View
218
Download
2
Embed Size (px)
Citation preview
11
Internet 101Internet 101 TechnologyTechnology Policy FrameworkPolicy Framework
22
Disclaimer!
This presentation is oversimplified And incomplete for pedagogical reasons
and because of time constraints!
33
How does Internet work?
44
Internet
The Internet is a network of networks The Internet is a network of networks interconnected by means of the Internet interconnected by means of the Internet Protocol Suite.Protocol Suite.
It is an architecture for a system of computer-It is an architecture for a system of computer-based applications.based applications.
Protocols are standard procedures, Protocols are standard procedures, conventions and formats for inter-computer conventions and formats for inter-computer communication.communication.
The Internet protocols are based on packet The Internet protocols are based on packet switching concepts.switching concepts.
55
SS DD
SS DD
Circuit SwitchingCircuit Switching
Packet SwitchingPacket Switching
Circuit and Packet SwitchingCircuit and Packet Switching
““telephone networktelephone network””
InternetInternet
66
HostA
B
Packet
Switch
AA
BB
AA BB
BB
Multiplexing data from multiple processesMultiplexing data from multiple processes
““Store-and-forward”Store-and-forward”
Automatic speed adaptationAutomatic speed adaptation
Adaptive alternate routingAdaptive alternate routing
Packet Switching FeaturesPacket Switching Features
77
Packet StructurePacket Structure
SSS DD ...... DataData
S = Source Address (“From”)S = Source Address (“From”)
D = Destination Address (“To”)D = Destination Address (“To”)
HeaderHeader
88
Internet Addressing IPv4 - 32 bits (4.3 billion addresses)IPv4 - 32 bits (4.3 billion addresses) IPv 6 – 128 bits (10IPv 6 – 128 bits (103838 addresses) addresses)
that’s 100 trillion trillion trillion …that’s 100 trillion trillion trillion …
99
Internet Packet Formats
““from” addressfrom” address ““to” addressto” address CONTENTSCONTENTS
An Internet PacketAn Internet Packet
VersionVersionnumbernumber
““4”4”166.45.18.99166.45.18.99 204.146.165.100204.146.165.100 “ “hello”hello”
1010
Packet switchedPacket switched
Some use virtual circuits Some use virtual circuits
Peer-to-peerPeer-to-peer
Client/serverClient/server
Some are shared media (e.g., EthernetSome are shared media (e.g., Ethernet))
Packet NetworksPacket Networks
hosthost
hosthost
hosthost
1111
InternetworkingInternetworking
H
R
R
H
Routers
Encapsulation
End-to-end packets
Internet Protocol- IP
““Routers were once calledRouters were once calledGateways between nets”Gateways between nets”
1212
NetworkIP
NetworkIP
Phys 1
Link 1 Link 1
Phys 1 Phys 2
Link 2
IP: The “Thin Waist” of the Internet
Internet: a Network of Connected Sub-Networks
Phys 2
Link 2
Phys 3
Link 3
App
App
App App
App
App
NetworkIP
TransportTCP
NetworkIP
TransportTCP
Phys 3
Link 3
Subnet 1 Subnet 2 Subnet 3
1313
The Internet IP Postcard System
To: mci.com
From: eop.gov
01101110 11100111
An electronic postcard (“packet”)
A router
A bucket of packets
Another router
1414
Early Internet - “Network of Early Internet - “Network of Networks”Networks”
NSFnet 1986-1995MCIMCI, IBM, Merit, ANS
NYSERNET - 1987
PSINET - 1990 CERFNET - 1989
UUNET – 1989CIX
ARPANET 1969-1990
Packet Radio 1975
GIX
Sprint Link
EBONE 1992
NORDUNET 1991
BARRNET 1988
Ethernet 1974
Packet Satellite 1976
(End-user nets not shown)
1515
Internet Protocol ArchitectureInternet Protocol ArchitectureKey Protocols: TCP/IPKey Protocols: TCP/IP
I P / I C M P
FDDIFDDI
EthernetEthernet
SONET/SDHSONET/SDH
HDLCHDLC
WiFiWiFi
X.25X.25
ATMATM
FRFR
TCPTCP UDPUDP OSPFOSPF EGP/BGP...EGP/BGP...
SNMPSNMP DNSDNS
HTTPHTTP FTPFTP SMTPSMTP
MIMEMIME PGPPGP
. . .
. . . . . .link
Network
Transport
Utility/Application
PhysicalCoaxial cable, optical fiber, radio, satellite…Coaxial cable, optical fiber, radio, satellite…
Note many protocols not shownNote many protocols not shown
1616
How Does TCP Work?
Like Sending a Novel on Like Sending a Novel on PostcardsPostcards–Page numbering (ordering, Page numbering (ordering,
duplicate detection)duplicate detection)–Positive AcknowledgementPositive Acknowledgement–Retransmission on TimeoutRetransmission on Timeout–Finite MailboxFinite Mailbox
1717
Protocol Layering
Key concept – like floors of a building: Key concept – like floors of a building: lower floors support upper oneslower floors support upper ones
Layers form a kind of stair case – users Layers form a kind of stair case – users have access to each layer (floor, step)have access to each layer (floor, step)
To understand the Internet, you must To understand the Internet, you must look at it from the side to see the layers look at it from the side to see the layers – looking down from the top conflates all – looking down from the top conflates all functions into one solid mass.functions into one solid mass.
1818
Routing
Internal Gateway Protocol (IGP)Internal Gateway Protocol (IGP)– IS-IS, Open Shortest Path First (OSPF), RIP IS-IS, Open Shortest Path First (OSPF), RIP
(primitive). Used within an (primitive). Used within an autonomous system autonomous system (AS)(AS).
Exterior Gateway Protocol (EGP)Exterior Gateway Protocol (EGP)– BGP4 – used between autonomous systemsBGP4 – used between autonomous systems
Routing protocols help routers track topology Routing protocols help routers track topology and preferred routing for traffic within and and preferred routing for traffic within and between autonomous systems. between autonomous systems.
1919
Interconnecting Internet Service Providers (ISPs)
Peering and TransitPeering and Transit– Peers exchange routing information directly or Peers exchange routing information directly or
through Internet Exchanges; and exchange traffic through Internet Exchanges; and exchange traffic only between their customers (not their peers)only between their customers (not their peers)
– Transit: one net purchases full Internet Transit: one net purchases full Internet connectivity from anotherconnectivity from another
Internet ExchangesInternet Exchanges– London Internet eXchange (LINX)London Internet eXchange (LINX)– MAE-EAST, MAE-WEST, …MAE-EAST, MAE-WEST, …– Multiple nets peer at the exchangesMultiple nets peer at the exchanges
2020
Firewalls
Introduced between edge networks (e.g. Introduced between edge networks (e.g. corporate nets, home networks) and public corporate nets, home networks) and public InternetInternet
Filter traffic (in either direction) to control Filter traffic (in either direction) to control access to edge network resourcesaccess to edge network resources
Vary in complexity and layers of protocol Vary in complexity and layers of protocol examined for access control. Some observe examined for access control. Some observe set-up and tear-down of TCP connections for set-up and tear-down of TCP connections for example.example.
2121
Network Address Translators (NATS)
Introduced between users and edge access Introduced between users and edge access networks (LANS, wireless nets) to allow networks (LANS, wireless nets) to allow sharing of a single IP address by multiple sharing of a single IP address by multiple computers.computers.
Response to limited number of IP addresses Response to limited number of IP addresses made available to users by ISPs (maximize made available to users by ISPs (maximize revenue per IP address)revenue per IP address)
Detrimental to end/end security methodsDetrimental to end/end security methods Personal anecdote with cable networkPersonal anecdote with cable network
2222
Virtual Private Networks (VPNs) via IPSEC tunnels
Packets from private (edge) network are Packets from private (edge) network are encapsulated in IP packets flowing encapsulated in IP packets flowing through the public Internet. The payload through the public Internet. The payload of each packet is encrypted to protect it of each packet is encrypted to protect it while in transit (this creates the “tunnel”)while in transit (this creates the “tunnel”)
The edge networks may use private IP The edge networks may use private IP addresses rather than public IP addresses rather than public IP addresses without penalty.addresses without penalty.
2323
Domain Names and Addresses
www.isoc.org is a “domain name”www.isoc.org is a “domain name”– ““org” is the “non-commercial top level org” is the “non-commercial top level
domain”domain” 208.234.102.119 is an Internet address208.234.102.119 is an Internet address
– this is really just a way to represent a 32 bit this is really just a way to represent a 32 bit number which how Internet Protocol number which how Internet Protocol version 4 represents locations in the version 4 represents locations in the Internet, like telephone numbers in the Internet, like telephone numbers in the telephone networktelephone network
2424
Domain Names
Latin characters “A”-”Z”, numbers Latin characters “A”-”Z”, numbers “0”-”9” and “-” (encoded in US ASCII)“0”-”9” and “-” (encoded in US ASCII)
They appear in embedded constructs They appear in embedded constructs such as email: such as email: [email protected]@mci.net
In Uniform Resource Locators:In Uniform Resource Locators:– http://www.mci.com/cerfsuphttp://www.mci.com/cerfsup
And in other protocol constructsAnd in other protocol constructs
2525
Top Level Domain Names (TLDs)
Generic Generic TLDs: .edu, .com, .org, .net, .mil, .gov, .int, .biz, .aero, .coTLDs: .edu, .com, .org, .net, .mil, .gov, .int, .biz, .aero, .coop, .museum, .name, .pro, .info op, .museum, .name, .pro, .info
and country code TLDs: .US, .UK, .FR, .DE, .JP, .ZA, .AU, and country code TLDs: .US, .UK, .FR, .DE, .JP, .ZA, .AU, ……
But note: .tv, .md, .to, .cc… are operated like genericsBut note: .tv, .md, .to, .cc… are operated like generics Infrastructure TLD: .arpa (inverse IP address lookup and Infrastructure TLD: .arpa (inverse IP address lookup and
also e164 telephone number entries)also e164 telephone number entries) The system is hierarchical and each name is unique: The system is hierarchical and each name is unique:
www.cnri.reston.va.uswww.cnri.reston.va.us The Internet Assigned Numbers Authority (IANA) The Internet Assigned Numbers Authority (IANA)
delegates responsibility for each TLD to an appropriate delegates responsibility for each TLD to an appropriate entity. entity.
2626
DNS Components and Mechanics
Domain Name ServersDomain Name Servers– Associate domain names with IP Associate domain names with IP
addresses (among other things) or point to addresses (among other things) or point to lower level servers with more informationlower level servers with more information
– ““Root” = “.”Root” = “.”– TLD = .biz (for instance)TLD = .biz (for instance)– Second Level Domain = alpha.biz (e.g.)Second Level Domain = alpha.biz (e.g.)– Third Level Domain = Third Level Domain = www.alpha.bizwww.alpha.biz (e.g.) (e.g.)
2727
DNS Components and Mechanics (cont.)
Domain Name ResolversDomain Name Resolvers– Queries (a sequence of) Domain Name Servers to Queries (a sequence of) Domain Name Servers to
find the IP address of a given domain name.find the IP address of a given domain name.– If not known by the Resolver already, Resolver If not known by the Resolver already, Resolver
may query a Root Server to find a TLD DNS may query a Root Server to find a TLD DNS server which will point to a server for second level server which will point to a server for second level names, etc. names, etc.
– Resolver returns the results to the party originally Resolver returns the results to the party originally asking “what is the address of this domain name?”asking “what is the address of this domain name?”
– The answer may be: “there is no such domain The answer may be: “there is no such domain name in the DNS system”.name in the DNS system”.
2828
Root Servers in the DNS There are 13 Root Servers in the DNSThere are 13 Root Servers in the DNS Each of them has a complete table of the addresses of all Each of them has a complete table of the addresses of all
TLD servers. This table is sometimes called the “Root TLD servers. This table is sometimes called the “Root Zone File.”Zone File.”
There can be many copies of each Root Server (using the There can be many copies of each Root Server (using the “anycast” feature of the Internet routing system) and these “anycast” feature of the Internet routing system) and these copies can be anywhere in the Internet.copies can be anywhere in the Internet.
Each root server system is operated on a volunteer basis Each root server system is operated on a volunteer basis by an independent entity. by an independent entity.
Changes to the Root Zone File must be approved by the Changes to the Root Zone File must be approved by the US Department of Commerce (National US Department of Commerce (National Telecommunications and Information Agency) after Telecommunications and Information Agency) after approval by IANA.approval by IANA.
2929
Internationalized Domain Names
IETF has developed standards for incorporating IETF has developed standards for incorporating UNICODE strings into domain names. They are UNICODE strings into domain names. They are mapped into ASCII code strings of the form “xn--mapped into ASCII code strings of the form “xn--<ASCII sequence><ASCII sequence>
Current practices does not (yet) support “multi-Current practices does not (yet) support “multi-lingual” Top Level Domains. Registration restriction lingual” Top Level Domains. Registration restriction tables may be needed for specific languages sets.tables may be needed for specific languages sets.
Introduction of multi-lingual domain names is proving Introduction of multi-lingual domain names is proving to be complex. Higher level applications potentially to be complex. Higher level applications potentially mix up character codings (recent example from email mix up character codings (recent example from email exchange: German umlauts converted to Cyrillic exchange: German umlauts converted to Cyrillic characters!)characters!)
3030
Domain Name Registration
Registry: entity that maintains a database of second Registry: entity that maintains a database of second level domain name registrations and associated level domain name registrations and associated serversservers
Registrar: entity that accepts registrations from users Registrar: entity that accepts registrations from users on behalf of registries.on behalf of registries.
Registrars forward relevant information to Registries Registrars forward relevant information to Registries using standard protocolsusing standard protocols
Some TLD operators perform registrar and registry Some TLD operators perform registrar and registry functions (e.g. many ccTLD operators)functions (e.g. many ccTLD operators)
Life of a Domain Name (unregistered, registered, Life of a Domain Name (unregistered, registered, registry hold, in redemption/grace period, expired…)registry hold, in redemption/grace period, expired…)
3131
WHOIS
Information about registrants (owner, Information about registrants (owner, administrative and technical contact) is kept administrative and technical contact) is kept in the WHOIS database along with many in the WHOIS database along with many other kinds of information. other kinds of information.
There is much controversy over how much of There is much controversy over how much of this information should be publicly accessible this information should be publicly accessible and what should be protected (there are and what should be protected (there are privacy, law enforcement and intellectual privacy, law enforcement and intellectual property protection issues involved.)property protection issues involved.)
3232
One of the oldest Internet applicationsOne of the oldest Internet applications <user mailbox ID>@<mailserver domain name><user mailbox ID>@<mailserver domain name> Example: Example: [email protected][email protected] Mail clients retrieve email via IMAP or POP3 Mail clients retrieve email via IMAP or POP3
protocols. Some use WWW browsers, e.g. hotmailprotocols. Some use WWW browsers, e.g. hotmail Multimedia Internet Mail Extensions (MIME) allow for Multimedia Internet Mail Extensions (MIME) allow for
multiple attachments containing arbitrary content multiple attachments containing arbitrary content (including sound, video, imagery, programs, (including sound, video, imagery, programs, documents, …). Messages and attachments can be documents, …). Messages and attachments can be encrypted and sent this way for privacy.encrypted and sent this way for privacy.
3333
EMAIL is sent from the email client to an EMAIL is sent from the email client to an email relay using the Simple Mail Transport email relay using the Simple Mail Transport Protocol (SMTP). Protocol (SMTP).
A feature of DNS allows one relay to server A feature of DNS allows one relay to server as a proxy for another through a DNS “MX” as a proxy for another through a DNS “MX” entry:entry:
XYZ.COM MX ABC.COM means ABC.COM XYZ.COM MX ABC.COM means ABC.COM serves as proxy for XYZ.COMserves as proxy for XYZ.COM
3434
SPAM
SPAM is unsolicited commercial email SPAM is unsolicited commercial email and is sometimes consider the scourge and is sometimes consider the scourge of the Internet. of the Internet.
Many efforts are underway to limit the Many efforts are underway to limit the influx of spam, including legislation, influx of spam, including legislation, technical measures to resist mail relay technical measures to resist mail relay “hijacking” but the spammers find many “hijacking” but the spammers find many ways to circumvent them.ways to circumvent them.
3535
World Wide Web
Layered atop TCP/IP, WWW uses hypertext Layered atop TCP/IP, WWW uses hypertext transport protocol (http) to carry objects transport protocol (http) to carry objects encoded in Hypertext Markup Language encoded in Hypertext Markup Language (HTML) or Extensible Markup Language (HTML) or Extensible Markup Language (XML) between browsers (clients) and (XML) between browsers (clients) and servers.servers.
Web Proxies can be configured to intervene Web Proxies can be configured to intervene between clients and servers acting as filters between clients and servers acting as filters or as aggregators of web traffic, caching web or as aggregators of web traffic, caching web pages for efficiency. pages for efficiency.
3636
WWW (cont.)
The WWW system uses hyperlinks that are The WWW system uses hyperlinks that are embedded in HTML or XML pages to allow embedded in HTML or XML pages to allow users to “point and click” to move to new users to “point and click” to move to new places in the web. places in the web.
Embedded hyperlinks are expressed as Embedded hyperlinks are expressed as Universal Resource Names, Identifiers or Universal Resource Names, Identifiers or Locators: Locators: http://www.isoc.org/internet/history/doc.htmlhttp://www.isoc.org/internet/history/doc.html
3737
WWW (cont.)
Secure Socket Layer (SSL)Secure Socket Layer (SSL)– This allows client/server communication to This allows client/server communication to
be encrypted for privacy using Public Key be encrypted for privacy using Public Key Cryptography infrastructure (PKI) to Cryptography infrastructure (PKI) to transport symmetric cryptographic keys transport symmetric cryptographic keys between the parties.between the parties.
– This is an important enabler of ecommerce This is an important enabler of ecommerce
3838
Streaming Audio/Video
Usually uses UDP streams (ie. Not Usually uses UDP streams (ie. Not guaranteed to be delivered or in order)guaranteed to be delivered or in order)
Some use Real Time Protocol (RTP)Some use Real Time Protocol (RTP) Some use multicasting capability of the router Some use multicasting capability of the router
systemssystems Some use special distribution services such Some use special distribution services such
as those of Akamai and Real Networks. as those of Akamai and Real Networks. Quality of Service issues sometimes arise Quality of Service issues sometimes arise
with respect to ISP service level agreements.with respect to ISP service level agreements.
3939
Voice over Internet (or IP)
Sometime use private IP networksSometime use private IP networks Sound is encoded, compressed, Sound is encoded, compressed,
packetized and sentpacketized and sent Bandwidth requirements may be Bandwidth requirements may be
reduced (no packets when no one is reduced (no packets when no one is speaking)speaking)
Session Initiation Protocol (SIP) a key Session Initiation Protocol (SIP) a key element in call processingelement in call processing
4040
VOIP
SIP Proxies can locate Internet VOIP terminations SIP Proxies can locate Internet VOIP terminations and route traffic to them.and route traffic to them.
SIP destination identifiers may look like email SIP destination identifiers may look like email addresses:addresses:
SIP: SIP: [email protected]@sip.mci.com Media gateways convert to/from packet mode and Media gateways convert to/from packet mode and
serial digitized voice in the public switched telephone serial digitized voice in the public switched telephone network. They also convert SIP signaling into network. They also convert SIP signaling into conventional SS#7 for example.conventional SS#7 for example.
Free Internet “telephony” from SKYPE, Free World Free Internet “telephony” from SKYPE, Free World Dialup, or reduced price services including access to Dialup, or reduced price services including access to PSTN from Vonage, among a number of others. PSTN from Vonage, among a number of others.
4141
ENUM
ENUM: maps e164 international ENUM: maps e164 international telephone numbers into DNS:telephone numbers into DNS:
+1 703 886 1690 becomes+1 703 886 1690 becomes 0.9.6.1.6.8.8.3.0.7.1.e164.arpa 0.9.6.1.6.8.8.3.0.7.1.e164.arpa And the lookup produces a SIP address And the lookup produces a SIP address
or other Internet destination (web page, or other Internet destination (web page, email address) or fax or telephone email address) or fax or telephone number, etc.number, etc.
4242
Search Engines
Google, YAHOO!, Alta-Vista, etc.Google, YAHOO!, Alta-Vista, etc. Systems scan billions of web pages, index Systems scan billions of web pages, index
them according to text content, rank order them according to text content, rank order them (e.g. by number of hyperlinks pointing to them (e.g. by number of hyperlinks pointing to the page) and respond to search queries.the page) and respond to search queries.
Enormous experimentation with advertising Enormous experimentation with advertising mechanisms – Google instant auctions, etc.mechanisms – Google instant auctions, etc.
4343
Portals
AOL, YAHOO!, MSN, Corporate ebusiness AOL, YAHOO!, MSN, Corporate ebusiness portals, directory servicesportals, directory services
These are web sites intended to guide users These are web sites intended to guide users to resources, to perform services for them.to resources, to perform services for them.
FEDEX, UPS, DHL package tracking FEDEX, UPS, DHL package tracking systems; Airline flight status informationsystems; Airline flight status information
Travel and shopping servicesTravel and shopping services Business to Business and Business to Business to Business and Business to
Consumer servicesConsumer services
4444
GRID Computing
Open Grid Standard Architecture Open Grid Standard Architecture (OGSA)(OGSA)
Virtualize computing, networking and Virtualize computing, networking and storage resources; allow computer storage resources; allow computer services to register and be “discovered” services to register and be “discovered” in directories.in directories.
Potential to create network-based Potential to create network-based supercomputing capability at low costsupercomputing capability at low cost
4545
Security
Many layers of vulnerability and security Many layers of vulnerability and security responsesresponses
Denial of Service Attacks (DOS)Denial of Service Attacks (DOS)– Direct attack against routers, DNS servers, Direct attack against routers, DNS servers,
hostshosts– Many avenues: IP, TCP, HTTP, operating Many avenues: IP, TCP, HTTP, operating
system holes…)system holes…)– Ordinary overload sometimes not Ordinary overload sometimes not
distinguishable from DOS attackdistinguishable from DOS attack
4646
Security (cont.)
Distributed Denial of Service (DDOS)Distributed Denial of Service (DDOS)– Compromise of many hostsCompromise of many hosts– Remote control to launch attacksRemote control to launch attacks– Always-on DSL and Cable Modem services Always-on DSL and Cable Modem services
expose user computers to co-optingexpose user computers to co-opting Worms – self propagating softwareWorms – self propagating software Viruses – piggy back on email, eg. Viruses – piggy back on email, eg. Trojan Horses – code embedded into Trojan Horses – code embedded into
operating system or application softwareoperating system or application software
4747
Security (cont.)
MitigationMitigation– Firewalls including personal firewalls (but Firewalls including personal firewalls (but
not sufficient)not sufficient)– ISP DOS detection and mitigationISP DOS detection and mitigation– Virus filters in email relaysVirus filters in email relays– ““BOT” detectors (system scanning BOT” detectors (system scanning
software)software)– Cyber-hygiene (periodically)Cyber-hygiene (periodically)
4848
Wireless Access
WiFi (IEEE 802.11a,b,g,i, etc.)WiFi (IEEE 802.11a,b,g,i, etc.) WiMax (IEEE 802.16)WiMax (IEEE 802.16) 3G (mobiles)3G (mobiles) GPRS (mobiles)GPRS (mobiles) VSATS (satellite)VSATS (satellite) Hotspots, SIP/WiFi telephonesHotspots, SIP/WiFi telephones
4949
Evolution of Low Level Services
Quality of Service (QOS)Quality of Service (QOS) IPv6IPv6 Domain Name System Security Domain Name System Security
(DNSSEC) – many technical questions(DNSSEC) – many technical questions Secure Routing (SBGP) – many Secure Routing (SBGP) – many
technical questionstechnical questions Intrusion Detection and Mitigation Intrusion Detection and Mitigation
ServicesServices
5050
GRAND Collaboration
Hardware and software makersHardware and software makers Internet Service Providers, Corporate Internet Service Providers, Corporate
and institutional Internetsand institutional Internets Broadband and Wireless Access Broadband and Wireless Access
Providers (mobiles, hotspots,…)Providers (mobiles, hotspots,…) Domain Name Registries, Registrars, Domain Name Registries, Registrars,
ResellersResellers
5151
Grand Collaboration
Root Server OperatorsRoot Server Operators Regional Internet Registries (ARIN, Regional Internet Registries (ARIN,
LACNIC, RIPE-NCC, APNIC, LACNIC, RIPE-NCC, APNIC, [AFRINIC]) and the Number Resources [AFRINIC]) and the Number Resources Organization (NRO)Organization (NRO)
Web Application Service providersWeb Application Service providers Hosting service centersHosting service centers
5252
Grand Collaboration
ICANNICANN– Generic Domain Name Support Org (GNSO)Generic Domain Name Support Org (GNSO)– Country Code Domain Name SO (ccNSO)Country Code Domain Name SO (ccNSO)– Address Support Organization (ASO/NRO)Address Support Organization (ASO/NRO)– Gov’t Advisory Committee (GAC)Gov’t Advisory Committee (GAC)– Security+Stability Advisory Comm (SSAC)Security+Stability Advisory Comm (SSAC)– Root Server System Advisory Comm (RSSAC)Root Server System Advisory Comm (RSSAC)– At Large Advisory Comm (ALAC) + Regional At Large At Large Advisory Comm (ALAC) + Regional At Large
Organizations (RALO)Organizations (RALO)– Standing Committees (audit, finance, governance, Standing Committees (audit, finance, governance,
nominations…)nominations…)
5353
Grand Collaboration
Internet Society (ISOC)Internet Society (ISOC) Internet Architecture Board (IAB)Internet Architecture Board (IAB) Internet Engineering Task Force (IETF)Internet Engineering Task Force (IETF) Internet Engineering Steering Group Internet Engineering Steering Group
(IESG)(IESG) Internet Research Task Force (IRTF)Internet Research Task Force (IRTF)
5454
Grand Collaboration
International Telecommunications UnionInternational Telecommunications Union– ITU-T, ITU-DITU-T, ITU-D
United NationsUnited Nations– UN Development Program, Food and UN Development Program, Food and
Agriculture Organization (!), UN Information Agriculture Organization (!), UN Information and Communications Technology Task and Communications Technology Task Force, UNESCO, ECOSOC, …Force, UNESCO, ECOSOC, …
5555
Grand Collaboration
Professional SocietiesProfessional Societies– IEEE, ACM, IEE, …IEEE, ACM, IEE, …
International Chamber of Commerce International Chamber of Commerce World Intellectual Property OrganizationWorld Intellectual Property Organization And many more!And many more!
5656
Internet Policy
Many layers – see papers by Lawrence Solum, Larry Many layers – see papers by Lawrence Solum, Larry Lessig and Richard WhittLessig and Richard Whitt
Extremely BroadExtremely Broad– Technical Policy (address alloc, DNS integrity, …)Technical Policy (address alloc, DNS integrity, …)– Intellectual property protectionIntellectual property protection– Consumer protection (fraud, libel…)Consumer protection (fraud, libel…)– Abuse (child pornography, drugs…)Abuse (child pornography, drugs…)– Dispute Resolution (business, consumer…)Dispute Resolution (business, consumer…)– PrivacyPrivacy– CensorshipCensorship– Freedom of speechFreedom of speech– ……
5757
Recommendation
Identify Issues and concerns FIRSTIdentify Issues and concerns FIRST Develop a Taxonomy of issuesDevelop a Taxonomy of issues THEN consider venues in which issues THEN consider venues in which issues
and policy concerns can be addressand policy concerns can be address Humbly but strongly urge that the policy Humbly but strongly urge that the policy
issues be viewed IN LAYERED form to issues be viewed IN LAYERED form to understand constituent responsibilitiesunderstand constituent responsibilities
5858
Last Note
Governance does not mean Governance does not mean government government
It INCLUDES government where this is It INCLUDES government where this is appropriate but it is a distributed, multi-appropriate but it is a distributed, multi-layer responsibility involving private, layer responsibility involving private, public sectors and civil society in a wide public sectors and civil society in a wide variety of ways.variety of ways.