[IRTF-Announce] New IRTF RG chartered: End-Middle-End Research Group
Aaron Falk <falk@ISI.EDU> Wed, 08 November 2006 06:59 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GhhOs-0004nb-4H; Wed, 08 Nov 2006 01:59:06 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GhhMn-0004Lu-F7 for irtf-announce@irtf.org; Wed, 08 Nov 2006 01:56:57 -0500
Received: from vapor.isi.edu ([128.9.64.64]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GhhBA-0008Bi-AM for irtf-announce@irtf.org; Wed, 08 Nov 2006 01:44:58 -0500
Received: from [130.129.67.125] (dhcp67-125.ietf67.org [130.129.67.125]) (authenticated bits=0) by vapor.isi.edu (8.13.8/8.13.8) with ESMTP id kA86iLJm017895 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT) for <irtf-announce@irtf.org>; Tue, 7 Nov 2006 22:44:21 -0800 (PST)
Mime-Version: 1.0 (Apple Message framework v752.2)
Content-Transfer-Encoding: 7bit
Message-Id: <E65A9411-DF9A-45F2-9B87-8D19FD73F490@ISI.EDU>
Content-Type: text/plain; charset="US-ASCII"; delsp="yes"; format="flowed"
To: IRTF Announcements <irtf-announce@irtf.org>
From: Aaron Falk <falk@ISI.EDU>
Date: Tue, 07 Nov 2006 22:44:19 -0800
X-Mailer: Apple Mail (2.752.2)
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: falk@isi.edu
X-Spam-Score: 0.0 (/)
X-Scan-Signature: a2c12dacc0736f14d6b540e805505a86
Subject: [IRTF-Announce] New IRTF RG chartered: End-Middle-End Research Group
X-BeenThere: irtf-announce@irtf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IRTF-Announce <irtf-announce.irtf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/irtf-announce>, <mailto:irtf-announce-request@irtf.org?subject=unsubscribe>
List-Post: <mailto:irtf-announce@irtf.org>
List-Help: <mailto:irtf-announce-request@irtf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/irtf-announce>, <mailto:irtf-announce-request@irtf.org?subject=subscribe>
Errors-To: irtf-announce-bounces@irtf.org
A new IRTF research group, End-Middle-End (EME) Research Group, has been created with the appended charter. The full RG charter is at http://www.irtf.org/eme The RG web page/wiki is at: http://www1.tools.ietf.org/group/irtf/trac/wiki/EME Subscribe to the mailing list: https://www1.ietf.org/mailman/listinfo/eme. Aaron Falk IRTF Chair ==================================================== In the original Internet end-to-end architecture, a transport connection linked a pair of hosts and was bound to a globally unique IP address and locally meaningful transport port at each end host. This architecture has been progressively eroded, most notably by the use of NATs, which modify addresses, and firewalls and other middle boxes, which expect to understand the semantics behind any given port number (for instance to block or differentially handle a flow). As a result, end hosts are often not able to connect even when security policies would otherwise allow such connections. This problem will only be exacerbated with the emerging need for IPv4-IPv6 translation. Beyond this, other changes in the way the Internet is used has stressed the original unique-address:port model of transport connections. For instance, the need for robustness has resulted in a rise in multi-homing, which has led to scaling issues in BGP. The use of multiple addresses at hosts is known to alleviate this problem, but the architecture provides no good way to manage multiple addresses, either at connection establishment or when the active address has to be changed. Mobility across access networks similarly results in the need to cope with changing IP addresses during a connection. In addition, DoS attacks are increasingly a concern. There is a need for hosts to be able to control which other hosts can send packets to it, and to exercise that control deep in the network (i.e. near the attacker). The common roots of this seemingly diverse set of problems are the following: 1. The IP address is no longer globally unique, is no longer intact end-to-end, and is no longer stable over even short time periods. 2. The transport port number has no clear semantics outside of the end-host that opened the socket. 3. End hosts are often not explicitly aware of middle boxes, especially middle boxes far away from them, and therefore cannot control them much less be aware of what they are doing. Beyond the specific problems mentioned above, this erosion of the original E2E Internet mechanisms broadly results in greater application-level complexity (to cope with the erosion), network fragility and lack of robustness, poor security, and difficulty in debugging the resulting problems. While this group is not the first to identify these problems, we do recognize that there may be a single architectural enhancement that solves them all. Namely, a higher-level DNS-based naming scheme (i.e. URIs) coupled with signaling protocols used to initiate and modify transport-level connections such as TCP, UDP, SCTP or DCCP flows. Such a protocol could provide a way for end-to-end communication to explicitly address middleboxes, so that their behavior can be understood, monitored and controlled. Such a protocol might also be used to move connections between IP addresses, as with mobility and multihoming, and to shut down unwanted communication, as with DoS attacks. The goal of the End-Middle-End Research Group (EME) is to evaluate the feasibility and desirability of such an architectural change to the Internet. The aim is first to investigate possible designs for a strawman experimental protocol that can perform these tasks (the so-called "ideal" design) without being overly constrained by overlapping work happening in the IETF and elsewhere. Should one or more designs appear viable, then issues such as related work and incremental deployment should be considered. Should this work still appear viable, then the IESG will be consulted with regards to whether and how this should be brought into the IETF for standardization. There are many questions that need to be answered along the way. These issues include precisely which architectural problems should be tackled and which should not, the degree to which such signaling should be on-path vs off-path and the balance between flexibility vs simplicity and efficiency. There are clear concerns about such a track that need to be evaluated. Candidate protocols should avoid falling into the virtual circuit trap, where routers lose the ability to remedy failures locally, and avoid building a mechanism that encourages the construction of walled gardens to the detriment of the Internet as a whole. _______________________________________________ IRTF-Announce mailing list IRTF-Announce@irtf.org https://www1.ietf.org/mailman/listinfo/irtf-announce