The Secure Transport Tussle
نویسنده
چکیده
It is very hard to deploy transport protocol innovations such as encryption, multipath or forward error correction. This is largely due to the assumptions made by middle-boxes, which contribute to a practical freeze of the TCP specifications. Protocol developers tends to see that as a technical problem, but it really is a tussle in which middle-box vendors and operators compete for Internet value against end to end devices and services. We have an example of a similar tussle in the past, between real-time applications on one hand, NATs and firewalls on the other. The NAT traversal tussle was solved with the unilateral deployment of a variety of protocols, which repositioned the balance of power between end-to-end and middle-boxes. Protocol developers need to adopt the same approach for fielding transport innovation, and that probably means an encrypted transport on top of UDP, so they can win the “secure transport tussle.”
منابع مشابه
On Designing for Tussle: Future Internet in Retrospect
Over the past decades, the fundamental principles of the Internet architecture have not significantly changed. However, Internet evolution and its effects on participants’ interests have triggered the need for re-defining these design principles. “Design for Tussle” is an aspiration for future network designs, which enables the involved stakeholders to express their possibly conflicting socio-e...
متن کاملRouting as a Service
In Internet routing, there is a fundamental tussle between the end users who want control over the end-to-end paths and the Autonomous Systems (ASes) who want control over the flow of traffic through their infrastructure. To resolve this tussle and offer flexible routing control across multiple routing domains, we argue that customized route computation should be offered as a service by third-p...
متن کاملRFC 5764 SRTP Extension for DTLS
This document describes a Datagram Transport Layer Security (DTLS) extension to establish keys for Secure RTP (SRTP) and Secure RTP Control Protocol (SRTCP) flows. DTLS keying happens on the media path, independent of any out-of-band signalling channel present.
متن کاملA Complete Secure Transport Service in the Internet
designed for the COMANDOS1 [1] distributed operating system platform, which may run on bare machines or over UNIX environments, using Internet protocols as a communication infrastructure. A secure transport service for secure communications between kernels was developed. As kernels use different transport protocols like TCP and UDP in broadcast, we implemented a general secure transport service...
متن کاملRemote Authentication Dial-In User Service (RADIUS) Usage for Simple Network Management Protocol (SNMP) Transport Models
This memo describes the use of a Remote Authentication Dial-In User Service (RADIUS) authentication and authorization service with Simple Network Management Protocol (SNMP) secure Transport Models to authenticate users and authorize creation of secure transport sessions. While the recommendations of this memo are generally applicable to a broad class of SNMP Transport Models, the examples focus...
متن کامل