On Feb 26, 2010, at 4:41 PM, Steven M. Bellovin wrote:
I think that "PTT" is the operative token here, but for reasons having nothing to do with competition. If all they wanted was competition, the easy answer would be to set up more registries -- or registrars -- not bounded by geography; as long as the number wasn't too large, it wouldn't do too much violence to the size of the routing tables.
If a PTT-like body is *the* registry for a country, and if the country chose to require local ISPs and business to obtain address space from it, what's the natural prefix announcement to the world? Right -- that country's registry prefix, which means that all traffic to that country just naturally flows through the PTT's routers and DPI boxes. And it benefits everyone, right? It really cuts down on the number of prefixes we have to worry about....
Until routing domains (i.e., ASNs) are carved up to become congruent to national boundaries for national security, censorship or other reasons. When this happens, not only will those IPv6 prefixes become fragmented, so to will their legacy IPv4 space, and certainly to the detriment of routing scalability, security, and stability. Then add something like RPKI to the mix and you've got a very effective hammer to enforce national policy - all network operators will use the national RPKI trust anchor, and all of your address space will be allocated (and certified) strictly from this national Internet registry - so that they can surgically control precisely who can reach you, and who you can reach - within the whole of the global routing system, and DPI, tariffing, etc.. are all much akin to models of yester that they can wrap their heads around. And all the efforts and bottom-up policy driven by the RIRs in the current model will dry up, as will the RIR revenue sources, and their much wider contributions to the Internet community. If you think the RIRs and the current model sucks, well, consider the alternatives. For that matter, so to better the RIRs and their constituents.
It's funny -- just yesterday, I was telling my class that the Internet's connectivity was not like the pre-deregulation telco model. The latter had O(1) telco/country, with highly regulated interconnections to anywhere else. The Internet grew up under the radar, partly because of the deregulatory climate and partly because especially in the early days, it wasn't facilities-based -- if you wanted an international link to a peer or a branch office, you just leased the circuit. The result was much richer connectivity than in the telco world, and -- in some sense -- less "order". Syria wants to roll the clock back.
I can't believe that the current model of more dense interconnection, continued disintermediation, and a far more robust IP fabric would evolve to be more resilient and robust from national Internet registry allocation models or the Internet routing system rearchitecting that's sure to follow. Of course, if the ITU-T is serious about this, they should probably be asking for a good chunk of 32-bit ASNs as well, but that's a bit more difficult to do under the auspices of liberating IPv6. -danny