[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Enforcing the CDA improperly may pervert Internet architecture



The attached paper by Dr. Reed is worth reading -- I haven't seen this
argument raised before. One portion that I found fascinating was:

  "It is quite silly to imagine that the Ascend router at the ISP can
  figure out if it is me or my child generating each packet."

But that's exactly what the defenders of the CDA are claiming! Here's
some background that might be interesting:

When I was arguing with Bruce Taylor (an architect of the CDA) last
week, we went 'round and 'round on the issue of children on the Net, as
usual. He maintained that every Internet user has to have an account
somewhere, so that account provider is able to tag accounts as minor or adult.

To the best of my ability, I pointed out some of the technical problems
with this, and he responded (I paraphrase from memory here) that
technical problems can be solved by technical people: "Your side comes
across to the court as saying that it can be done but we won't do it.
You're a bunch of geeks who want to protect their porn and the court
isn't going to buy it."

He brought up IP Version 6, which the DoJ has focused on in
cross-examination of one of our witnesses, Scott Bradner from the IETF:

    13           Q   Would it be fair to say, to summarize what you've just
    14           said, that the IP Next Generation group is working on a new
    15           generation of the IP Protocol itself?
    16           A   That is correct.
    17           Q   Does it have -- does the IP Next Generation group have
    18           recommendations regarding a specific architecture of the
    19           packet traffic on the Internet, including the format of the
    20           packet?

The DoJ and Taylor are going to argue that IP V6 can include such an
adult/minor tag in each datagram! One of their key witnesses is Dan
Olsen, the head of the computer science department at Brigham Young
University and the incoming director of the Human Computer Interaction
Institute at CMU.

Olsen's background is NOT in distributed computing environments and
protocol design -- but that minor detail notwithstanding, it looks like
he'll be testifying this Friday that such a tagging scheme is
technically possible.

Chris Hansen from the ACLU told me last Friday: "Olsen is going to push
this tagging idea that the government has, that you can imbed in your
tag -- in your address -- an adult or minor tag. They're going to
suggest that the market will come into existence that will make that
tagging relevant."

Comments?

-Declan

---------------------------------------------------------------------------



   
  Enforcing the CDA Improperly May Pervert Internet Architecture
  
   by David P. Reed
   
   Friends -
   
   I'd like to call your attention to a situation where misguided
   politics (of the "ends-justify-means" sort) threatens one of the
   fundamental principles of Internet architecture, in a way that seems
   like a slippery slope. I do not normally take public stands of a
   political nature, and I do not participate much in Internet
   architecture anymore, but I'd like to call your attention to a very
   severe perversion of the Internet architectural philosophy that is
   being carried out in the name of political and commercial expediency.
   No matter what you believe about the issues raised by the
   Communications Decency Act, I expect that you will agree that the
   mechanism to carry out such a discussion or implement a resolution is
   in the agreements and protocols between end users of the network, not
   in the groups that design and deploy the internal routers and
   protocols that they implement. I hope you will join in and make
   suggestions as to the appropriate process to use to discourage the use
   of inappropriate architectural changes to the fundamental routing
   architecture of the net to achieve political policy goals.
   
   As you know, I am one of the authors, along with Saltzer and Clark, of
   the paper "End-to-end arguments in decentralized computer systems",
   which first characterized in writing the primary approach to the
   Internet's architecture since it was conceived, which approach
   arguably has been one of the reasons for its exponential growth. This
   philosophy - avoid building special functionality into the net
   internals solely to enforce an end-to-end policy - has led to the
   simplicity, low cost, and radical scalability of the Internet. One of
   the consequences is that IP routers do not enforce policies on a
   packet-by-packet basis, so routers can be extremely simple beasts,
   compared to the complex beasts that characterize even the simplest
   telephone central office switch. End-to-end policies are implemented
   by intelligence at the ends (today, the PCs and servers that
   communicate over the many consolidated networks that make up the
   Internet).
   
   I just read in Inter@ctive Week (March 25, 1996) that Livingston plans
   to announce an "Exon box" - a router that is designed to enable ISPs
   to restrict access to "indecent sites" or unrated sites unless an
   "adult" enters an authorization code when opening a session to enable
   the router to transmit packets to the site.
   
   The scam seems to be that Livingston has colluded with Senator Exon's
   staff to propose a "solution" to enable ISP's to implement parental
   controls. Exon's staff is using the announced solution as an example
   to demonstrate how simply ISPs can enforce local community standards
   and parental controls, thus supporting interpretations of the CDA
   requiring all access providers to include such capability in their
   boxes. Exon's staff is quoted as encouraging ISP's to install such
   functionality into the routers that serve as access points for nets.
   
   Since I use an Ascend P50 ISDN router to make frequent, short,
   bandwidth-on-demand ISDN connections from my "Family LAN" to an Ascend
   multi-line ISDN router at my commercial Internet Service Provider, I
   am worried that this model is completely unworkable for me, and for
   others that will eventually use such a practical system. My family has
   minor children and adults who all happily access the Internet. My ISP
   has no clue whatsoever whether a child or adult has initiated the
   call, and in fact, if my child and I are both on different computers
   in different rooms, it is quite silly to imagine that the Ascend
   router at the ISP can figure out if it is me or my child generating
   each packet.
   
   It is appalling to me that Livingston, which has some responsibility
   as a router provider to assist in the orderly growth of the net, is
   pandering to Exon's complete misunderstanding of how the Internet is
   built. I would hope that Ascend, with its much larger share of the ISP
   market, and other router companies such as Cisco and Bay Networks,
   would take a principled and likely popular position that the "Exon
   box" is not the way to go about this. I would hope that ISP's would in
   general avoid use of Livingston's products, and also refuse to cave
   into Exon's pressure. I believe, though I may be wrong, that
   Livingston has contributed to the RADIUS technology that many ISP's
   use to manage dialup access charging in a way that is consistent with
   ethe end-to-end philosophy, but any credit they are due is overwhelmed
   by the Exon box insanity.
   
   I do work to protect my children from inappropriate material, but
   pressure from Senators to mandate technically flawed solutions, and
   opportunistic, poorly thought-through technologies from companies like
   Livingston are not helpful.
   
   If you agree, please join me in attempting to call off any tendency
   for other router vendors and protocol designers to develop Exon box
   features. It would seem that the appropriate place for content
   restrictions, such as "parental controls", are in the end-to-end
   agreements between content providers and their users, not in the
   internal switching architecture of the net.
   
   - David P. Reed
   
   Notes: The end-to-end paper was edited and republished in several
   forms (with slight variations in title), generalizing its observations
   to systems beyond the distributed systems that were its original
   focus; the final and most accessible one is: Saltzer, J.H., D.P. Reed,
   and D.D. Clark, End-To-End Arguments in System Design. ACM
   Transactions on Computer Systems, 1984. 2(4) p. 277-288.
   
   I don't have any more details on Livingston's technology or its
   marketing plans than what was presented in Inter@ctive Week. The
   Inter@ctive Week article apparently based its information on 'sources'
   describing a planned announcement, and also quoted Exon's staff. It is
   possible that Livingston will choose not to announce or position its
   technology in this form. It seems less likely that Exon's staff will
   change its position on forcing ISP's to adopt some kind of
   technological solution, however.
   - David
   
   [After considering Dr. Reed's comments, I asked him whether he objects
   to firewalls in general. His reply:
   
   No, I think firewalls of the sort now deployed can be OK (e.g., packet
   filters), as a minimal line of defense. However, they are inherently
   flawed, in ways that are well understood (reading Cheswick and
   Bellovin gives good insight here). Most security threats ultimately
   require end-to-end policies and must be implemented with end-to-end
   solutions. As the paper points out, sometimes one can optimize cost of
   implementing and end-to-end solution by including some functionality
   that is not end-to-end. Firewalls may reduce the cost.
   
   --CEL]