Operator survey: Incrementally deployable secure Internet routing
scott
surfer at mauigateway.com
Tue Jan 25 00:59:25 UTC 2022
Hello,
"are described in further detail in the survey"
Doing the survey gives legitimacy to something I feel is not correct
-------
"We understand the privacy concern. As for SBAS, the backbone is
operated in a federated manner among PoP operators."
I asked about the ISDs and put a FAQ you have as an example. I didn't
ask about the SBAS. It seems to me that the ingress/egress of an ISD is
the place a government surveillance network would reside. All country
internet communications go through a chokepoint to get on the SBAS, so
it's easier to surveil the population. Especially if you envision the
ISD to have its own DNS.
scott
On 1/22/2022 5:22 PM, Yixin Sun wrote:
> Hi Scott,
>
> Thank you for your comment! We understand the privacy concern. As for
> SBAS, the backbone is operated in a federated manner among PoP
> operators. In our current deployment, the PoP operators are located
> across three continents. On the other hand, due to the federated
> structure of the SBAS PoP operators, a governance structure is needed
> to coordinate global operation. We have outlined four potential
> governance models, i.e., ICANN and Regional Internet Registries, a
> multi-stakeholder organization, a federation of network providers, or
> a decentralized governance model. The four models are described in
> further detail in the survey, and we would love to hear your opinions
> about them.
>
> Best,
> Yixin
>
> On Fri, Jan 21, 2022 at 8:24 PM scott <surfer at mauigateway.com> wrote:
>
>
>
>
> On 1/21/2022 12:07 PM, Yixin Sun wrote:
>>
>> We appreciate that your time is very precious, but we wanted to
>> ask you for your help in answering a brief survey about a new
>> secure routing system we have developed in a research
>> collaboration between ETH, Princeton University, and University
>> of Virginia. We'd like to thank those of you who have already
>> helped us fill out the survey and provided insightful feedback.
>> Your input is critical for helping inform our further work on
>> this project.
>>
>> Here is the link to our survey, which takes about 10 minutes to
>> complete, including watching a brief 3-minute introductory video:
>> https://docs.google.com/forms/d/e/1FAIpQLSc4VCkqd7i88y0CbJ31B7tVXyxBlhEy_zsYZByx6tsKAE7ROg/viewform?usp=pp_url&entry.549791324=NANOG+mailing+list
>> <https://docs.google.com/forms/d/e/1FAIpQLSc4VCkqd7i88y0CbJ31B7tVXyxBlhEy_zsYZByx6tsKAE7ROg/viewform?usp=pp_url&entry.549791324=NANOG+mailing+list>
>>
>> Our architecture, called Secure Backbone AS (SBAS), allows
>> clients to benefit from emerging secure routing deployments like
>> SCION by tunneling into a secure infrastructure. SBAS provides
>> substantial routing security improvements when retrofitted to the
>> current Internet. It also provides benefits even to
>> non-participating networks and endpoints when communicating with
>> an SBAS-protected entity.
>>
>> We currently have a functional prototype of this network using
>> SCIONLab (for the secure backbone) and the PEERING testbed (to
>> make outbound BGP announcements). Our ultimate aim is to develop
>> and deploy SBAS beyond an experimental scope, and the input of
>> network operators that would actually have to run these PoPs
>> would greatly benefit this project and help make secure routing a
>> reality.
>
>
>
>
> This all looks like a network made for surveilling the planet's
> citizens more easily. Even in the FAQs!
>
>
> ----------------------------------------------------------------
>
>
> "Do you use countries as ISDs? Doesn't that create opportunities
> for government intervention and censorship?
>
> We're currently looking into the best way to partition the
> Internet into ISDs, so using countries as ISDs is only one
> possible option. Countries have the advantage of providing a
> uniform legal environment, allowing misbehavior in an ISD to be
> handled according to the legal framework of that ISD."
>
> ----------------------------------------------------------------
>
>
>
>
> I guess each country's government will define 'misbehavior' and
> will have a more easy way to find the misbehaving entity? Will
> each ISD (ISD = Isolation Domain) have it's own DNS? What will
> you do about space? The moon? (That one's coming sooner that
> folks might expect:
> https://www.nokia.com/networks/insights/network-on-the-moon) Just
> say no to internet partitioning.
>
>
> scott
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20220124/18fda97c/attachment.html>
More information about the NANOG
mailing list