computers poster. I want people to realize computers could be radically different and better if we could just wrest them from the control of people who want to make money with them. I want phones to be extensions of agency, not ad faucets with apps that get worse
concrete steps I advocate: abandon #UNIX, #filesystems, IP, and #web browsers; recognize where OSes need compilers; build #capability -based, distributed-first OS and networks based on public-key addressing (#yggdrasil)
@migratory I feel like I'm largely on the same page, but I'm curious about some of the details of the things you're concerned about. I'm 100% interested in capability systems (#sel4 , #kataos ) and having computers as actual / reliable agents of the user.
I'm not nearly as clear on the objections you have to filesystems or IP (as in IPv4 / IPv6? networks), which seem less clearly related.
If you meant IP in the sense of "Intelectual Property", I'm curious if your objection is to copyright, patents, and/or trademarks, and if those objections are fundamental, or merely to the implementation of those concepts in practice?
@kissake Internet Protocol (4 & 6):
IP is a mess of conflation. networking is really basically just IPC--a process on machine A wants to communicate with a process on machine B. they can identify each other unambiguously based on cryptographic identifiers, and the network should act to route packets securely between them. IP maps this poorly onto "hosts", "IP addresses" (attachment points), and "port numbers", none of which correspond neatly to a process that might serve as an endpoint
@migratory , I think we may be enthusiastically agreeing on a desire to relegate the IP protocol to being a layer over which more interesting / meaningful addressing and communication can be used, rather than necessarily replacing it.
On the other hand, I guess I'm more excited by alternative addressing and communication technology than dismissive of the absolute workhorse that is the global IPv4 and IPv6 network. There are challenges with IP, in particular the implementation on the endpoints as you point out, but the ability to route bucketloads of packets from one side of the Earth to the other is such a fundamental building block that I'd want something absolutely astounding as an alternative (including in proven performance at scale) before wanting to get rid of it.
@kissake routing-layer hierarchical addressing makes sense to minimize fwding table size, but routing details shouldn't be exposed to endpoints in the first place.
the real cost of IP stems from not being capability-based. giving every endpoint ambient authority to connect to every other enables DDoS. a capability-based architecture would admit real private services without firewalls, while allowing a public directory for public ones. IP enables cloudflare's business model by its very structure
@migratory I think I'm going to need to understand more about the proposal before I jump on board the network part of this vision. I'm a fan of capability systems for managing resources I'm responsible for, but networking and communication are designed to cross that type of boundary, and I have concerns (not necessarily objections, to be clear) whenever limits are imposed to communication.
I guess my question is: What does implementation look like?
The thing that I'm most concerned about is exactly the loss of that ability to perform arbitrary communication. Basically, the Great Firewall of China leaks like a sieve because: ACLs, so... great. I don't want to "fix" that. ISPs that spy on and control DNS today to (for example) monetize unregistered domains are likewise going to be incentivized to control public directories accessible by their customers.
Essentially, if someone or some entity is "allowing" public directories, I have serious concerns about that control being in a limited number of hands.
Against that backdrop, some level of DDOS being possible does not hurt my feelings.
@kissake I think you have two separate concerns here: on the one side, concretely, what do implementations look like? the answer I have on this side is less satisfactory, as I can point to systems like RINA and their implementation efforts (see https://en.wikipedia.org/wiki/Recursive_Internetwork_Architecture#Research_projects), but they really need hardware that isn't IP-based to shine, and currently exist mostly in simulation and prototypes
@kissake on the other side, is a capability-oriented system more vulnerable to censorship?
the answer is no. just like your regular ISP (implicitly) provides the ability to access (most) of IP space, an ISP under a capability networking paradigm would provide routing to some set of "public" services. just the same as you would look for a proxy in the sites you can access through the GFW, you could look for a proxy in the services your ISP lets you access in this paradigm.
@kissake I guess one way to talk about this is that under a capability-oriented paradigm, all access is fundamentally by allowlist, but with ambient authority an ISP can equally limit IP access to an allowlist too.
on the flipside, a capability paradigm makes "running a proxy" and "offering access to a tree of services" the same operation, legitimizing proxy operation in a way that the flat IP space doesn't, so censors are less likely to block everything that "looks like a proxy"
@migratory @migratory I think I see what you are saying, and, again, I'm not saying it is impossible. I am saying that it sounds a lot more like a walled garden, where, with a capability underpinning, it is even harder to escape than current walled gardens.
I'm thinking Apple's app store vs. Android play store and FDroid and side-loading.
To put that in other terms, it isn't more vulnerable to censorship, but it might be more vulnerable to (or even require to some extent?) effective censorship.
In any case, I might just not see the pot of gold at the other end of this rainbow. What are the benefits of an IP-less, capability based networking approach that we could look forward to?
You mentioned lack of DDOS which sounds nice enough, but which I'm a little skeptical about and doesn't seem worth a re-architecture on its own. Are there other clear wins that are harder or impossible with our current approach?
@migratory Okay. I think I have a moderately clear picture at this point. I don't have any objection to the idea of cryptographic key based identifiers (with caveats), and I'm curious to see what develops in the direction you are pointing.
Do you see any meaningful next steps, and if so, what might be some examples? I recall you mentioned #yggdrasil , is that, or possibly recursive networking architectures, the target?
I could imagine a capability-style replacement for the "router" that many people have in their homes, that would provide essentially a translation layer. Would that be a positive step in your mind, or is that orthogonal or even the wrong direction?
Also, thanks a lot for engaging in this discussion with me; I appreciate getting to understand these ideas better.
@kissake I think that projects like #yggdrasil are a good start at introducing application developers to what networking APIs should feel like. other neighbors in the space include #cjdns, #net2o, #ipfs, and #dat/#hypercore, to name a few--but I think most of these others are either flawed or biting off more than they can chew, while yggdrasil is modestly scoped and wrings just about all you can out of public-key-based addressing on top of the current infrastructure
@kissake the fundamental wins come from simplification: no NAT, no port forwarding, no port conflicts, no need for cloudflare or reverse-proxy setups to hide from DDoS, no need to buy domain names or static IPs to have a stable address, and simplification/democratization of the role of ISP (since "ISP" and "directly-connected proxy to various services" become the same thing)
and with stable cryptographic identifiers for services, you avoid the extractive/centralized/censorable/flaky cons of DNS