obvious next thing would be some kind of uniform agreement on
> strong authentication of the source of email and protecting contents.
> I know about PGP of course, but it's not uniformly implemented and I
> think we could usefully try again. Last time we tried, it was called
> PEM and suffered from too pure a hierarchy of certificates, I think.
That's one route to take, and has been our general approach to such
problems (encryption and authentication at the application layer.)
This has generally resulted in us getting application-specific
encryption, and no useful authentication at all; at which point,
the workarounds to no authentication appear, mostly IP address-based.
On the present trajectory, these workarounds will all fail shortly,
as the shortage of IPv4 address space causes black market unregistered
use, and the abundance of IPv6 space makes "disposable address blocks"
(similar to "saturday night special" disposable handguns) quite possible.
This needs to be fixed asap via policy policy, or we have to completely
give up on any expectations of useful identity information from the
network layer and significantly improve our efforts in application-based
authentication.
Apologies for the digression...
/John
More information about the Internet-history
mailing list