General

Today, I want to share with you something that I’ve been working on for the last several months — a concrete vision and proposal for supporting the Internet’s development.

CCDI-Spelled-Out-20150715

For some, “Internet development” is about building out more networks in under-served parts of the world. For others, myself included, it has always included a component of evolving the technology itself, finding answers to age-old or just-discovered limitations and improving the state of the art of the functioning, deployed Internet.  In either case, development means getting beyond the status quo.  And, for the Internet, the status quo means stagnation, and stagnation means death.

Twenty-odd years ago, when I first got involved in Internet technology development, it was clear that the technology was evolving dynamically.  Engineers got together regularly to work out next steps large and small — incremental improvements were important, but people were not afraid to think of and tackle the larger questions of the Internet’s future.  And the engineers who got together were the ones that would go home to their respective companies and implement the agreed on changes within their products and networks.

Time passes, things change.  As an important underlay to the world’s day to day activities, a common perspective of the best “future Internet” is — hopefully as good as today’s, but maybe faster.   And, many of the engineers have gone on to better things, or management positions.  Companies are typically larger, shareholders a little more keen on stability, and engineers are less able to go home to their companies and just implement new things.

If we want something other than “current course and speed” for the Internet’s development, I believe we need to put some thoughtful, active effort into rebuilding that sense of collaborative empowerment for the exploration of solutions to old problems and development of new directions — but taking into account and working with the business drivers of today’s Internet.

Clearly, it can be done, at least for specific issue — I give you World IPv6 Launch.

Apart from that, what kinds of issues need tackling?  Well, near term issues include routing security as well as fostering measurements and analysis of the currently deployed network.  Longer term issues can include things like dealing with rights — in handling personal information (privacy) as well as created content.

I don’t think it requires magic.   It might involve more than one plan — since there never is a single right answer or one size that fits all for the Internet.  But, mostly, I think it involves careful fostering, technical leadership, and general facilitation of collaboration and cooperation on real live Internet-touching activities.

I’m not just waving my hands around and writing pretty words in a blog post.  Earlier this year, I invited a number of operators to come talk about an Unwedging Routing Security Activity, and in April, we had a meeting to discuss possibilities and particulars.  You can out more about the activity, including a report from the meeting here.

That was a proof point for the more general idea of this “coordination” function I described above — for now, let’s call it the Centre for the Creative Development of the Internet, and you can read more about that here:  http://ccdi.thinkingcat.com/ .

In brief, I believe it’s possible to put together concrete activities that will move the Internet forward, that can be sustained by support from individual companies that have an interest in finding a collaborative solution to a problem that faces them.  The URSA work is a first step and a proof point.

Now the hard part:  this is not a launch, because while  the idea is there, it’s not funded yet.  I am actively pursuing ways to get it kick started, with to be able to make longer term commitments to needed resources, and get the idea out of the lab and working with Internet actors.

If you have thoughts or suggestions, I’m happy to hear them — ldaigle@thinkingcat.com .   Even if it’s just a suggestion for a better name :^)  .

And, if we’re lucky, the future of Internet development will mirror some of its past, embracing new challenges with creative, collaborative solutions.

Last week I had the privilege of participating in the Norwich University College of Graduate and Continuing Studies 2015 Residency Conference.    NU runs several online graduate programs, which have the requirement of spending one week (at the end of the program) on campus in Northfield, VT.

As a member of the advisory board for the highly-rated Master of Science, Information Security and Assurance (MSISA) program, I find it interesting to meet the students and see the breadth of backgrounds, interests and future plans that they have.  Online university programs are real, concrete, and provide access to education that would otherwise be very difficult for working professionals to accommodate in their busy lives.

The Residency Conference is the icing on the cake as students have the opportunity to meet each other and some of the professors they’ve been working with throughout their program.

And, really, who could resist the opportunity to spend a week in Vermont?

Not I, clearly — this was my second opportunity to participate in the annual conference.  Last year, I gave an introduction to Internet governance, among other things.

This time, in addition to helping with facilitating case study discussion at the conference, I had the opportunity to participate by hooding in the Academic Recognition Ceremony for the MSISA and MPA programs — a fine opportunity to wear academic regalia!  The school’s photographer caught some pics, so there is evidence!

I’ve long been convinced of the importance of continued learning — always keep stretching, doing, learning.  Last week’s Residency Conference energy was a reminder that formal education, whether in person or online, can be an even more intense and rewarding experience than self-directed learning.

Those of you who track the announcements of IETF Internet-Draft publications may have noticed a “draft-daigle-” document pop out in the flurry last-minute pre-IETF92 documents.  (ICYMI, the document is:  draft-daigle-AppIdArch-00.txt).

Related to the work I’ve been doing in bolstering the content of “The Attic” of applications identifier technology history, I started to think about a general framework to describe applications identifiers.  So many times we’ve been through the same design discussions — it would be nice to capture the state of the art in tradeoffs and design considerations and simply move forward.

Future versions of this or other documents are intended to delve more deeply into questions of design choices, as well as the broader question of applications architectures (which are uniquely tied to identifiers, content, and resolution).

That’s the theory behind the draft.  It is an “-00” version, with all the draftiness that implies.  My hope is that it will stimulate some discussion and feedback.  I’d love to hear your thoughts — comment here, send me an e-mail, or catch me in Dallas at IETF92.

The long-standing and generally-held belief of the Internet community has been that the Internet’s governance should be based on a “multistakeholder” model.  Whatever you may surmise is the proper definition of that word, we should readily agree it doesn’t mean that a single government, any single government, should have override control of major swaths of the Internet or its support functions.

This year, there have been constructive community steps towards reducing the Internet’s dependency on a single nation, as well as a variety of reminders why it is important to make that effort successful.

Hence the global satisfaction at the NTIA’s announcement in March 2014 that it would seek a multistakeholder-model-supporting proposal to transition the NTIA (and the US government) out of its oversight role for the Internet Assigned Numbers Authority (IANA).    For many, this has been a long time coming — certainly, the Internet Architecture Board, on behalf of the IETF, has been signalling (to the NTIA, publicly) its concerns about the IETF’s lack of control over its own standards’ parameter assignment since at least the days when I was the IAB Chair.

The communities that have actual responsibility for managing the names, numbers, and other protocol parameters have, since March, stepped up to engage in developing the pieces of the requested proposal.   These are not random strawperson proposals to define a new Internet or governance system:  the communities involved are dependent on the IANA function for getting their own work done, and the focus has been on ensuring that the Internet’s naming, numbering and protocol development functions will continue to work reliably, responsibly and without undue interference in a post-NTIA-transition world.

For the protocol parameters part of IANA, the IETF’s IANAPLAN working group was chartered “to produce an IETF consensus document that describes the expected interaction between the IETF and the operator of IETF protocol parameters registries.”    From my vantage point as co-chair of the WG, I have seen the WG’s extensive discussion of the issues at hand, and watched the document editors do a sterling job of producing a document that will be the basis of the IETF’s contribution to the proposal.  With the WG’s document in last call across the IETF until the 15th of December (err, today!), the IETF is on track to have its contribution done by the January 15th deadline set by the inter-communittee coordinating committee.  (See IETF Chair Jari Arkko’s blog post for more details).

Just in case anyone’s energy was flagging before we finish the final details, there are timely reminders of why it is important to keep pressing on with defining (and realizing) the IANA in a post-NTIA reality.  As noted in Paul Rosenzweig’s article on Lawfare, “Congress Tries To Stop the IANA Transition — But Does It?”, a different part of the US government (the US Congress) is trying to stop the NTIA’s actions:

“Now Congress has intervened.  In the Omnibus spending bill that looks to be going through Congress this week the following language appears:

SEC. 540. (a) None of the funds made available by this Act may be used to relinquish the responsibility of the National Telecommunications and Information Administration during fiscal year 2015 with respect to Internet domain name system functions, including responsibility with respect to the authoritative root zone file and the Internet Assigned Numbers Authority functions.

(b) Subsection (a) of this section shall expire on September 30, 2015.”

Rosenzweig goes on to observe that the provision may well not have the expected impact, and might have more deleterious effects for the US.  Perhaps this is Congress attempting to use the budget process to stop the NTIA’s actions in their tracks; perhaps it’s just budget-jockeying on a scale not comprehended outside the limits of Washington, D.C.  But — It.Doesn’t.Matter.

Most of the Internet’s users do not live in the country in question, let alone have a voice in those discussions.  Nevertheless, they are impacted by the outcome.   Which is why the Internet community, which is global, and has solicited input broadly, is stepping up to create a future for the IANA that will:

  • Support and enhance the multistakeholder model;
  • Maintain the security, stability, and resiliency of the Internet DNS;
  • Meet the needs and expectation of the global customers and partners of the IANA services; and,
  • Maintain the openness of the Internet.

Clearly, that can not be satisfied with the control of any single government, as the US Congress’s actions remind us now!    The question is not whether the US government retains its historical role as contract-holder for the IANA functions.  The question is how to best meet the criteria thoughtfully laid out by the NTIA.

Post Wordle

 

RIP, Privacy?  I certainly hope not.      The dictionary.com definition of privacy includes “the state of being free from intrusion or disturbance in one’s private life or affairs “.      In that light,  the suggestion that “you have zero privacy anyway, get over it” (attributed to Scott McNealy) is kind of scary:  if we’re trying to make the world a better place, we should have fewer intrusions and  disturbances in our private life, rather than expecting that they should be the norm.

What we’ve seen over the last decade is an explosion in the exposure of personal data, due to:

  • data being shared in electronic form (especially, via the Internet)
  • cheap computer storage making it feasible to collect and retain massive quantities of data
  • cheap, fast computing that facilitates processing the masses of data to draw correlations and inferences

While privacy has traditionally  been achieved through confidentiality of data, the factors above have outstripped our rational ability to develop appropriate means to act given how little data exposure it takes in order to lead to an impact on privacy.

In early June, I gave a talk to a George Mason University class, “Privacy and Ethics in an Interconnected World”  in the Applied Information Technology department.   The assigned subject of the talk was “Regulating Internet Privacy”.

In preparing for the talk, I want through 5 “case studies” of data exposure and privacy impacts:

So-called Public Data:  E.g., is it okay that everyone knows how much you paid for your house?

  • At least in some jurisdictions, it is “public data”
  • It does help inform  future buyers in the area

But — it can create tense times with your family, friends and neighbours, which is most certainly an intrusion on your personal life.

And then along comes Zillow and takes individual pieces of public data to paint a picture of your neighbourhood, which paints a whole different picture of you,  your worth, etc.

Personal Data in Corporate Hands:  Your usage at a particular service means you wind up sharing personal data.

  • In part, this is an inevitable consequence of carrying out a business transaction.
  • An argument is that it helps tailor your service to your interests.

But, when a history is maintained,  your usage is tracked,  and data is sold to third parties, the implications may catch you by surprise.  (Should you be denied health care coverage if you don’t walk 10,000 steps a day?).

Identity Data:   Data that identifies you personally undermines any opportunity for  anonymity.

Freedom of speech means different things in different parts of the world, and being able to voice an opinion without fear of repercussion follows with that

Accountability:  On the flip side, some ability to attach actions to individuals who are responsible for them.

  • When someone does something bad on or to the Internet, it should be possible to track them down
  • Of course, “something bad” is in the eye of the beholder

This is, of course, the complement of the desire to be able to provide anonymity.

Pervasive Monitoring: collecting any and all data about Internet connections, irrespective of source or destination or accountable person.

  • Governments demanding access  –to metadata of Internet connections, and sometimes content.
  • From reports, they have no a priori reason to track you, but it’s easier to collect all the data and figure out what they want later

But, inferences from data mining are not always correct, and if you don’t know they are being made, you have no recourse to fix them.

One thing that all of the points above have in common is that the data is being used for purposes beyond which people originally understood or expected it to be.

It’s pretty hard to function in today’s society without sharing some data some of the time — so complete confidentiality is not an effective option.   But being cautious about what you share, when, is necessary in this day and age.  The Internet Society has some useful guidance on that front:

And the other side of the coin is making sure that the data that is shared is treated appropriately.

And we should, indeed, be able to “rest in peace” — peace of mind that our lives are not being undermined by misuse of our data.

 

On Friday (May 16), I will pack up my office at the Internet Society, pull out of the parking lot and make that horrible left turn onto Wiehle Ave one last time, and head off into the sunset.

I joined the Internet Society’s staff almost 7 years ago, as its first Chief Internet Technology Officer, to build out a platform of technology programmes to help the organization achieve its mission of promoting the open development, evolution, and use of the Internet for the benefit of all people throughout the world.   I think that platform is pretty solidly built, the organization has smoothly transitioned CEOs this year, and it’s time now for me to step back, unwind from too many orbits of the planet, and think about what I want to build next.

My immediate plan is to spend a couple of months writing.  A number of people have said they envy me — well, it’s not like I’m going to take off and spend the summer on an idyllic island somewhere.  Oh — wait — I am!!  But, it’s a great place for writing Willa Cather thought so.

Assuming all goes well, you’ll be hearing more about the writing progress, here, in the coming weeks.   Stay tuned!

SouthWest Head

SouthWest Head, Grand Manan, NB

 

 

I lit up this website barely a month ago, and according to Google Analytics, it’s hit a top speed of 20 visits in a day!   Heh.  And that was just one day — total pageviews accumulated since it went live is 101.  Well, that’s fine — I’m not really trying to “drive traffic” to it, especially as I’m still tinkering.

The more depressing thing is that it has nevertheless managed to generate 7 comments — 100% of which were spam.   Now, that is depressing.

Tempted though I am to simply turn off the more-than-likely-superfluous comment feature, I’ve settled for installing a captcha mechanism.   We’ll see how that does…

I registered the thinkingcat.com domain name almost 17 years ago.  I’ve used it very actively for e-mail through most of those years:   borrowing friends’ server resources first in Sweden, then in Maryland, then in Virginia…  It’s a well-traveled domain 😉

Websites have been a little more resource intensive to set up and maintain.  I’m trying out WordPress as a website creation tool (CMS — like I have that much content to manage 😉 ).  The next hurdle will be maintaining it!

Even so — this is still a split domain.  Currently, mail is being handled through a shared server, and I’ve set this website up on a WordPress installation on a virtual machine I’ve rented.   Not even on the same coasts of the continent, let alone on the same network.  This is the sort of fun you can have with a domain!

This is pretty much a quiet beta release.  I plan to update the “publications”and “media” sections of the site to be a repository of those things (because “repository” sounds so much better than “digital detritus on my home computer”).

Stay tuned…