11

Internet 101Internet 101 TechnologyTechnology Policy FrameworkPolicy Framework

22

Disclaimer!

This presentation is oversimplified And incomplete for pedagogical reasons

and because of time constraints!

33

How does Internet work?

44

Internet

The Internet is a network of networks The Internet is a network of networks interconnected by means of the Internet interconnected by means of the Internet Protocol Suite.Protocol Suite.

It is an architecture for a system of computer-It is an architecture for a system of computer-based applications.based applications.

Protocols are standard procedures, Protocols are standard procedures, conventions and formats for inter-computer conventions and formats for inter-computer communication.communication.

The Internet protocols are based on packet The Internet protocols are based on packet switching concepts.switching concepts.

55

SS DD

SS DD

Circuit SwitchingCircuit Switching

Packet SwitchingPacket Switching

Circuit and Packet SwitchingCircuit and Packet Switching

““telephone networktelephone network””

InternetInternet

66

HostA

B

Packet

Switch

AA

BB

AA BB

BB

Multiplexing data from multiple processesMultiplexing data from multiple processes

““Store-and-forward”Store-and-forward”

Automatic speed adaptationAutomatic speed adaptation

Adaptive alternate routingAdaptive alternate routing

Packet Switching FeaturesPacket Switching Features

77

Packet StructurePacket Structure

SSS DD ...... DataData

S = Source Address (“From”)S = Source Address (“From”)

D = Destination Address (“To”)D = Destination Address (“To”)

HeaderHeader

88

Internet Addressing IPv4 - 32 bits (4.3 billion addresses)IPv4 - 32 bits (4.3 billion addresses) IPv 6 – 128 bits (10IPv 6 – 128 bits (103838 addresses) addresses)

that’s 100 trillion trillion trillion …that’s 100 trillion trillion trillion …

99

Internet Packet Formats

““from” addressfrom” address ““to” addressto” address CONTENTSCONTENTS

An Internet PacketAn Internet Packet

VersionVersionnumbernumber

““4”4”166.45.18.99166.45.18.99 204.146.165.100204.146.165.100 “ “hello”hello”

1010

Packet switchedPacket switched

Some use virtual circuits Some use virtual circuits

Peer-to-peerPeer-to-peer

Client/serverClient/server

Some are shared media (e.g., EthernetSome are shared media (e.g., Ethernet))

Packet NetworksPacket Networks

hosthost

hosthost

hosthost

1111

InternetworkingInternetworking

H

R

R

H

Routers

Encapsulation

End-to-end packets

Internet Protocol- IP

““Routers were once calledRouters were once calledGateways between nets”Gateways between nets”

1212

NetworkIP

NetworkIP

Phys 1

Link 1 Link 1

Phys 1 Phys 2

Link 2

IP: The “Thin Waist” of the Internet

Internet: a Network of Connected Sub-Networks

Phys 2

Link 2

Phys 3

Link 3

App

App

App App

App

App

NetworkIP

TransportTCP

NetworkIP

TransportTCP

Phys 3

Link 3

Subnet 1 Subnet 2 Subnet 3

1313

The Internet IP Postcard System

To: mci.com

From: eop.gov

01101110 11100111

An electronic postcard (“packet”)

A router

A bucket of packets

Another router

1414

Early Internet - “Network of Early Internet - “Network of Networks”Networks”

NSFnet 1986-1995MCIMCI, IBM, Merit, ANS

NYSERNET - 1987

PSINET - 1990 CERFNET - 1989

UUNET – 1989CIX

ARPANET 1969-1990

Packet Radio 1975

GIX

Sprint Link

EBONE 1992

NORDUNET 1991

BARRNET 1988

Ethernet 1974

Packet Satellite 1976

(End-user nets not shown)

1515

Internet Protocol ArchitectureInternet Protocol ArchitectureKey Protocols: TCP/IPKey Protocols: TCP/IP

I P / I C M P

FDDIFDDI

EthernetEthernet

SONET/SDHSONET/SDH

HDLCHDLC

WiFiWiFi

X.25X.25

ATMATM

FRFR

TCPTCP UDPUDP OSPFOSPF EGP/BGP...EGP/BGP...

SNMPSNMP DNSDNS

HTTPHTTP FTPFTP SMTPSMTP

MIMEMIME PGPPGP

. . .

. . . . . .link

Network

Transport

Utility/Application

PhysicalCoaxial cable, optical fiber, radio, satellite…Coaxial cable, optical fiber, radio, satellite…

Note many protocols not shownNote many protocols not shown

1616

How Does TCP Work?

Like Sending a Novel on Like Sending a Novel on PostcardsPostcards–Page numbering (ordering, Page numbering (ordering,

duplicate detection)duplicate detection)–Positive AcknowledgementPositive Acknowledgement–Retransmission on TimeoutRetransmission on Timeout–Finite MailboxFinite Mailbox

1717

Protocol Layering

Key concept – like floors of a building: Key concept – like floors of a building: lower floors support upper oneslower floors support upper ones

Layers form a kind of stair case – users Layers form a kind of stair case – users have access to each layer (floor, step)have access to each layer (floor, step)

To understand the Internet, you must To understand the Internet, you must look at it from the side to see the layers look at it from the side to see the layers – looking down from the top conflates all – looking down from the top conflates all functions into one solid mass.functions into one solid mass.

1818

Routing

Internal Gateway Protocol (IGP)Internal Gateway Protocol (IGP)– IS-IS, Open Shortest Path First (OSPF), RIP IS-IS, Open Shortest Path First (OSPF), RIP

(primitive). Used within an (primitive). Used within an autonomous system autonomous system (AS)(AS).

Exterior Gateway Protocol (EGP)Exterior Gateway Protocol (EGP)– BGP4 – used between autonomous systemsBGP4 – used between autonomous systems

Routing protocols help routers track topology Routing protocols help routers track topology and preferred routing for traffic within and and preferred routing for traffic within and between autonomous systems. between autonomous systems.

1919

Interconnecting Internet Service Providers (ISPs)

Peering and TransitPeering and Transit– Peers exchange routing information directly or Peers exchange routing information directly or

through Internet Exchanges; and exchange traffic through Internet Exchanges; and exchange traffic only between their customers (not their peers)only between their customers (not their peers)

– Transit: one net purchases full Internet Transit: one net purchases full Internet connectivity from anotherconnectivity from another

Internet ExchangesInternet Exchanges– London Internet eXchange (LINX)London Internet eXchange (LINX)– MAE-EAST, MAE-WEST, …MAE-EAST, MAE-WEST, …– Multiple nets peer at the exchangesMultiple nets peer at the exchanges

2020

Firewalls

Introduced between edge networks (e.g. Introduced between edge networks (e.g. corporate nets, home networks) and public corporate nets, home networks) and public InternetInternet

Filter traffic (in either direction) to control Filter traffic (in either direction) to control access to edge network resourcesaccess to edge network resources

Vary in complexity and layers of protocol Vary in complexity and layers of protocol examined for access control. Some observe examined for access control. Some observe set-up and tear-down of TCP connections for set-up and tear-down of TCP connections for example.example.

2121

Network Address Translators (NATS)

Introduced between users and edge access Introduced between users and edge access networks (LANS, wireless nets) to allow networks (LANS, wireless nets) to allow sharing of a single IP address by multiple sharing of a single IP address by multiple computers.computers.

Response to limited number of IP addresses Response to limited number of IP addresses made available to users by ISPs (maximize made available to users by ISPs (maximize revenue per IP address)revenue per IP address)

Detrimental to end/end security methodsDetrimental to end/end security methods Personal anecdote with cable networkPersonal anecdote with cable network

2222

Virtual Private Networks (VPNs) via IPSEC tunnels

Packets from private (edge) network are Packets from private (edge) network are encapsulated in IP packets flowing encapsulated in IP packets flowing through the public Internet. The payload through the public Internet. The payload of each packet is encrypted to protect it of each packet is encrypted to protect it while in transit (this creates the “tunnel”)while in transit (this creates the “tunnel”)

The edge networks may use private IP The edge networks may use private IP addresses rather than public IP addresses rather than public IP addresses without penalty.addresses without penalty.

2323

Domain Names and Addresses

www.isoc.org is a “domain name”www.isoc.org is a “domain name”– ““org” is the “non-commercial top level org” is the “non-commercial top level

domain”domain” 208.234.102.119 is an Internet address208.234.102.119 is an Internet address

– this is really just a way to represent a 32 bit this is really just a way to represent a 32 bit number which how Internet Protocol number which how Internet Protocol version 4 represents locations in the version 4 represents locations in the Internet, like telephone numbers in the Internet, like telephone numbers in the telephone networktelephone network

2424

Domain Names

Latin characters “A”-”Z”, numbers Latin characters “A”-”Z”, numbers “0”-”9” and “-” (encoded in US ASCII)“0”-”9” and “-” (encoded in US ASCII)

They appear in embedded constructs They appear in embedded constructs such as email: such as email: vcerf@mci.netvcerf@mci.net

In Uniform Resource Locators:In Uniform Resource Locators:– http://www.mci.com/cerfsuphttp://www.mci.com/cerfsup

And in other protocol constructsAnd in other protocol constructs

2525

Top Level Domain Names (TLDs)

Generic Generic TLDs: .edu, .com, .org, .net, .mil, .gov, .int, .biz, .aero, .coTLDs: .edu, .com, .org, .net, .mil, .gov, .int, .biz, .aero, .coop, .museum, .name, .pro, .info op, .museum, .name, .pro, .info

and country code TLDs: .US, .UK, .FR, .DE, .JP, .ZA, .AU, and country code TLDs: .US, .UK, .FR, .DE, .JP, .ZA, .AU, ……

But note: .tv, .md, .to, .cc… are operated like genericsBut note: .tv, .md, .to, .cc… are operated like generics Infrastructure TLD: .arpa (inverse IP address lookup and Infrastructure TLD: .arpa (inverse IP address lookup and

also e164 telephone number entries)also e164 telephone number entries) The system is hierarchical and each name is unique: The system is hierarchical and each name is unique:

www.cnri.reston.va.uswww.cnri.reston.va.us The Internet Assigned Numbers Authority (IANA) The Internet Assigned Numbers Authority (IANA)

delegates responsibility for each TLD to an appropriate delegates responsibility for each TLD to an appropriate entity. entity.

2626

DNS Components and Mechanics

Domain Name ServersDomain Name Servers– Associate domain names with IP Associate domain names with IP

addresses (among other things) or point to addresses (among other things) or point to lower level servers with more informationlower level servers with more information

– ““Root” = “.”Root” = “.”– TLD = .biz (for instance)TLD = .biz (for instance)– Second Level Domain = alpha.biz (e.g.)Second Level Domain = alpha.biz (e.g.)– Third Level Domain = Third Level Domain = www.alpha.bizwww.alpha.biz (e.g.) (e.g.)

2727

DNS Components and Mechanics (cont.)

Domain Name ResolversDomain Name Resolvers– Queries (a sequence of) Domain Name Servers to Queries (a sequence of) Domain Name Servers to

find the IP address of a given domain name.find the IP address of a given domain name.– If not known by the Resolver already, Resolver If not known by the Resolver already, Resolver

may query a Root Server to find a TLD DNS may query a Root Server to find a TLD DNS server which will point to a server for second level server which will point to a server for second level names, etc. names, etc.

– Resolver returns the results to the party originally Resolver returns the results to the party originally asking “what is the address of this domain name?”asking “what is the address of this domain name?”

– The answer may be: “there is no such domain The answer may be: “there is no such domain name in the DNS system”.name in the DNS system”.

2828

Root Servers in the DNS There are 13 Root Servers in the DNSThere are 13 Root Servers in the DNS Each of them has a complete table of the addresses of all Each of them has a complete table of the addresses of all

TLD servers. This table is sometimes called the “Root TLD servers. This table is sometimes called the “Root Zone File.”Zone File.”

There can be many copies of each Root Server (using the There can be many copies of each Root Server (using the “anycast” feature of the Internet routing system) and these “anycast” feature of the Internet routing system) and these copies can be anywhere in the Internet.copies can be anywhere in the Internet.

Each root server system is operated on a volunteer basis Each root server system is operated on a volunteer basis by an independent entity. by an independent entity.

Changes to the Root Zone File must be approved by the Changes to the Root Zone File must be approved by the US Department of Commerce (National US Department of Commerce (National Telecommunications and Information Agency) after Telecommunications and Information Agency) after approval by IANA.approval by IANA.

2929

Internationalized Domain Names

IETF has developed standards for incorporating IETF has developed standards for incorporating UNICODE strings into domain names. They are UNICODE strings into domain names. They are mapped into ASCII code strings of the form “xn--mapped into ASCII code strings of the form “xn--<ASCII sequence><ASCII sequence>

Current practices does not (yet) support “multi-Current practices does not (yet) support “multi-lingual” Top Level Domains. Registration restriction lingual” Top Level Domains. Registration restriction tables may be needed for specific languages sets.tables may be needed for specific languages sets.

Introduction of multi-lingual domain names is proving Introduction of multi-lingual domain names is proving to be complex. Higher level applications potentially to be complex. Higher level applications potentially mix up character codings (recent example from email mix up character codings (recent example from email exchange: German umlauts converted to Cyrillic exchange: German umlauts converted to Cyrillic characters!)characters!)

3030

Domain Name Registration

Registry: entity that maintains a database of second Registry: entity that maintains a database of second level domain name registrations and associated level domain name registrations and associated serversservers

Registrar: entity that accepts registrations from users Registrar: entity that accepts registrations from users on behalf of registries.on behalf of registries.

Registrars forward relevant information to Registries Registrars forward relevant information to Registries using standard protocolsusing standard protocols

Some TLD operators perform registrar and registry Some TLD operators perform registrar and registry functions (e.g. many ccTLD operators)functions (e.g. many ccTLD operators)

Life of a Domain Name (unregistered, registered, Life of a Domain Name (unregistered, registered, registry hold, in redemption/grace period, expired…)registry hold, in redemption/grace period, expired…)

3131

WHOIS

Information about registrants (owner, Information about registrants (owner, administrative and technical contact) is kept administrative and technical contact) is kept in the WHOIS database along with many in the WHOIS database along with many other kinds of information. other kinds of information.

There is much controversy over how much of There is much controversy over how much of this information should be publicly accessible this information should be publicly accessible and what should be protected (there are and what should be protected (there are privacy, law enforcement and intellectual privacy, law enforcement and intellectual property protection issues involved.)property protection issues involved.)

3232

EMAIL

One of the oldest Internet applicationsOne of the oldest Internet applications <user mailbox ID>@<mailserver domain name><user mailbox ID>@<mailserver domain name> Example: Example: henry_james@english-dept.ucla.eduhenry_james@english-dept.ucla.edu Mail clients retrieve email via IMAP or POP3 Mail clients retrieve email via IMAP or POP3

protocols. Some use WWW browsers, e.g. hotmailprotocols. Some use WWW browsers, e.g. hotmail Multimedia Internet Mail Extensions (MIME) allow for Multimedia Internet Mail Extensions (MIME) allow for

multiple attachments containing arbitrary content multiple attachments containing arbitrary content (including sound, video, imagery, programs, (including sound, video, imagery, programs, documents, …). Messages and attachments can be documents, …). Messages and attachments can be encrypted and sent this way for privacy.encrypted and sent this way for privacy.

3333

EMAIL

EMAIL is sent from the email client to an EMAIL is sent from the email client to an email relay using the Simple Mail Transport email relay using the Simple Mail Transport Protocol (SMTP). Protocol (SMTP).

A feature of DNS allows one relay to server A feature of DNS allows one relay to server as a proxy for another through a DNS “MX” as a proxy for another through a DNS “MX” entry:entry:

XYZ.COM MX ABC.COM means ABC.COM XYZ.COM MX ABC.COM means ABC.COM serves as proxy for XYZ.COMserves as proxy for XYZ.COM

3434

SPAM

SPAM is unsolicited commercial email SPAM is unsolicited commercial email and is sometimes consider the scourge and is sometimes consider the scourge of the Internet. of the Internet.

Many efforts are underway to limit the Many efforts are underway to limit the influx of spam, including legislation, influx of spam, including legislation, technical measures to resist mail relay technical measures to resist mail relay “hijacking” but the spammers find many “hijacking” but the spammers find many ways to circumvent them.ways to circumvent them.

3535

World Wide Web

Layered atop TCP/IP, WWW uses hypertext Layered atop TCP/IP, WWW uses hypertext transport protocol (http) to carry objects transport protocol (http) to carry objects encoded in Hypertext Markup Language encoded in Hypertext Markup Language (HTML) or Extensible Markup Language (HTML) or Extensible Markup Language (XML) between browsers (clients) and (XML) between browsers (clients) and servers.servers.

Web Proxies can be configured to intervene Web Proxies can be configured to intervene between clients and servers acting as filters between clients and servers acting as filters or as aggregators of web traffic, caching web or as aggregators of web traffic, caching web pages for efficiency. pages for efficiency.

3636

WWW (cont.)

The WWW system uses hyperlinks that are The WWW system uses hyperlinks that are embedded in HTML or XML pages to allow embedded in HTML or XML pages to allow users to “point and click” to move to new users to “point and click” to move to new places in the web. places in the web.

Embedded hyperlinks are expressed as Embedded hyperlinks are expressed as Universal Resource Names, Identifiers or Universal Resource Names, Identifiers or Locators: Locators: http://www.isoc.org/internet/history/doc.htmlhttp://www.isoc.org/internet/history/doc.html

3737

WWW (cont.)

Secure Socket Layer (SSL)Secure Socket Layer (SSL)– This allows client/server communication to This allows client/server communication to

be encrypted for privacy using Public Key be encrypted for privacy using Public Key Cryptography infrastructure (PKI) to Cryptography infrastructure (PKI) to transport symmetric cryptographic keys transport symmetric cryptographic keys between the parties.between the parties.

– This is an important enabler of ecommerce This is an important enabler of ecommerce

3838

Streaming Audio/Video

Usually uses UDP streams (ie. Not Usually uses UDP streams (ie. Not guaranteed to be delivered or in order)guaranteed to be delivered or in order)

Some use Real Time Protocol (RTP)Some use Real Time Protocol (RTP) Some use multicasting capability of the router Some use multicasting capability of the router

systemssystems Some use special distribution services such Some use special distribution services such

as those of Akamai and Real Networks. as those of Akamai and Real Networks. Quality of Service issues sometimes arise Quality of Service issues sometimes arise

with respect to ISP service level agreements.with respect to ISP service level agreements.

3939

Voice over Internet (or IP)

Sometime use private IP networksSometime use private IP networks Sound is encoded, compressed, Sound is encoded, compressed,

packetized and sentpacketized and sent Bandwidth requirements may be Bandwidth requirements may be

reduced (no packets when no one is reduced (no packets when no one is speaking)speaking)

Session Initiation Protocol (SIP) a key Session Initiation Protocol (SIP) a key element in call processingelement in call processing

4040

VOIP

SIP Proxies can locate Internet VOIP terminations SIP Proxies can locate Internet VOIP terminations and route traffic to them.and route traffic to them.

SIP destination identifiers may look like email SIP destination identifiers may look like email addresses:addresses:

SIP: SIP: vinton.g.cerf@sip.mci.comvinton.g.cerf@sip.mci.com Media gateways convert to/from packet mode and Media gateways convert to/from packet mode and

serial digitized voice in the public switched telephone serial digitized voice in the public switched telephone network. They also convert SIP signaling into network. They also convert SIP signaling into conventional SS#7 for example.conventional SS#7 for example.

Free Internet “telephony” from SKYPE, Free World Free Internet “telephony” from SKYPE, Free World Dialup, or reduced price services including access to Dialup, or reduced price services including access to PSTN from Vonage, among a number of others. PSTN from Vonage, among a number of others.

4141

ENUM

ENUM: maps e164 international ENUM: maps e164 international telephone numbers into DNS:telephone numbers into DNS:

+1 703 886 1690 becomes+1 703 886 1690 becomes 0.9.6.1.6.8.8.3.0.7.1.e164.arpa 0.9.6.1.6.8.8.3.0.7.1.e164.arpa And the lookup produces a SIP address And the lookup produces a SIP address

or other Internet destination (web page, or other Internet destination (web page, email address) or fax or telephone email address) or fax or telephone number, etc.number, etc.

4242

Search Engines

Google, YAHOO!, Alta-Vista, etc.Google, YAHOO!, Alta-Vista, etc. Systems scan billions of web pages, index Systems scan billions of web pages, index

them according to text content, rank order them according to text content, rank order them (e.g. by number of hyperlinks pointing to them (e.g. by number of hyperlinks pointing to the page) and respond to search queries.the page) and respond to search queries.

Enormous experimentation with advertising Enormous experimentation with advertising mechanisms – Google instant auctions, etc.mechanisms – Google instant auctions, etc.

4343

Portals

AOL, YAHOO!, MSN, Corporate ebusiness AOL, YAHOO!, MSN, Corporate ebusiness portals, directory servicesportals, directory services

These are web sites intended to guide users These are web sites intended to guide users to resources, to perform services for them.to resources, to perform services for them.

FEDEX, UPS, DHL package tracking FEDEX, UPS, DHL package tracking systems; Airline flight status informationsystems; Airline flight status information

Travel and shopping servicesTravel and shopping services Business to Business and Business to Business to Business and Business to

Consumer servicesConsumer services

4444

GRID Computing

Open Grid Standard Architecture Open Grid Standard Architecture (OGSA)(OGSA)

Virtualize computing, networking and Virtualize computing, networking and storage resources; allow computer storage resources; allow computer services to register and be “discovered” services to register and be “discovered” in directories.in directories.

Potential to create network-based Potential to create network-based supercomputing capability at low costsupercomputing capability at low cost

4545

Security

Many layers of vulnerability and security Many layers of vulnerability and security responsesresponses

Denial of Service Attacks (DOS)Denial of Service Attacks (DOS)– Direct attack against routers, DNS servers, Direct attack against routers, DNS servers,

hostshosts– Many avenues: IP, TCP, HTTP, operating Many avenues: IP, TCP, HTTP, operating

system holes…)system holes…)– Ordinary overload sometimes not Ordinary overload sometimes not

distinguishable from DOS attackdistinguishable from DOS attack

4646

Security (cont.)

Distributed Denial of Service (DDOS)Distributed Denial of Service (DDOS)– Compromise of many hostsCompromise of many hosts– Remote control to launch attacksRemote control to launch attacks– Always-on DSL and Cable Modem services Always-on DSL and Cable Modem services

expose user computers to co-optingexpose user computers to co-opting Worms – self propagating softwareWorms – self propagating software Viruses – piggy back on email, eg. Viruses – piggy back on email, eg. Trojan Horses – code embedded into Trojan Horses – code embedded into

operating system or application softwareoperating system or application software

4747

Security (cont.)

MitigationMitigation– Firewalls including personal firewalls (but Firewalls including personal firewalls (but

not sufficient)not sufficient)– ISP DOS detection and mitigationISP DOS detection and mitigation– Virus filters in email relaysVirus filters in email relays– ““BOT” detectors (system scanning BOT” detectors (system scanning

software)software)– Cyber-hygiene (periodically)Cyber-hygiene (periodically)

4848

Wireless Access

WiFi (IEEE 802.11a,b,g,i, etc.)WiFi (IEEE 802.11a,b,g,i, etc.) WiMax (IEEE 802.16)WiMax (IEEE 802.16) 3G (mobiles)3G (mobiles) GPRS (mobiles)GPRS (mobiles) VSATS (satellite)VSATS (satellite) Hotspots, SIP/WiFi telephonesHotspots, SIP/WiFi telephones

4949

Evolution of Low Level Services

Quality of Service (QOS)Quality of Service (QOS) IPv6IPv6 Domain Name System Security Domain Name System Security

(DNSSEC) – many technical questions(DNSSEC) – many technical questions Secure Routing (SBGP) – many Secure Routing (SBGP) – many

technical questionstechnical questions Intrusion Detection and Mitigation Intrusion Detection and Mitigation

ServicesServices

5050

GRAND Collaboration

Hardware and software makersHardware and software makers Internet Service Providers, Corporate Internet Service Providers, Corporate

and institutional Internetsand institutional Internets Broadband and Wireless Access Broadband and Wireless Access

Providers (mobiles, hotspots,…)Providers (mobiles, hotspots,…) Domain Name Registries, Registrars, Domain Name Registries, Registrars,

ResellersResellers

5151

Grand Collaboration

Root Server OperatorsRoot Server Operators Regional Internet Registries (ARIN, Regional Internet Registries (ARIN,

LACNIC, RIPE-NCC, APNIC, LACNIC, RIPE-NCC, APNIC, [AFRINIC]) and the Number Resources [AFRINIC]) and the Number Resources Organization (NRO)Organization (NRO)

Web Application Service providersWeb Application Service providers Hosting service centersHosting service centers

5252

Grand Collaboration

ICANNICANN– Generic Domain Name Support Org (GNSO)Generic Domain Name Support Org (GNSO)– Country Code Domain Name SO (ccNSO)Country Code Domain Name SO (ccNSO)– Address Support Organization (ASO/NRO)Address Support Organization (ASO/NRO)– Gov’t Advisory Committee (GAC)Gov’t Advisory Committee (GAC)– Security+Stability Advisory Comm (SSAC)Security+Stability Advisory Comm (SSAC)– Root Server System Advisory Comm (RSSAC)Root Server System Advisory Comm (RSSAC)– At Large Advisory Comm (ALAC) + Regional At Large At Large Advisory Comm (ALAC) + Regional At Large

Organizations (RALO)Organizations (RALO)– Standing Committees (audit, finance, governance, Standing Committees (audit, finance, governance,

nominations…)nominations…)

5353

Grand Collaboration

Internet Society (ISOC)Internet Society (ISOC) Internet Architecture Board (IAB)Internet Architecture Board (IAB) Internet Engineering Task Force (IETF)Internet Engineering Task Force (IETF) Internet Engineering Steering Group Internet Engineering Steering Group

(IESG)(IESG) Internet Research Task Force (IRTF)Internet Research Task Force (IRTF)

5454

Grand Collaboration

International Telecommunications UnionInternational Telecommunications Union– ITU-T, ITU-DITU-T, ITU-D

United NationsUnited Nations– UN Development Program, Food and UN Development Program, Food and

Agriculture Organization (!), UN Information Agriculture Organization (!), UN Information and Communications Technology Task and Communications Technology Task Force, UNESCO, ECOSOC, …Force, UNESCO, ECOSOC, …

5555

Grand Collaboration

Professional SocietiesProfessional Societies– IEEE, ACM, IEE, …IEEE, ACM, IEE, …

International Chamber of Commerce International Chamber of Commerce World Intellectual Property OrganizationWorld Intellectual Property Organization And many more!And many more!

5656

Internet Policy

Many layers – see papers by Lawrence Solum, Larry Many layers – see papers by Lawrence Solum, Larry Lessig and Richard WhittLessig and Richard Whitt

Extremely BroadExtremely Broad– Technical Policy (address alloc, DNS integrity, …)Technical Policy (address alloc, DNS integrity, …)– Intellectual property protectionIntellectual property protection– Consumer protection (fraud, libel…)Consumer protection (fraud, libel…)– Abuse (child pornography, drugs…)Abuse (child pornography, drugs…)– Dispute Resolution (business, consumer…)Dispute Resolution (business, consumer…)– PrivacyPrivacy– CensorshipCensorship– Freedom of speechFreedom of speech– ……

5757

Recommendation

Identify Issues and concerns FIRSTIdentify Issues and concerns FIRST Develop a Taxonomy of issuesDevelop a Taxonomy of issues THEN consider venues in which issues THEN consider venues in which issues

and policy concerns can be addressand policy concerns can be address Humbly but strongly urge that the policy Humbly but strongly urge that the policy

issues be viewed IN LAYERED form to issues be viewed IN LAYERED form to understand constituent responsibilitiesunderstand constituent responsibilities

5858

Last Note

Governance does not mean Governance does not mean government government

It INCLUDES government where this is It INCLUDES government where this is appropriate but it is a distributed, multi-appropriate but it is a distributed, multi-layer responsibility involving private, layer responsibility involving private, public sectors and civil society in a wide public sectors and civil society in a wide variety of ways.variety of ways.