Thingerdamerung (Was: end-to-end principle)

Phillip Hallam-Baker <> Thu, 17 March 2016 15:45 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 668BA12D1E5 for <>; Thu, 17 Mar 2016 08:45:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.349
X-Spam-Status: No, score=-2.349 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, LOTS_OF_MONEY=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id R7cai6sQX2ZT for <>; Thu, 17 Mar 2016 08:45:41 -0700 (PDT)
Received: from ( [IPv6:2a00:1450:4010:c07::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id D3BF012D61C for <>; Thu, 17 Mar 2016 08:45:40 -0700 (PDT)
Received: by with SMTP id l83so45895100lfd.3 for <>; Thu, 17 Mar 2016 08:45:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=mime-version:sender:date:message-id:subject:from:to:cc :content-transfer-encoding; bh=xbu27zTBipZ3+HQM+J9VVMJ0dzLgSJULIeY2O41DXaU=; b=qQgY1IWgTI/vNjcFO2RT7JRW9RuFel2CpT8KAUkJAmF4smmEyD/mq430AEYq752JUB hBDGHlSPRunV0ssjn5EtCtYcs/7Hhm6iwzOY+5g9ju9oKpIbALq68giJ5FKVeuLFZdty ij3Nj/bCLdbkQbh+Qa1AzEW85SW+UmtU49lXNJptr7NfCc0xi9dUgNrQD/mAZkiGXgbg jevKLCrXQaDvaHTl/kK4wDZuz0eIZN8UQiHMNZ1yAnAtliLu3iOx5tlp1TA+NvDP4EP2 2xL7ExC05ltYvVZB8uxBRMR0BDBEFev+e/jKpWJpytJ8CTmxMMuZmm1lqrl72q4CLGT8 I5aQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20130820; h=x-gm-message-state:mime-version:sender:date:message-id:subject:from :to:cc:content-transfer-encoding; bh=xbu27zTBipZ3+HQM+J9VVMJ0dzLgSJULIeY2O41DXaU=; b=lJx1cqOQnO1hubfSJQCbmo/+gXqIayUieVN04tWyn/iz4dP52BDAGwATEJQ4IrAUWD ZcK89Oe/klkFxKKhuZv6E3YFRS+5wE2Tp69+EoQdrzuvh6s41dcnrFr/tRNQhfsX+JIi WlCTSofrT8yAHVc5PuELg5dTqeJQFWr/jUixqUTIIghPEke1TOdfQTa9OQqPNC3UGPvx A4PXqN4zgsaFnodxxm+CXKwUvbmOuh4k3QtZaAtQBKFswhrl3lgDJNuFQeyBP1UQcDlw a1XERmfRi5DMene6mMfT8CivRWaDxPRExXWvvYqZoh1abO1916IYCGGOtNN3Hc1157RB ZyNw==
X-Gm-Message-State: AD7BkJIs7MKO96pNHx9XiLM2juzk+6ZnX+4O0s5VBf2Y+z+BWzrCoSkVD91IuBS2Bd5GT8N9BmzgKImihcVM2g==
MIME-Version: 1.0
X-Received: by with SMTP id d7mr3999139lfg.70.1458229538932; Thu, 17 Mar 2016 08:45:38 -0700 (PDT)
Received: by with HTTP; Thu, 17 Mar 2016 08:45:38 -0700 (PDT)
Date: Thu, 17 Mar 2016 11:45:38 -0400
X-Google-Sender-Auth: DemQNSN1zccnsCnv4eYIftZOelw
Message-ID: <>
Subject: Thingerdamerung (Was: end-to-end principle)
From: Phillip Hallam-Baker <>
To: Josh Howlett <>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Archived-At: <>
Cc: "" <>
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 17 Mar 2016 15:45:44 -0000

On Thu, Mar 17, 2016 at 7:33 AM, Josh Howlett <> wrote:
> Hi,
>> It might be time to admit that end-to-end is not the one noble thing to aspire
>> to; but instead to accept deployed reality and develop protocols which are of
>> relevance in the presence of proxies, load-balancers, and more.
> I don't personally see the case for e2e as one of nobility; its primarily an economic one. E2e places the cost of interoperability on the ends, where it belongs. These are the entities benefiting from the interoperation and so they should rightly bear the cost of that. When we break e2e we can reduce the cost of interoperability for some ends, but at the expense of others; either directly, or indirectly through the loss of utility, such as security as we're discussing in this instance. Like pollution that blows downwind from a factory, this transfer of costs to other actors is what economists call an negative externality. The cost of managing the system as a whole will tend to increase, its utility will tend to diminish, and eventually we end up with a lifeless pond.
> We're not going to stop people from trying to find creative ways of making money from non-e2e solutions. Instead, we should focus on reducing the market opportunity by making it cheaper to do the right things, and having pragmatic solutions ready. I definitely don't think we should walk away from e2e; the Red Queen is running fast enough already.

In the 1980s Internet, a typical host cost a million dollars. There
were no $5 computers and certainly no $0.01 8 bit embedded micro
controller cores. More importantly, there were no computers that
lacked affordances for user input and output like the typical embedded
device does.

The modern situation is very different because the number of devices
has proliferated to the point where device management is the chief

Trying to manage my PKI configuration in every connected device means
trying to push roots of trust into my Internet connected doorbell.
That is a silly architecture.

The home network architecture that makes sense to me is that my house
as one or two dedicated device hubs that are always on and connected
and every device I buy connects to them. Or a hub of my choice that I
choose and can change at any time I like.

What I have today is eight devices in my house that are each connected
to a different service in the cloud that is proprietary and I have no
control over. The gadgets I have bought at no little cost only work at
the whim of the providers.

Cloud services are not going to be a viable proposition for expanding
the IoT beyond a handful of enthusiasts like me. Yes, we all get the
fact that the plan is to hook up everyone to a service in the cloud so
that the corporations that run them can scalp everyone for the decades
to come. Does that business model sound familiar? It should because it
is exactly the walled garden model that we all laughed at when the
carriers tried it.

Google has already demonstrated its commitment to running such a
service by buying up Revolv and shutting down the service. As a result
I have a $300 hub that is utterly useless and about $3000 worth of
home automation gear in my walls, ceilings etc. that can't be used
because there is nobody who makes a hub that can integrate it all.

Do the Google execs think they are going to be able to sell me on
another cloud service in the future? More importantly, how do they
think emerging companies like Ring are going to be able to enter the
market in future? Each person who buys a gadget and then has it fail
because the service in the cloud is shut off is going to swear 'never

If you are trying to be the next Nest like Ring is, persuading the
punters that you are not going to be the next Revolv is going to be a
challenge. And the only way those innovating companies are going to be
able to persuade people that their device isn't going to end up as a
doorstop or worse dead technology that requires a qualified
electrician to fit is to demonstrate that the gear is built on open

Which is why I hope people will come to my Bar BOF on the Mathematical
Mesh which is all about an open standards based infrastructure that
makes hooking up to an open standards based infrastructure the easiest
and most straightforward solution.

If you RSVP, I can let the AD know what numbers to expect and that
will determine if we meet in an actual bar or get a room.