 Thank you. Thank you all for coming This is a Sort of a modification of a talk I've been giving for a while at usenix Lisa They refer to this as Vixy's internet governance rant But I realized I wasn't doing much good and that I needed to behave more like a bomb tossing Revolutionary and less like a politician and Jeff gave me an opportunity to test pilot the new talk here Where apparently bomb tossing revolutionaries are more prevalent Okay one of my favorite authors Barbara Tuchman wrote a book and You need to go to Amazon.com and get a copy of that book for yourselves Trust me on this if you if you hate it then send it to me and I will give you your money back Can I talk closer to the microphone? Yes, I'm concerned about the echo so What Tuchman had to say about folly of course takes a book to say But the qualifications as you can see on the slides it has to be seen as counterproductive in its own time Right, it's very easy to look back with the benefit of history a lot of perspective and say oh that was very stupid To be folly it has to be obviously stupid even at the time the decisions are getting made and implemented There had to be a feasible alternative right you can't really call it a decision if all you were doing was running away from some Circumstance right there there had to be some choice that you could have made That a sensible person in your place would have made and then it can be called folly And lastly it can't be the action of just one guy one one person Because that could be a simple matter of mistake, right? You don't have all the facts or you drank too much or something But if you're a group of people together, and they all sort of nod Sagely at each other and say yes, this is the right thing, but it's completely boneheaded that in Tuchman's definition can be called folly and The examples that I picked out for this slide would be Troy and the Greek Greek horse we call it a Trojan horse It's actually a Greek horse But anyway the signs and portents if you read the original Homer on that are Really really obvious, right? They didn't just put a wooden horse in front of the city and disappear as you might read in the cliff notes version There were all kinds of different things just everything from the weather to you know hints and Tips and so forth to really let you know that Homer was saying that the people inside the walls of Troy were morons Right, they were not simply fooled Britain used to rule the Sand where we are sitting and they don't now and the story of how they avoided it how they they let control go away Spans decades and it required a lot of people to do a lot of really really stupid things when Frankly the the colonists at that time were strong. They started out that period of decades as strong British Monarchist loyalists They just didn't feel like they wanted to pay taxes unless they had seats in Parliament and It would have been easier to give them seats and have the British Empire be a little larger People said that at the time I I Said that Hitler invaded Russia or tried to invade Russia What I really mean is his general staff said clearly this can be done Napoleon was just you know incompetent we can do it Everyone who's ever tried to invade Russia suffered the same fate and interestingly Oil production in this world right there are some countries that produce a lot more than they consume and then there are other Countries that consume a lot more than they produce And so we have OPEC as an example of how prices are controlled by the producer side But can you imagine how long the oil producing countries of the world would be able to hold out if Somehow the oil consuming nations also had a union and said we just are not going to pay more than a certain number of dollars per Barrel it turns out that it's not a one-sided. They need us more than we need them and and yet the oil consuming nations just continue paying rather than Getting a some stiffness in their backbone. These are all examples of folly These are all things that you could have known at the time that that wasn't going to work or that was going to have a very bad outcome Two quotes, and I'll launch into the internet side of all of this For those of you who are a vision impaired, I shall read them aloud wouldn't headedness the source of self-deception Is a factor that plays a remarkably large role in government? Consists of assessing a situation in terms of preconceived fixed notions while ignoring or rejecting any Contrary signs in other words the power to command Frequently causes failure to think you have seen this perhaps if you have a pointy haired boss, especially if that boss was me Works at any scale you want the power to command frequently causes power to think or the failure to think so This internet thing that has taken the world pretty much taken over the world Started as a research and engineering project It was built by the academic people people who had government contracts and It was built for other people who had government contracts to use And they made a number of design decisions that were appropriate for the community that they were building it for You know the traditional example is the They were telnetting back and forth from host to host and typing their passwords in the clear Not because they were stupid, but because it was a totally trusted network. That was a completely safe saying thing to do But they kept saying in the early days and if you go read any history of the internet You're gonna see some marketing Marketing terminology along the lines of we always intended this to be a global domination force. Well, I don't know if that can be true For example John Pastel who was a friend and whom I miss very much Once wrote that you ought to be liberal in what you accept and Conservative in what you generate and he thought that that would lead to a kinder gentler internet where Implementations could be robust, but if you're liberal in what you accept you'll get more spam And if you're conservative in what you generate you will make less money from phishing and so I Don't think there's any evidence that anyone involved early on ever thought that this would really be a global dominating force The way that we know it today And that underlies most of what I have to say today First thing they did they only let research and engineering and contractors people connect The DCA's job early on was to keep people off the network Because there was a lot of interest and I'm sure a number of you Can tell stories as I can tell of being at some Company where you really wanted to be able to go FTP files from you know somewhere on the then ARPA net or NSF Net but you weren't allowed to get a connection and you know, please realize these were 9600 bod analog least line circuits connected to an imp somewhere But every import was controlled by the DCA and if you didn't have a contract and they couldn't do a background check on you You weren't going to get connected. It's almost as though they knew their network was very fragile And if they let any bad people on it then the whole thing would fall down go boom Although that's not the excuse they used What they could have done is to build a network That was expecting to grow instead of building a network that was expecting to sort of reach a certain size and then stop They could build a network that was expecting to have strangers on it and not just friends And they could certainly have thought about scale. What if six billion people used this? How would that change the design decisions? We're making today now I'm not suggesting that they should have adopted a boil the ocean strategy and said We're not going to do anything until we have a complete design in our head as to how it could scale globally That's not what I'm asking for what I'm asking for is just ask us a couple of questions What? How will the decisions we're making today limit this from being acceptable to six billion people? And I think that they didn't need to spend more money. They just needed to spend the time and money They spent a little more wisely What happened? It's a matter of history a bunch of other networks started up and started Connecting to each other eventually. It was commercialized and privatized and most of the problems that we face today in terms of High cost to go with the high benefit of internet Internet use is traced to what happened instead of the right thing at this early early moment Let's talk about SMTP. I Once sent Eric Almond What amounts to a flame saying look this send mail policy that you have about being an open relay is Bad and there are spammers out there and they're going to Systematically find all of these open relays and use them to sort of send things that people that they could never send from their own T One because people would you know refuse to accept traffic from them and Eric said well, you know, you got to be liberal in what you accept and so forth and a year later He sent me an apology and he put in logic in send mail to lock out Relay by default unless you were on some trusted list of hosts or networks or whatever But it's worth noting that send mail was not the first SMT of implementation I was the most widely popular in the early years, but it was not the first one They all did this because it was a reasonable thing to do for that matter LPD used to do this You could print on other people's printers and use other people for your print queue and they would send the stuff back to you And it all just worked because we were all friends, I guess Some of you this is not on the slide, but some of you will recall the our login D hole Where you just made the assumption that whatever the PTR value was associated with someone else's address Could be looked up in your dot our hosts file and if it matched then it was okay The fact that the other person the owner of the IP address was in control of that string just didn't occur to people So I don't know What were they thinking? Were they thinking? None of the headers have really ever been validated by most of the implementations I know I've gotten mail from various robots running on you know big mainframe saying hey There's a syntax error in the received header you added to this this mail messages. It was going through so we're bouncing it But for the most part you can put anything anywhere, and it just goes through So spammers are currently allowed to add a lot of extra received headers With or without funky time zones in order to frustrate our desires to find out where things come from There was an assumption that every host would have a postmaster mailbox After all what host would be on the internet and send mail without wanting to hear complaints about it What host indeed? There's a turn command very interesting you could connect to somebody Use the hello command in the SMTP protocol to tell it who you were it probably wouldn't compare that to your PTR or Anything else who would just say okay? That's who you are and when you got to the end of sending your mail to it You could use the turn command and it would dump its entire mail queue toward you On the basis of what you had put into the hello command Fascinating logic What could they have done differently well frankly IBM profs which was Junk by today's standards Had a pretty large user base. They had attachments. They had they were multilingual They didn't do a lot in terms of one can one host sending mail to another But they they had a good user base and they could they've dominated the what was then the fortune 500 in terms of all the email in the world and If they had just looked at the feature list and said you know if we're going to present this as better Let's make sure it's at least as good Let's talk about classful IP addressing In 1989 I was a network administrator at digital equipment corporation rest in peace and and we had two class B networks and I Was responsible for handing out address blocks to other people anywhere in the world and deck at that time was still a major Corporation we had a like a hundred and thirty thousand employees Although in a lot of time zones, so it was getting a little bit cramped and I was about to ask for a couple of more class B's And my boss said oh what the hell go ask for a class A And I said but we don't need a class A. We're never going to have 16 million hosts here And my boss said well, you know just ask maybe they'll maybe they'll give it to us It'll sure be a lot more convenient for us if they say yes, and they did So net 16 is currently the property of HP Along with a couple of other class A's that have come into their possession over the years If you want to know sort of why the people around the world especially in China where they would like to get enough addresses to deploy You know billions of DSL lines They're a little bit concerned about the way we wasted address space early on in IPv4 And they want to keep that from happening again in IPv6 and who can blame them so What could they have done differently They might have asked the question look on this whole class C thing where you get a slash 24 Network block capable of handling about 250 hosts if we gave out all the ones that are in the allocation plan That would call for a global routing table of 2 million entries. How would we route that? And then if they might have said well, you know over a backbone of 9600 bot analog links We're probably not going to be able to send that much routing material So let's come up with a plan that we could actually do something about right? It's 20 years later We still don't know how to route 2 million different destinations right around a hundred thousand you start to Hit some hard limits on the way that BGP and other sorts of global routing protocols work. So They didn't need to be rocket scientists. Unfortunately. They were rocket scientists. Maybe that was the problem What they needed to do is just ask some simple straightforward questions How would we route this if this allocation plan filled up? They could also have asked You know Stanford is a university. They have one campus. What are they going to do with the net block capable of supporting 16 million hosts and They could certainly have wondered how's this going to scale So the rescue for a classful IP addressing class A class B class C was classless IP addressing so-called CIDR and It it works. It's what we're using today But it's important to note that the people who designed it were the stakeholders. They were the owners of the routers Right and it was it seemed Obvious to all of us that the people who had the routers that had to run this code ought to have a strong hand in determining Sort of how much complexity and cost and whatnot. They would be bearing What we didn't quite realize was that they would design something that would have a lock-in effect In other words since renumbering these these address blocks is very tough We now have a system where you have to get your address blocks from your provider And if your provider is not responding well to market pressures or your own pressures and is like for example Overcharging you for transit and giving you poor service You can't leave that provider unless you are willing to pay a renumbering penalty So this was really kind of the fox guarding the chicken house as far as design was concerned What could they have done differently? Okay, so class A and class B were too granular Having to choose between 16 million hosts or 65,000 hosts or 250 hosts Was clearly too granular but that doesn't mean that we needed to have every possible bit boundary be a network block It's possible that we could have just come up with less granular classes and To come up with something that fit the size of the community and fit the size of what routing table We thought we could support and then we would still have address portability Not that it would have been in the interests of the designers of this that we would all have address portability So maybe there would have needed to be some reform as to how these things get decided in addition to some new thoughts as to how to How to make this decision But wait IPv6 is going to save us, right? It doesn't matter that classless Routing was bad because it was only a placeholder to keep you know keep the internet growing until we could get IPv6 But I have ran out of room on this slide when I was trying to come up with the things they did wrong They widened the address space But by the factor of four so instead of four billion, which is two to the 32nd power We have some other number. I can't pronounce which is two to the hundred and twenty eighth power possible addresses And that's because they thought the problem they had was that they didn't have enough addresses Okay, well, we're still not out of IPv4 address base the original address lifetime Extension project said that by 2005 we'd be out and so we had to rush this IPv6 thing through Because you know the world will end if we run out of IPv4 space We didn't run out of IPv4 space and so clearly they solved a problem. We weren't having But in addition to that they failed to solve some problems that we were having and are still having in fact They made some of those problems worse They did not put any kind of automatic renumbering in there's a lot of pressure to do that But they just said oh, that's too complicated That'll make it take too long to get this protocol out the door. So we're not going to support that So once you get your provider assigned addresses in IPv6, you'll be just as locked in as you were in IPv4 They assumed that once we had IPv6 that Nat would die. They thought Nat was only being used to Expand the address base and make it possible for people to have address space who couldn't get enough from their provider or from from the internet Or internet or whoever They didn't realize that Nat would work its way into the world's consciousness as kind of an adjunct to firewalls in terms of How we provision things and how we do access control and so now there is a proposal to do Nat for IPv6 Not because people are out of addresses as you can see But because they need Nat they just need Nat. It's not an addressing thing anymore They really wanted to keep using provider assigned addressing I don't know if that's because they had corruption and they knew that somehow they needed to keep letting bad internet providers Lock their customers in or if they were just adults. I don't know But I know that they gave each LAN a slash 64 So every Ethernet segment every VLAN you have is able to have 18 billion billion hosts on it Every house that gets a DSL connection gets a slash 48 There's 1.2 million billion billion addresses. My house is large, but it's not that large And every multi-homed enterprise for example my employer or ISP starts out with a slash 32 Which is 79 billion billion billion addresses There are six billion people on the planet if you gave each one of them an IP address for every light switch in their house assuming they have electricity and gave them ten cell phones and ten laptops and so forth It is potentially going to be necessary that each one of them might have 20 Addresses and you know 16 times or six times 20, you know, it's a hundred and eighty billion would have been enough And I just don't know what they were thinking except They thought the problem that they were having is that they didn't have enough address space and boy That's not the problem. We were having But now we're having all the same problems we were having before except they're bigger What could they have done? They could have asked a simple question. What else is wrong with v4 besides the address space? What are the other things that people complain about? And they just didn't and I was there and I tried to raise a number of these issues and perhaps They all put me into their kill files because they're tired of listening to me rant about stuff But I wasn't the only one they these questions were asked, but they were dismissed Let's talk about TCP TCP assumes that all the other flows that you share your path with are going to be Fair they're going to do their own fair share scheduling Has no provision for what I'm calling a congestive flow that will be bursty Like for example voice over IP or NFS or something like that They assume that nobody between you and your destination will put any restrictions on ICMP In other words, they designed path them to you discovery without looking at what providers were doing even in that day number of providers are now putting Private RFC 1918 addresses on their core routers if they wanted to send you an ICMP They couldn't because it would be coming from an address space. You couldn't reach The initial sequence number used to start out at zero now. It's random and the reason is Spam and it turned out that you could script a TCP session You could figure out which segments you needed to send and each segment you send has to include Some kind of an act for what they will send you You can script the whole thing if you know what the other guys initial sequence number will be and spammers were doing that They were emitting a stream of TCP segments From an address that was not their own so they would not have received your acts had you sent any and they were Successfully getting spam out and then there was a big scare about that and so now everyone uses a random initial sequence number If you were a Linux user and you saw dev random come into existence, that was the year and that was the reason So Basically they assumed everyone else would do a good job and would be on the same side And they're not there are a lot of people out there who are stupider than than you or malevolent and It's bizarre to see this protocol is what most traffic on the internet is is TCP and it's bizarre to see this protocol even still in use It's very easy for in fact. I remember a some marketing literature back in maybe mid 90s somebody was Offering a TCP stack for probably windows. I don't know That whose claim to fame was that it was more aggressive It it would get more than its fair share of the path bandwidth And it would cause other TCP's that were sharing other TCP flows that were sharing the same path to back off and You know naturally Some people actually paid for that bought it installed it and got some benefit out of it. I assume But we know that if everybody acts that way then actually you'll end up overflowing all the lines and everybody will get less, right? This is kind of like the prisoner's dilemma But still you have to wonder what was in the minds of the designers of this protocol Building things that work in a lab is an achievement building things that can make it from the lab into the real world And still the useful is a greater achievement And we should strive for the greater achievement there are a number of codecs that you can use for voice over IP and A couple of them are fixed in there in the amount of bandwidth that they use in other words Whether you're talking or not They are sending the same number of packets and the packets have the same size and the same inter packet gap And the reason is if they only send packets when you're talking and if they turn your silence into a lack of packets Then they will end up competing with TCP when you do finally start talking So what they want to do is compete with TCP the whole time even when you're not talking Okay, I understand everybody wants to adapt to other people's mistakes, but could this not have been foreseen There is a mantra in the ivory tower of the IETF that stateless is good They don't want to put state in the routers in the middle That was something x25 and the rest of the ISO protocols did they didn't want to do that They wanted to keep all state at the end points now It turns out that with route caching and all the other things that modern routers have to do in order to run at 10 gigabit line rates you have state in those routers anyway, and so It might have been worthwhile to get somebody To come in and try and separate out religion from you know Engineering requirements in the original design of all of this stuff. This is near and dear to the hearts of many in this room For most DSL customers or cable modem customers or other sort of high bandwidth full-time Fully connected people From data centers to houses to whatever you can put any source address you want on your outgoing packets You can make them come from net 10 you can make them come from the loop back address You can make them come from net zero or Most appropriately you can make them come from some victim who you would like to destroy and then you can send them to a lot of people and then the replies all go back to the victim and This is hard to fix as it turns out. I mean it sounds simple and there are fixes in various routers and there are all sorts of Online documents exhorting people to turn those things on but it turns out that The equipment most providers are using doesn't quite have the ability to do this and still run it line line rate And the ones that do Can't turn it on because there are some beneficial flows benevolent flows that depend on this third party TCP that has a satellite light going in one direction would be an example It is sometimes necessary to spoof. Well, okay in my opinion you can as a provider You're a slacker if you use that excuse You need to find the customers that need that and give them a little bit more latitude and anybody who doesn't need it Needs to get no latitude at all I spend a fair amount of my time tracking down denial of service attacks against DNS servers and My job gets a lot easier When I know that a given flow really does have valid source addresses What could they have done differently? Well, it all needed to be done on day one because once you sort of Let this genie out of the bottle then it can dictate terms to you But on day one they needed to fix it so that source addresses had to be right from the moment they entered your your Your network at every edge, you know What destination addresses would possibly reach that customer? You could just demand that they only use source addresses that are in the same range. It's not that hard even in 1980 it was not that hard You can also make sure at every core router on the internet that Well, maybe you don't know where it came from because by that time you don't know which edge it started at But you could just demand that the source address be in the routing table somewhere Just drop it as soon as it as possible inside the core if it has net zero as it's as its source address Or net 10 or what have you? This is not hard. It was would not have been hard in 1980 As to why they didn't do it. It's a mystery. Okay, this is This is my special area. I Can rant longer and harder about DNS than any other topic I can think of and maybe more than any other person you can meet A lot has been done wrong here They They said the dot mill and dot gov were for military and government, but they really meant their own military and government Probably meant that calm edu and net were also for their American companies Universities and network providers too, but they failed to sort of get that out. So this is a very Distinctly American feel to it in the same way that the telephone system does I don't know about most of you, but the country code for my cell phone is one They needed to get it you involved early so that they were not trying to Essentially legislate things that affected national sovereignty They needed to get the existing meat space organization that had already had that power delegated to them by all those Sovereign nations get them involved early so that the whole argument could be moved to the other guys Backyard instead of having them come visit us They needed a much better plan for adding new TLDs right now the There's It's I can but for many years there was an RFC that said that IETF was responsible for Determining when a new top-level domain would exist well the E in IETF stands for engineering and The creation of top-level domains and the selection of which ones ought to exist and who they ought to be belong to is not an engineering decision And you might imagine that during those years very little got added And there's a lot of pressure to add more I'm not in favor of adding You know dot black hat or dot microsoft or whatever, but I think there ought to be more I think that this ought to be a more open vehicle and we ought to be trying a lot of things And if some of them don't work out we should say okay, that didn't work out. We'll delete it now Had they done that then the current food fight over who controls the top-level domain space Would be I think a lot more polite than it is They also allowed Network solutions, which is a predecessor of verisign to begin charging for domains Back when it was still a Navy contract and there was no provision at all for what we have now Which is the registry registrar split and so they let NSI collect thirty dollars a year per domain for years while the whole white paper process and the whole RRP and EPP and the rest of that stuff got done We're gonna be stuck with verisign forever as a result of this decision. What could they have done, you know How did we decide to do I don't know International telephony, how did we decide to do international post? You know who decided what the settlements would be for Yeah, I bought a stamp in this country, but you're delivering it in that country and vice versa And I sent you more mail than you sent me. How did we carve up Antarctica? How will we carve up the moon? Well, we're gonna get diplomats involved and say go handle it For this we didn't do that. We said oh we're engineers. We know how to how to get this done The evidence to date suggests otherwise. I have been a A member of the IETF which is to say I'm on some of their mailing lists and I attend some of some of their meetings for I think it's 12 years and I've seen a lot of a lot of bad stuff come and go They built a standards organization originally that was 50 friends and a whiteboard and I think you can imagine, you know if you could pick 50 people in a whiteboard and You could Come up with some pretty cool stuff and it would work and it would you know It would be successful in the market and so on And so they did that because they knew that it would work and it would be successful And it would be fun and they had many fine lunches and dinners around it they planned For global domination they wanted it to be the case that IP would beat ISO They did not ever want to have to run TP4 or x25 or anything like that in their enterprise or ATM So they really thought Hard about how to make sure this would be the dominant technology But what they didn't realize is if you span the globe then people from all over the globe are going to want to Come and help with this protocol development process They will have their own ideas and you will have to have a standards organization that is capable of letting all those people in But not turning the discussion to mud They had no such plan. They still have no such plan. They periodically reform it based on hindsight In other words, they say how can we avoid the problems of recent years in what we do next? But they never asked the question How can we get back to the good old days, right? How could something like DNS or SMTP possibly survive? The current IETF process or the one we plan to have after the next reform That's not a litmus test. They use all they're trying to do is fix whatever they think is wrong looking at the previous year or two As a result the reform is continuous and ineffective The internet activities board is logically separate from the IETF although it is the titular head of IETF There's sort of a whole hairball of organizations starting with I Ab is where the architectural vision is supposed to come from and these people are Selected by a nominations committee of the IETF body, right? I've been asked to be on that committee a couple of times and have said no But in other words it is selected by people like me who said yes, I will help make those selections and The IAB has in the past said that firewalls were an unnecessary evil that the internet is end-to-end and Hosts just ought to be hardened. Well, okay, you can say that but that's not what people are doing They said that Nat was an unnecessary evil and that rather than promote Nat and come up with firewall traversal Protocols and just make everybody use Nat and only have real addresses in the core which would work They said now we just think Nat is a bad design We're gonna come up with IPv6 and that'll kill Nat and once again I have to say that's that's a fine philosophy to have but that's not what people are doing Tony Lee who was it then at that time a Cisco employee made the famous comment about IPv6. He says it's too little too soon We don't need it yet and the things we need are way bigger and way the list is way longer than what you people are planning on providing But that's what the IAB decided on and it was there that the decision was made and You know those of you in business know what the feasible alternative is in this case You find out who the customer is ask them what they want and build it for them Rather than saying yes, we are the in the ivory tower and we will tell you whether you need Nat or not Foolishness on its face and yet they're still defending that policy. I can't I'm down to my last 10 minutes So we'll be doing Q&A on the hall perhaps They should never have taken any money from the Department of Commerce NTIA being the part of the Department of Commerce that faces I can Should never have taken money once you take money from somebody they can tell you what to do They needed to cherish their independence from day one They also let NTIA guide the Charter and the initial board and You know, what's up with that? Where did these people come from and why should we be listening to them? That's a question they failed to ask They used to have a bottom-up at large sort of representation that they would let people like us vote for who was on their board They don't do that anymore Because they got a board member. They didn't like listening to I guess They needed to see this as a transnational entity not a US government entity from day one The governments they did not include on day one are now forming up their own thing through the ITU mechanism And it's toothless, but it's going to be a mess True representative democracy is Terrible and the only thing worse is everything else and they chose something else so ITU I've mentioned several times we should have gone to them earlier That doesn't mean that they had the wisdom and they would have done the right thing that what that really means is They could have been helped and instead they They were allowed to go do their own thing which was fun to watch when it was you know foolishness But it means that we didn't have their help They should not have allowed Panama to turn Telecom access fees into the major source of gross domestic product, but most of Panama's government and Services are paid for by people in this country who pay heavy-duty International dialing rates to reach Panama the result is it's illegal in Panama to run an ISP without a license And that license dictates that you will block all voice over IP port numbers This is kind of incompatible with the way we do things on the internet and the ITU needed to be told early on That's crap. Just don't do it They needed to see telecom as a type of data instead. They saw data as a type of telecom We needed to invert their their mindset They needed to understand that the internet was a force for democracy and it wasn't just another way to enrich their members and problem I'll race through some of this So Here's the hard part because it involves you Revolutions come about because people who had the land and the money and the power before you have deals with each other about how they're gonna keep it That's true of revolutions throughout history It's it's always about land reform or it's about governance reform or whatever ICANN is stuck with NTIA NTIA is stuck with Verisign, but I'm starting to see that that's not our problem We're not stuck with ICANN. We're not stuck with NTIA the internet It has done for the world the same thing the fax machine did after Tiananmen Square It has made it much harder for people to oppress other people. It's made anonymity possible. It's made freedom of speech possible It is a huge thing. It's not just a technological toy There are some people out there who are trying to pry this toy as they see it away from ICANN and monetize it New dot net and then recently public root.com or a couple of instances of this But I guarantee if you go to these people's houses, there'll be trailers in the woods and right under the kitchen window there'll be a pile of Kentucky fried chicken boxes and What we need is something a lot better than that maybe even different from DNS a different way of allocating and using names and addresses That does not rely on governance because the governance the quality of governance in the world seems to be so low I mentioned on the slide the technology counterculture right the PC came about from the technology counterculture The internet came about from the technology counterculture Guys in suits don't come up with stuff. That's quite that innovative It comes from rooms like this one full of people like us last year. I built a barn and It came about several times that One of us on the construction team would come around the corner With some bleeding body part and declare that rule number one had been violated So humans are animals and All of you know most of my best friends are humans, but we have our dark side We spend a hellacious amount of time trying to figure out how to make other people work so that we won't have to and If we're not doing that, we're probably spending a hellacious amount of time trying to keep other people from doing that to us And I'm looking forward to a day when we have some other mode of operation some of the thing that is driving us And I think that the internet is a wonderful potential tool toward that end You know and I could ask for a show of hands and a bunch of you would say yes I started a internet consulting business internet-based consulting business in my house and Because I was able to get a domain name and you know get some bandwidth and whatnot I was equal to everyone else in that business and the only thing that mattered was whether I was any damn good at what I did and how much I charged That's not generally true. Usually, you know, I own the land that you would need for that factory So you got to pay me my tithe. I've been holding on to it for you You know that works differently and it could make humanity work differently And I love things like free and open source software. I've been doing open source software since before that name was coined I'm glad that somebody finally came up with a name for what I was doing. That's good I love the onion router. I'd like to see voice over IP come along and destroy the existing voice dial market Not because I hate the voice dial market, although frankly it tends not to work well but because it's an instance of old power structures self-perpetuating themselves at the cost of all of us and our children and Before the internet can be that force for improving human nature and Being that disintermediator that I'd like it to be we have got to get the governance of the internet out of the hands Of the existing power structure Thank you. I can take a couple of questions We're exiting on that side. I have a question here I see Oasis as a competitive standards body for W3C And I think Oasis is a wonderful thing for that matter I think W3C with all its warts is a wonderful thing If you can imagine what the web standards would look like had they been left in the hands of the IETF Then you should be thanking the Tim Berners-Lee for doing what he did more questions here I Think that in Tunis the WSIS people will say you know that cat that cats a pain in the butt and Us mice we need to do something about it one of us needs to go put a bell on that cat and That they're all gonna look at each other and and wonder who's gonna go do that But the fact is The United States is the largest payer of dues into the United Nations And if they say as they did they went on record three weeks ago four weeks ago saying we're gonna keep the root zone They say that then they mean it and it doesn't really matter what the UN thinks they can do about it I don't like it, but that's the fact Any more questions Thank you very much you can see me in the hallway if you have more questions