I ended 2011 with a short (20 December) visit to a pleasantly warm Washington, D.C. for my 5th FCC Technical Advisory Council meeting. Some of the discussions from the third meeting were extended, others cut off for lack of time. We spent over an hour on the suggestion made by the Legacy Transition working group two meetings ago to advise the FCC to move forward in sunsetting (although we shunned that term at this meeting — “It’s a new beginning, not an end!”) the public-switched telephone network (PSTN). Many questions have arisen repeatedly in the discussions over the course of the last two meetings (and two FCC workshops in between), notably, “What happens to the telephony numbering system?” The initial strategy was imprecise, “The numbering plan will continue to exist but governance and allocation process needs to be considered.” Another repeated question has been “What exactly do we mean by PSTN?”

Interestingly, at this meeting the FCC staff themselves presented some thoughts on the way forward for the PSTN, before the working group got to present, thus some redundancy ensued. Still no resolution on numbering, or its post-PSTN replacement “identification”. Several TAC members including Vint Cerf and Dan Reed emphasized the importance of naming conventions for an expansive set of services now displacing what we used to call voice. Furthermore, since most people still use mobile phones in the same small set of locations, the permanent connectivity or attachment of the phone number to the individual is even more fundamental to the architecture than constant mobility.

As the working group emphasized back in July, the PSTN transition is neither a TAC nor an FCC initiative — consumers are driving it, i.e., dropping their landlines with alacrity. There was rough consensus on the need to consider several technical and policy issues, including: promoting competition; universality and carrier of last resort (including USF and reciprocal compensation); transitioning services that depend on the PSTN; reliability, continuity, accessibiity, 911; homeland security/CALEA; and privacy/personal security. Open questions include those as mechanical as “What replaces RJ11?” and as economic as “What/Where are the most efficient points of interconnection?” (Well, both questions bear mechanical and economic considerations.) The industry still lack IP-based technical standards to ensure quality and reliability of voice, and the FCC’s regulatory posture carries an embedded assumption — understandable given its century of commissioned responsibility — that voice is something to specifically protect rather than treat as another bucket of data being transported across the network.

Tom Wheeler captured a less surprising industry opinion that unencumbering industry from the body of laws and court precedents based on the PSTN would facilitate the advance of market forces. Marvin Sirbu was worried we might be overestimating the speed at which citizens are really moving to VOIP. While there was disagreement over details, there was broad consensus that IP was going to be the mechanism for most end-to-end carriage.

Less time, about 15 minutes, was spent discussing the IPv6 working group’s results (a “benchmarking document”) and recommendations, mostly punting the problems to next year starting with a joint workshop with NTIA in February. There was only time for one comment, from Vint, before the FCC chairman spoke, after which we went on to the next topic. Vint had four rapid-fire points: (1) IPv6 is NOT a transition, but rather introduction of an additional capability; (2) there is a very real threat of a cascading NAT environment; (3) NIST should be involved in IPv6 measurement; (4) OMB should be involved in government procurement guidelines for IPv6 network services. I disagree with his first point, but the lack of government coordination and consistency is painfully clear. OMB already has an IPv6-related mandate, but there are no IPv6 support conditions on the broadband stimulus money or other sources of USG funding (IPv6 conditions on USF funding are being discussed). My bigger concern with benchmarking is that current IPv6 measurement activities send mixed signals to industry — customers are not planning since the best available data implies that carriers are not planning to deploy it in the next 18 months.

The best suggestion I have heard so far (from Geoff Huston) is for the FCC to ask of its own constituency to publish their 24-month IPv6 deployment objectives so that current and potential customers of their services are aware of their plans, and then in 18 months ask the same set of to folks publish their actual IPv6 deployment achievements and what their objectives are for the ensuing 24 months. This recommendation would be consistent with the FCC’s “transparency and disclosure” approach to other issues. But there was no time to discuss IPv6 at this meeting, maybe next time. Hopefully I will have some results to report from CAIDA’s IPv6 growth scenario computational modeling study.

We agreed to narrow the set of TAC study topics for 2012 to three: IPv6; the PSTN transition; and receiver standards to support sharing. Next meeting in March 2012.

The last line of this FCC announcement is ominous enough:

Read the rest of this entry »

Policy making has become predominated by sponsored research, politics, campaign contributions and rhetoric. In light of an apparent disinterest for the facts it comes as no surprise that the network neutrality debate highlights opposing perceptions about the impact from changes in the next generation Internet. Regrettably no unbiased fact finding appears readily available, because politicization at the FCC prevents fair minded assessment by the Democratic and Republican Commissioners and heretofore the conflict has not generated a question of law or fact reviewable by a court.
— Rob Frieden: Internet 3.0: Identifying Problems and Solutions to the Network Neutrality Debate, 2007.

in June I participated on a panel on network neutrality hosted at the June cybersecurity meeting of the DHS/SRI Infosec Technology Transition Council (ITTC), where “experts and leaders from the government, private, financial, IT, venture capitalist, and academia and science sectors come together to address the problem of identity theft and related criminal activity on the Internet.” Here is a belated recap of my thoughts on that panel, including what network neutrality has to do with cybersecurity.

Many academics have gotten a lot of mileage (publications, funding, tenure) out of spreading the “network neutrality” meme since law professor Timothy Wu introduced the term in a 2003 paper in the University of Colorado’s law journal. I find the meme and its surrounding literature represent a weak substitute for public policy research based on real data from real networks. (An allegation that could equally be directed at other sub-disciplines of Internet science, and for the same reasons.)

The success of the meme is also symptomatic of a post-traumatic stress response to the death of a similar meme with far higher stature and longevity — common carriage, the demise of which Eli Noam predicted way back in 1994. His paper accurately predicted that the success and ubiquity of networks and the increasing convergence of communications and computing — and competition — would (did) lead to the death of common carriage in the industry.

There is plenty of blame to spread around. You can blame the government for improper oversight. You can blame the private sector for lobbying/bribing the government not to do proper oversight. You can blame failure of consumers to understand the issues. (Sound like the sub-prime mortgage crisis yet?) With enough money, you can, and many did, weight disproportionate attention to blaming various factors that are not you. But what is under the (generally proprietary) hood of all network neutrality controversy is simple: the economics of building and operating sustainable packet-switched networks in the 21st century. Not coincidentally, economic considerations are also at the root of most of our cybersecurity problems, or more precisely of our failures to make progress on them.

One point on which I disagreed with other panelists (and others who fondly recall when we had 3,000+ DSL providers in the early 90′s) was about whether network neutrality was merely about the lack of competition for broadband access. The history of common carriage, analyzed in detail by academic scholars Andrew Odlyzko and Susan Crawford, reveals that vertically integrated industries (i.e, a single company owns the infrastructure carries services on top of it) have tremendous incentives to discriminate, even when competition exists. For the Internet, the implication is that while re-establishing competitive access to fiber (layer one) is necessary, it is not sufficient — society still needs a mechanism (not just policy) to guarantee non-discriminatory access.

It used to be that non-discriminatory access to (what were termed) essential facilities was a universal good of any network intended for public use, not just communication networks: railroads, canals, roads — it goes way back. It was also a fundamental tenet of the 1996 Telecommunications Act, which although entertaining the notion that layer one (fiber, conduit, “tubes”, “facilities”) might not always be a natural monopoly, at least temporarily required non-discriminatory access to facilities, while facilities-based competition was (ostensibly expected) to develop. And indeed, for while in the early 90s we had (not facilities-based) competition.

But the 1996 Telecom Act was so poorly written that its only reliable ramification was wealth transfers to lawyers and lobbyists, as industry and government spent several years suing each other over its interpretation, and industry lobbyists spent many millions of dollars convincing receptive courts and the FCC to remove these obligations to provide non-discriminatory access. Although considered by many to be an inflection point, the Brand-X decision was more of an evolutionary step in the long trajectory away from open access to such essential facilities in the United States.

In essence, the [Federal Communications] Commission has shifted from the notion that non-discriminatory access to general-purpose communications networks is always necessary because of their public-ness and the spillover effects they create (non-discrimination presumption) to the idea that non-discriminatory requirements are only necessary where firms have monopoly power (discrimination presumption). It is on this “monopoly” rationale, and on the basis of its belief that the market for high-speed Internet access is competitive, that the Commission has gradually lifted non-discrimination obligations from providers of high-speed Internet access.
— Susan Crawford, Transporting Communications, 2009

So the FCC, and the surrounding regulatory apparatus, came to believe that non-discriminatory access was no longer a universal requirement, but only an issue in need of oversight in situations lacking competition. But it was exactly the non-discriminatory access requirement that enabled the competition in broadband access in the first place (and also enabled the Internet), and when the non-discriminatory access requirement went away, so did the competition. Unfortunately for consumers, for the rest of the decade the FCC also continued to embrace the belief that we had competition. Although they have recently recognized the need for a reality check on both of these beliefs, they have not yet outwardly admitted that they are simply not true. Instead their strategy seems to be to back themselves into a corner while struggling to operationalize this fundamentally broken network neutrality meme.

As in the financial (and many other IT-related sectors, which is most sectors by now) it is not too hard to convince congressmen that technology is moving so fast that the government could not possibly understand enough to design, implement and execute enlightened regulation of it. Ironically, the underlying network and routing protocols under the hood of the Internet have not fundamentally changed in decades.

My three concluding recommendations related to network neutrality were not original, and both also apply to persistently unsolvable cybersecurity problems, since what network neutrality and cybersecurity have most in common is the lack of available empirical data on operational networks driving policy discourse. First, as S&T Division Director Doug Maughan has long and tirelessly argued, we must educate the lawyers. (Former FCC chairman Michael Powell has also suggested restructuring the FCC to have a much smaller fraction of them..)

Second, as fellow panelist Rob Frieden has long argued, the FCC should require more meaningful disclosure related to network management practices, performance characteristics, and terms and conditions of their broadband services. The gaping and unavoidable loophole of the FCC’s proposed network neutrality framework is that differential treatment of traffic based on content must only be allowed for “reasonable network management”, which includes anything related to security, a blithely moving and necessarily subjective target.

But it is precisely because the government is in no position to define and enforce “reasonable network management”, that the endgame must be that carriers do not have financial interest in the content of what they’re carrying — the same conditions that made the Internet possible. So my third recommendation is also a prediction — we must replace this broken unit of policy discourse with a more demonstrably productive one. The network neutrality meme is in the process of costing us another decade of empirically grounded debate, and it will ultimately fail to accomplish its own objective: non-discriminatory access to the infrastructure. The real solution, as history repeatedly has taught us with other critical infrastructures, is to structure (architect, regulate) the industry to financially separate the pipe owner from the providers delivering services over it. Pipe owners must not be able to monetize the semantics of the bits by design As the other panelists and other realists would assure you, structural separation is unlikey to happen in this country in the foreseeable future. Even non-discriminatory (“open”) access requirements will be hard to recover, despite the fact that in all countries with much higher penetration or much higher bandwidth to the home, such open access requirements exist. The structural separation meme has not yet really begun to spread, but history suggests it is merely a matter of time.

[I posted the following on CircleID today:]

As is well known to most CircleID readers — but importantly, not to most other Internet users — in March 2011, ICANN knowingly and purposefully embraced an unprecedented policy that will encourage filtering, blocking, and/or redirecting entire virtual neighborhoods, i.e., “top-level domains” (TLDs). Specifically, ICANN approved the creation of the “.XXX” suffix, intended for pornography websites. Although the owner of the new .XXX TLD deems a designated virtual enclave for morally controversial material to be socially beneficial for the Internet, this claim obfuscates the dangers such a policy creates under the hood.

Read the rest of this entry »

In response to the U.S. National Telecommunications and Information Administration’s recent Further Notice of Inquiry on the Internet Assigned Names and Numbers Authority (IANA) Functions [Docket No. 110207099-1319-0], I submitted the following comment:

Read the rest of this entry »

My third FCC Technical Advisory Council meeting (3-hr. video archive here) was the most exciting yet. The TAC’s Critical Legacy Transition working group, studying the legacy public switched telephone network, recommended that the Council advise the FCC to set a concrete date to sunset (shut down) the Public Switched Telephone Network (PSTN). (!) The working group recommended the year 2018 as a starting point for lively discussion.

Read the rest of this entry »

Although the outcome is not good news, it is gratifying to see the predictions of a model of the Internet ecosystem being validated by the real world. Specifically, the recent spate of ISP consolidations is precisely what our network formation model predicts. First, Level3 acquired Global Crossing in a deal valued at $3B. A few months later, Centurylink (QWEST) acquired Savvis for $2.5B. Our model predicts that this consolidation will continue unless ailing tier-1 providers find a new source of revenue to compensate for their losses on IP transit.

Read the rest of this entry »

On June 8 2011 a group of content providers, including Google, Yahoo and Facebook, are going to dual-stack their content, in an event called World IPv6 Day. This trial will enable content providers to gain experience with increased levels of IPv6 traffic and gauge the extent and effect of broken dual-stack end-users. CAIDA is cooperating with RIPE NCC’s measurements on this day, providing a dozen Ark monitors to increase the number of vantage points from which RIPE will actively test a set of dual-stacked websites for levels of IPv6 support: existence of AAAA records; ping/ping6 response; traceroute/traceroute6; and HTTP reachability.

Read the rest of this entry »

The final report for our workshop on Active Internet Measurements (ISMA 2011 AIMS-3) is available for viewing. The abstract:

Read the rest of this entry »

[Executive Summary from our annual report for 2010.]

This annual report covers CAIDA’s activities in 2010, summarizing highlights from our research, infrastructure, data-sharing and outreach activities. Our current research projects span topology, routing, traffic, economics, and policy. Our infrastructure activities support several measurement-based studies of the Internet’s core infrastructure, with focus on the health and integrity of the global Internet’s topology, routing, addressing, and naming systems.

Read the rest of this entry »