Re: Non routable IPv6 registry proposal

[Phillip Hallam-Baker <phill@hallambaker.com>]

On Wed, Jan 20, 2021 at 3:58 PM Nick Hilliard <nick@foobar.org> wrote:

> Phillip Hallam-Baker wrote on 20/01/2021 20:06:
> > The proposal is to reserve a significant block of IPv6 space (e.g.
> > 2002::/16) as non routable address space to be allocated in Class A/B/C
> > sized chunks on a permanent basis either through random assignment or by
> > a new registrar TBD for a negligible one-time fee ($0.10 or less).
>
> this idea was the subject of a recent discussion on 6man, subject
> thread: "Re-Launching the IPv6 ULA registry".  The original email was here:
>
> https://mailarchive.ietf.org/arch/msg/ipv6/fFpPHY55pwKlEopyyAZyZI8azg0/


> There were several aspects which cropped up, but the core issues seem to
> be whether the end user needs both address permanence and the
> requirement for interconnection to third parties.  If you need both of
> these, then registered addresses are a good idea; if you don't need
> both, then ULA should work fine.
>

Random addresses are almost certainly going to be fine.

Registering an address is low value, registering a binding of an address to
a public key is much more useful.

The economics you're proposing may need a bit more consideration,
> especially given that registries need long term stability, both
> financial and from the point of view of governance.
>

Governance is much less of a concern for numbers with no semantics. My
other proposal in this space, the Mesh callsign registry for names of the
form @alice etc. is a lot more complex. Obviously @microsoft has to go to
the place everyone expects and not just because Microsoft can afford the
lawyers. It is a security concern because there is an expectation that goes
to the 'right place'. I have spent 20 years on those issues at VRSN and
Comodo.

Governance in the numbers space comes down to denial of service attacks.
What happens if we have a US administration which tries to kick Iran off
the net by denying them the right to register numbers? Well right now what
would happen is they would just make up their own numbers and continue.
Start imposing PKI based verification of addresses and that type of attack
can become real.

It is very important to understand the impact of the technology on the
business model. Servicing DNS names is expensive and will always be
expensive because the registry is required to provide a resolution service
with low latency, 99.999% uptime, etc. etc. The RPKI is expensive because
it is based on PKIX and the assumption certificates expire every time the
earth circles the sun a given number of times.

The business model for my proposed registry is essentially the exact same
thing as that for the 'million dollar home page': Charge a small fee for a
one time registration, let other folk worry about providing hosting in
perpetuity.


I have done a lot of thinking on the callsigns and will be able to offer
them for $0.10 each for names of 9 characters or more. The surplus funds
going to a not-for profit to fund development of open source code and
specifications. Why do I expect there to be a significant surplus? Because
shorter names will attract an exponentially increasing premium. You can
be @nick_hillard for $0.10 or you can demonstrate your commitment to the
project by being the first to buy @hillard at $10 or you can be a really
good patron and pay $10,000 for @nick.