Archive for April, 2009

comments to draft external review of ICANN’s security advisory committee

Wednesday, April 29th, 2009 by kc

ICANN hired JAS to write an independent evaluation of ICANN’s Security and Stability Advisory Committee, which I’ve served on since 2003. JAS published a first draft on 16 February 2009, which I commented on on a few days later. The same week I also spent a couple hours on the phone with the report authors Jeff Schmidt and William Yang, who intend to release a final draft of their SSAC review next week, which will incorporate the feedback received on the first draft. It’s a tough job to evaluate a complex system like SSAC, but it’s good to see ICANN proactively pursuing independent objective evaluations. I’ll post a link to the final report here.

Top ten ($7.2B) broadband stimulus: ideal conditions

Monday, April 13th, 2009 by kc

Last month (23 March) I was on an NTIA panel at the Department of Commerce, to recommend conditions on this broadband stimulus money, aka arm wrestling between companies. Gigi covers it in her blog; today was the deadline to finish my recommendations to DOC and NTIA:


a part of hell breaks loose in the ARIN community

Monday, April 6th, 2009 by kc

[this thread on transfers is too painful to watch. here’s my take.]

Even if turning IP addresses into private property is the best policy decision of those available (which is far from demonstrated, since so little rigorous research of this question has actually occurred), executing such a policy by Board fiat while ARIN itself has no leadership is guaranteed to generate severe dissonance with ARIN’s organizational mission which includes forging public legitimacy entirely from its transparent, open processes.


spoofer: measure your network’s hygiene!

Sunday, April 5th, 2009 by kc

Update: In May 2015, ownership of Spoofer transferred from MIT to CAIDA

We are studying an empirical Internet question central to its security, stability, and sustainability: how many networks allow packets with spoofed (fake) IP addresses to leave their network destined for the global Internet? In collaboration with MIT, we have designed an experiment that enables the most rigorous analysis of the prevalence of IP spoofing thus far, and we need your help running a measurement to support this study.

This week Rob Beverly finally announced to nanog an update to spoofer he’s been working on for a few months. Spoofer is one of the coolest Internet measurement tool we’ve seen in a long time — especially now that he is using Ark nodes as receivers (of spoofed and non-spoofed packets), giving him 20X more path coverage than he could get with a single receiver at MIT.