Embedded - 291: General Drip and Tinkle
Episode Date: June 13, 2019Karl Auerbach of InterWorking Labs spoke with us about how the internet works. We talked about domain name services (DNS being the primary one), registries and registrars, domain thieves, and the Hi...story of the Internet project. Karl runs his own (non-DNS) domain name service on his site www.cavebear.com. The site also includes notes from his time on the ICANN board (such as this one where they talk about redemption periods).
Transcript
Discussion (0)
Welcome to Embedded. I am Elysia White.
My co-host is Christopher White.
We had a little domain foobar recently,
and I'm using that as an excuse to have a friend on to talk about the Internet
and how we got to where we are.
Carl Auerbach is in studio with us today.
Hey, Carl.
Hello.
Could you tell us about yourself as though, gosh, we met at a dinner party?
Well, I'm an internet techie from literally the beginning. I was at UCLA in 1968, and I worked in the room next to imp number one.
And I got involved in networking fairly early,
about 1972 or thereabouts,
where I did eight years of working on network security
and operating system security
for unmentionable agencies in Fort Meade, Maryland.
So I can't talk much about that.
They've never told us what we can talk about.
I've re-implemented Unix a couple of times,
and I've authored various Internet standards,
such as the infamous NetBIOS over TCP,
which is the CIFS standard that Microsoft uses.
And I've gone on to do something like seven startups in the internet
area, the most successful being a video one, which we sold to Cisco. And my grandfather was a radio
repairman and my father was a TV repairman. So I consider myself kind of an internet repairman.
And when I did a company to build the first internet butt set, which is a portable tool
to get you up and working on the net in about five seconds.
Unfortunately, I put that one out of business by my own mistakes, so I learned a lot from that.
I've also got elected to the ICANN Board of Directors in a public election in North America where we tried to set various rules about the Internet's domain name system.
I've also, I'm a lawyer.
I got pulled over in L.A. one time and decided I better find out what this is all about,
so I decided to go to law school.
That sounds like on a whim.
Well, it was during the thing with Patty Hearst, that's how far back this goes, and somebody
threw a catalog at me and said, go to law school. And I said, okay. So I applied and I went to Loyola in Los Angeles.
And it was great. I never practiced law, but it was the best liberal arts education you can ever
get. I now have a lot better feeling how things work. I can understand Shakespeare. There's a lot
of great benefits from law school that have
nothing to do with law. And I've pursued law since then, kind of as a, not from the point of view of
people conflicting with one another and litigation, but more from what should the law be?
I seem to have specialized in international law and constitutional law when I was in school and followed that since then.
So I'm really interested in the sources of authority.
Where does power come from?
How should we structure governments?
Now, this may seem like something totally off-key with respect to the Internet, but it's really a main topic and it's what you hit.
It's who owns the domain name system? Who owns the Internet, but it's really a main topic and it's what you hit. It's who owns the domain
name system? Who owns the internet as it were? Who sets the rules? And who gives them the power
to do that? And what structures did they use to create that power authority?
And that basically is the show. So, we're done. Let's hit the beach.
That's the outline is the show. So we're done. Let's hit the beach. That's the outline of the show.
Oh, right.
Okay.
Before we get to that, we do this thing called Lightning Round, where we ask you short questions, and we're hoping for short answers.
But I kind of know you, so we'll see if that works.
And Chris, do you want to go first?
Sure.
Favorite RFC?
Well, I would say 1,000, 11, 1002, because I screwed those over.
They're the net bias over TCP, and we use domain name style packets in the thing.
But we totally abused the domain name system notion.
And at one interop show, way, way, way back in the beginning,
Paul Makopetris, who designed the domain name system beginning, he tends to drink a lot.
And he got up on the table.
And this was after I'd been locked in our room for eight hours.
They had to get welders to cut us out.
Paul got up on a table and pointed down at me and thundered, you destroyed the domain name system. So that is kind of my favorite RFC, but not favorite in the way I like it,
but favorite in the kind of like it has a great history for me.
What is your preferred name server?
My preferred name server?
You mean in terms like bind versus something else?
No, like the DNS server that I put in my Etsy network interface file. I usually
use 8888 because that's the one I remember. Oh, those. I've run my own over the years.
Being an old internet guy, I've run my own servers of everything, my own names. In fact,
I've run my own root servers because that's one of the things people don't understand. And I highlighted it in your notes was you actually mentioned a
domain name system. And that's the correct way because most people talk about the domain name
system as if there is only one. There can be lots of them and different people can set them up.
And in fact, that's probably happening now as we're seeing the internet fragment along the lines of China and Russia and probably Google and Facebook
and the US military, things like that. And each of those can have their own different domain name
system and they can overlap in their content. They don't have to. Like for example, way back
before year 2000, there was another, I call them competing routes. And I came, there was a friend
who was operating.web, top level domain.web. And I bought from him cavebearer.web and I've
been running it ever since. Favorite animal? Oh, favorite animal? Oh, a tactile dactyl.
You look kind of surprised at that. I wrote a story about what a tactile dactyl is.
Favorite Dickens book?
Oh, well, I'm reading Barnaby Rudge right now, but I would have to say it's Dombey and Son.
He doesn't even have a son in the book.
It's Florence Dombey, his daughter.
He doesn't like her.
Would you like to complete one project or start a dozen?
Oh, start dozens.
I rarely complete them.
Okay.
I think we can be done with lightning round, having gotten to the short answer part.
My answers are never short.
So now you can have long answers.
Oh, goody.
And this one's kind of, you warned me this is maybe a day-long seminar.
But so many times I have not understood networking and had to go out and learn what I needed to do for an embedded system.
And so I wonder if you can tell me, if I type ping google.com.
That's a different question than pinging Google.
You look very surprised.
All right.
Explain the distinction. Explain the distinction.
Explain the distinction.
Okay.
When you say ping Google,
well, the first thing hits my mind
is are you talking about IPv6 or IPv4?
But let's just assume IPv4.
And they're pretty similar for most of this.
But the first part is,
let's look, not the ping part,
but the Google part.
Did you say Google alone?
Did you say google.com? Did you say google.com
dot? Those are three different expressions. The internet domain name system only works with fully
qualified names. It means the full sequence, you know, like www.iwl.com, fully qualified domain
names. When you type something that is less than a fully qualified domain name,
and the convention is putting a dot at the end means you're fully qualified,
that means your local software has to go through this search process
to figure out, well, what does it mean?
If you type Google alone,
typically there's some search suffixes that your local software has to go through.
Like in our case, Interworking Labs, the software says, well, Google, I'll try pending
IWL.com and then trying to resolve it, or CaveBear.com
and resolving it. And if you have multiple
of these search things, your local
DNS resolver may do this in parallel, but you can see there's a
you're sending out multiple queries to your local DNS resolver may do this in parallel, but you can see there's a cache.
You're sending out multiple queries to your local resolvers who may be trying to find these things in caches.
If they can't find it in caches, they will have to go to yet further out in the domain
name system and make inquiries.
So at the very beginning, if there's no caches, and you say google.nothing, your local software
will probably say, well, Google.
In my case, it would be Google.iwo.com.
It'll send out a query to its local resolver.
The resolver will say, first thing it will say is, I don't know what com is.
So it'll send a query to a pre-configured set of root servers, which is how you can pick different root systems.
Typically, you all use the same one.
So your local software will send off to a root server saying,
query, it says, I've got this name, google.iwl.com.
And the root server will say, I don't know, but I know what com is.
And it'll send you back an answer saying, here's where the servers for com are.
You will then go through a series of queries.
You'll try google.iwl.com, or then it'll try google.com.
And since your local server already knows what com is, because it's got this information
about where com is, it'll send a query off to the servers for.com.
And you'll say, hey, I need to know where www.google.com is or google.com.
And they'll come back saying, well, we don't answer that ourselves.
We're not authoritative for that.
But we know the servers for google.com.
And it'll send you back a list of the name servers.
Your resolver will then go off list of the name servers your resolver
will then go off to the google name servers and say hey i need to know what google.com means
and you can specify in the query whether you want an a record which is ipv4 for a record which is
ipv6 or any or c name record which is an alias, or a text record or an MX record or all kinds of things.
In fact, in one of my domain name zones, I've got the text of the Magna Carta.
You can store all kinds of stuff out in the domain.
In fact, we've found people tunneling music through domain name queries.
Yes, I've seen experiments where people actually route traffic through domain.
Because it's one of the things people routinely open up polls for. So you can see just by uttering ping Google, you've triggered a cascade of DNS queries, which may be spanning the world to resolve that simple question.
And that's just to get, who is Google?
You haven't even done the ping part yet.
No, I have essentially gone from a name to an address.
And that's all I've so far.
If you're lucky.
If I'm lucky.
Yeah.
You may have got a CNAME, which is because there's a lot of aliases.
Like, we typically set up, we have master names for our hosts, which are the actual things that are bound to the A and AAA records.
But we have a lot of stuff, aliias is like www.iwol.com.
It's actually what's called a CNAME, which is an alias that points to one of the other names.
That's just a useful tool for managing names.
Is that like we got embeddedfm.com?
No, that's a separate domain.
Oh, okay.
That points to the same place.
Okay.
Yeah, sometimes you want to have one record which contains the actual address
and you just have a lot of other records which alias to it.
But the aliases have to be resolved.
So you can see that the domain name system
can get really, really chatty.
And if you start looking at your traffic on the net,
you'll often find that a lot of your traffic,
a surprising amount of your traffic,
is domain name traffic.
All this just because I was too lazy to type the IPv4.
Ping.google.com dot.
Well, okay.
Oh, and if I put the dot, it wouldn't have to do that.
It would just go.
It would just say, she knows what she's doing.
I am going to send out this query, and if it fails, too bad.
There's also another overlay on this.
DNSSEC, which is
there's been hijacking of DNS servers, either by
stealing routing or by somebody just going out there
and getting control of a domain name temporarily
and changing records to point you in the wrong place.
So DNSSEC is this system of basically digital signatures
whereby you can know that the answer you got is the proper and correct answer.
It doesn't tell you you got it from the right place,
but it does tell you that you got the right answer. But that DNSSEC also triggers
a cascade of DNS queries going up and down from the root servers along with various
crypto calculations. And DNS will also find you geographically preferential results, right?
No, it won't. That is an overlay on top of DNS where the DNS servers may look at
your IP address and do a geo-query.
But that's not part of the protocol
itself. No, it's not.
Okay, so I have
used my local software
to figure out if I can resolve
it. I have used my local
network software to figure out if I can
resolve it. I have ended up
out in the big web.
Don't use the word web when you're talking about ping.
Big internet. Outside my building, I have my little...
In a data center in North Dakota.
It has gone to something outside my building, and it has tried to figure out what the name
I typed was supposed to mean.
Well, you have to be careful about what you mean by it.
Usually you're talking about your local computer you're typing into.
Yeah, but I have already run stuff off of my local computer at this point
because I have asked other people in the big internet to interpret this for me.
I have basically done a search for google.com.
A DNS query is not quite the same as a Google-type search.
Okay. What's the difference?
Well, a Google search is you're looking up attributes.
You're giving Google a series of attributes,
usually words or something like that. And it comes back Google a series of attributes, usually words or something like that,
and it comes back with a list of URLs, which is a higher level kind of address above IP addresses,
and says, here, take a look at these. So Google is an attribute-based search engine.
And that's one of the things I want to make a point about DNS. DNS, domain name system,
people think of it as an authoritative system. Say, I type google.com. I am going to get an address at google.com. And that's probably
triggered by the fact there's a bit in the packet called the authoritative answer bit. It has
nothing to do with being authoritative. It means that this server you're getting the answer from
actually got the data directly rather than by hearsay by listening to some other things.
There's really an authoritative bit?
Yeah, but it doesn't mean authoritative.
It doesn't mean you're going to connect to the right thing.
It means that you got the answer from somebody who didn't hear it by,
a server didn't hear it by hearsay.
Yeah, is there a hearsay bit?
No.
No, that's when you clear the authoritative bit.
Yeah, there's been various bits posed for IP for things like malicious packets or things like that.
This is a malicious packet.
Self-describing.
Yeah.
The April 1st RFCs are always amazing.
But the thing is, in the old days, I grew up in Santa Monica, California.
We had this telephone company, which I can't remember.
It was General Telephone.
And we called it General Drip and Tinkle because it was also the water company.
Sorry.
Yes.
And it was really awful.
You would dial a number and you had roughly a 30% chance that you got somebody else.
Or a flood in your kitchen.
Yeah.
Oh, there's an old series on the radio called Ruby the Galactic Gumshoe.
And there's one episode where she's in a place where it's all IoT stuff.
It's an old series, but it was like the toaster is online, the sink is online.
And all the devices are starting to talk to each other, and they're going crazy.
And the toaster is saying, your toast is burning.
Your toast is burning. And every time the sink would drip, it would say,
drip, drip. It's like Miss A over there would be saying, you know, drip, drip. You know,
it's like Amazon Alexa is going nuts, but hundreds of them. Anyway, I'm moving away.
Getting back to the internet, the thing is about the internet and the hinting is
with general telephone or general drip and tinkle, you would call somebody.
And the first thing you would say is, hi, I'm Carl.
And they'd say, hi, I'm Fred.
And you'd say, well, I wasn't calling Fred.
So you had this kind of protocol between humans of mutual identification and authentication.
You'd hear the voice and
people would generally tell you truthfully that they weren't who you were calling.
We don't have that in the internet. People just blindly type in google.com or whatever it is,
mydoctor.com, connect to it, and they start spewing information without verifying the person
at the other, or thing at the other other end is what they think it is.
That leads to serious problems. Suppose you were saying you get on a website,
webpage and to connect to Wells Fargo and you say transfer a billion dollars to so-and-so and
you didn't ever stop to say, am I really connected to Wells Fargo?
There's a layer in the internet that's missing which is this layer of of a identity challenge
and authentication it should be somewhere above tcp we get a little bit of that through tls
certificates where you work up a chain most of them go up to eff and let's encrypt nowadays
which really doesn't tell you much about who you're talking to but it's better than nothing
but we don't have a really serious
mutual identification system on the internet. Part of that's based on part of which I get to
in the internet governance is the internet grew up in the hippie era. Government was bad,
the establishment. Having what essentially is a worldwide master source of authority
strikes a lot of people as a bad idea because a master
source of identity i mean not authority can say you don't exist or you are somebody else so there's
a lot of things to be feared but it's also a useful thing out of the internet so the dns is
a hinting system it just sort of suggests well if you if you want this, you're looking for Google.com, look over here.
And the presumption is you will carry on some sort of dialogue after the connection is made to validate that you got to the right place.
And so instead of an attribute search like Google, like I go to DuckDuckGo and say, show me cat videos.
When I do a DNS query, it doesn't give me the results.
It just says, go over here.
It gives you an address.
Yeah, it's not like a best effort thing where I'm going to give you stuff that kind of matches.
It's either I have a match or I don't have a match, and here's the one match.
Or several matches.
Generally, DNS queries will give you multiple answers.
And what are the differences between them? Well, for example, if you
actually look at google.com,
you will see you get back,
if you do an any query,
you will generally get back a set of A
records and a set of A
records pointing to
lots of different addresses
because Google wants to spread the load around.
And many of those addresses, I'm going to go off on a different topic here,
are what's called anycast addresses.
Oh, yes, I know all about that.
I remember that now. Yeah, it's one address representing many places.
And it's location sensitive.
You basically get to the closest one.
In fact, when DNS first started, there was a limitation because
of the size of the packets of about 13 name servers for the root servers. That was a really
hard limit because most of those were in the US and other countries were getting understandably
upset about that. Well, various people, such as Paul Vixie, who should get an Internet Hero Award or Internet Angel Award or something,
decided that, well, maybe we should anycast top-level domain servers and root servers so that we can have lots and lots of them.
They'll just have the same addresses, but each address will be backed by many, many servers,
which can be geographically distributed around the world.
So this was a step that was taken despite ICANN, without the knowledge of ICANN,
without the approval of ICANN. And it was probably the best change to DNS that we've made in the last 20 years of expanding the number of servers 10, 20, 100-fold,
and getting rid of this political problem, and also allowing the domain name system to scale.
And Anycast was managed through the routing table, right?
Anycast is, yes, managed through routing. It's a little bit tricky to set up. I've never
personally done it myself. I read people doing it.
Okay. So if I understand, and I'm definitely going to be the person who doesn't get off into networking land.
I have typed my ping Google. It's resolved to go to
pingoogle.com. It goes out to a name server.
Many name servers, probably. Well, that's the thing. It goes out to what I
wrote. My name server is 8.8.8.8.
Which is an anycast address.
Which could go to any number of
DNS servers.
Which in turn will go in the background to other servers.
And eventually it will give me one of these A packets, AA packets, that leads
me to a IP address?
Or it'll give you a no such name or C name and says, here's the alias, go look that up.
So I can have a loop.
Well, the rules say you shouldn't have CNAMES pointing to CNAMES, but people do do that.
And I'm not sure quite how it gets resolved, but we don't see domain name servers spinning forever.
Okay, so now I finally have an IP address.
Yeah, you haven't even done the ping yet.
Right. Okay, so now what happens?
Oh, well, there we're going to get into IPv4 versus IPv6.
Let's stick with 4.
Yeah. Ping is a packet called ICMP, typical ping.
There's lots of different kinds of pings.
The most common ping is something known as ICMP,
which is the Internet Control Message Protocol or something like that,
which is an echo request.
You're sending out a packet that says, hey, echo to me.
And you're supposed to turn around and send back a response. Well, you've crafted this packet.
You send it out to your first hop router.
That router sends it off to its routing tables forward.
Eventually, it wins its way through the internet to the other end. And on the way, it may be subject to various filters, rate limiters,
because ICMP packets are generally considered a lower priority
than traffic that actually generates revenue.
Fortunately, most ICMP packets are small.
Anyway, so it wins its way through the net as subject to rate limiters.
It isn't guaranteed to get there.
The other end may or may not answer it
because it's a nuisance
packet to a lot of machines, and it's kind of a
denial of service thing. A little bit. It's not really
very heavy load.
And I don't
think Windows machines are configured by default
to answer pings anymore.
So the
machine at the other end turns it around, don't think windows machines are configured by default to answer pings anymore so the they the
machine at the other end turns it around says okay i'll send you back an icmp echo reply packet that
packet comes back the other way now there's even a lower level to this too um like when your machine
first sends out this icmp packet to your first hopper router it doesn't know the on an ethernet
whether that be wireless or wired, you don't send
by IP address.
You send by what's called a MAC address, which is a 48-bit address, or becoming 64 eventually.
And so there has to be a transaction called an address resolution protocol, an ARP packet.
So basically it's broadcast, say, I've got this IP address.
I need to know the MAC address that's bound to it
so there's this arp transaction the answer comes back you now have a mac address which you cache
and then you slap that in the beginning of your ip packet and you forward it and you can go to
even further you may have layers of of um layer two switches that are following spanning tree
protocols and things like that that may be packing inside VLANs. And if you had even wireless, there's yet another layer of wrapping going on.
So it really is, as they say in the IETF, turtles standing on turtles,
tending on turtles all the way down.
Yes. Yes, it is.
It always is more complex the closer you look.
But once you've got all these answers, you've got your ARP translation, you've got your DNS translation, that's all wired up.
You don't have to do any searches.
Well, those things last.
For a while.
Yeah, for a while.
Everything gets cached.
Well, yeah.
And people take, bad people take advantage of that.
Yeah.
You may have noticed in your domain name updates that it used to be when you change your domain name, there's a time to live based in DNS records, which is is an attacker goes in sets up dns records does an attack and then five minute
later five minutes later changes those records so that there's no history no lingering footprint
saying where this person came from or what they used for the attack. It used to be that it took like a day or so for the tables to be updated.
When ICANN came along, it kind of mandated that these updates occur every five minutes or thereabouts,
which there's no particular reason why that had to be so.
It was convenient to a lot of people, but it also opened up this new attack vector of fast flexing.
It also meant that caching wasn't nearly as effective.
Shall we go on to our own domain problems?
I have one more comment that I'd like him to explain.
So DNS is sort of loose, as you mentioned.
People can run their own root servers.
Mostly they don't, though.
Mostly they don't, though. Mostly they don't. But there's all kinds of... It's a distributed thing
with no particular authoritative
reality, as you said.
Well, some people
will say there is an authoritative reality
and if you violate it, you may even be criminal.
Sure. BGP
has been much the same way, where
this is the thing that the internet routing table's
based on, where things negotiate how
packets move through the internet and how you get to the places you're supposed to get to based on IP address.
BGP is a lot more mutual.
The operators have a lot more mutual distrust of one another.
That's good.
My question is, the internet seems very, you know, based on trust, or the original plan was based on trust. As you said, there's no central identity mechanism. How does anything work?
How does anything work? work anywhere because you know i've never used one by tolerances it's kind of are are able to
handle dirt and muck and things like that well the internet kind of has that mentality
a lot of people deny it but i was there and worked in this was the internet was designed
as a response to nuclear war. To be survivable.
When we were just doing, working for the unmentionable agencies, we, and I worked for the Joint Chiefs of Staff for a while, we were talking about parts of our network being vapor, literally, quite literally vaporized and having things survive. to be composed of relatively loose fitting pieces that if one of my law professors had this
great saying, which was, if you can't get them on the merry-go-round, you get them on the swings.
That's the way the internet works. If you can't get a packet through one way, you send it a
different way. And you don't depend on any one packet getting through. That's why you have these
protocols that have timeouts and retransmissions.
So that everything just kind of works.
You lose efficiency.
You don't have the speed and predictability of the old telco-based wire from hither and yon networks.
But you have a lot more ability to be robust.
Now, we've lost a lot of that in modern times.
But that was the original style
of the internet, was just hang things together and expect failure. Expect things not to work,
so you'll always have plan B in your protocols. That's why TCP has timeouts. That's why DNS has
timeouts and retries and things like, DNS itself doesn't, but the software that executes it does.
And that's why we have lots of servers in DNS.
If you can't get an answer from one, you try out your next one in your list.
So the internet is kind of a cooperative chaos, but it does work. Now, you have to stay within
certain limits. And one of the problems is a lot of the Internet code has been written in a relatively narrow band of goodness.
And a lot of that code has not been tested against what happens when you get outside this region of relatively benign behavior. is we try to create tools to let you exercise your implementation in zones that are often beyond the norm.
And what happens to your code?
Does it fail catastrophically?
Does it sort of continue to work, which would be good?
People don't know that.
And so a lot of internet code is relatively brittle
there was a company called ftp software some of my friends founded way back in the 80s
and they had a competitor net manage now one of my friends who was founder of ftp software realized
that in i the world of ip we have this thing called fragmentation,
where you can take a big packet and break it into little pieces.
And you have to do that.
Sometimes you get through small hops on the network.
And he looked at it and said,
you know, we don't know how big a buffer to allocate
until we get the last fragment.
Yeah, God.
So maybe I should send,
maybe our code should send the last fragment first.
And then it can optimize and say, ah, I know how big a buffer I can get.
And if it gets something from another source, it'll just have to suffer and deal with the fact that it doesn't know how many reassembly buffers it needs until the last fragment arrives.
Well, the NetManage code, their competitor, turns out had a fatal bug.
If it got the last fragment first, it crashed. It didn't
gracefully stop, it crashed. So you'd put one FTP software machine into a place that had net
managed machines, and pretty much all the net managed machines would die. I did this to Juniper.
I had a bug in my OSPF implementation at Procket, and I got some emails from Juniper saying, hey,
you might want to take a look at this because you're crashing on some emails from Jumper saying, hey, you might
want to take a look at this because you're crashing on it.
I was like, well, maybe you shouldn't crash.
I didn't know you were at Procket.
I knew people who went to Procket.
All right.
Now domains.
Do you want me to explain what happened?
I want to explain what happened with our embedded.fm and why we were off for a couple weeks.
Should I mention the service name?
Should I drag them?
Okay.
So, here's what happened as far as I understand it, because I'm not quite sure about a few things still.
So normally, when a domain name is about to expire, you get an email from your registrar saying,
hey, your thing's up for renewal.
And, you know, it's like seven days, better get on it, renew it.
And that's fine.
And you got that. And I got that.
I had auto renew set up with our credit card. Or maybe I accidentally used a one-time credit card,
but our credit card was expiring anyway, so it might have been that. So I had auto renew set up,
so they were supposed to renew it for me. And they're supposed to do this, I think,
a few days in advance, just in case anything goes wrong.
Just in case.
This did not happen for some reason.
They tried to renew it probably seconds before it expired.
It didn't go through.
And then they sent me no notification whatsoever that it had failed, that the domain had expired.
Nothing.
Did you have your email address set up in your own domain?
No.
Oh.
Good.
That's a common mistake.
No, no, I don't do that.
So, yeah.
So, no, I had other emails from them around that time for other domains I had that were expiring, but not that one.
That's the important one.
So, this normally wouldn't be a giant big deal.
We find out on Monday.
People keep saying, your site's down.
I'm like, ah, Squarespace screwed up again.
And I go check it out, and they're like, no, this is far worse. We find out on Monday, people keep saying, your site's down. I'm like, ah, Squarespace screwed up again.
And I go check it out, and they're like, no, this is far worse.
What's going on?
And so I call Hover, and I say, hey, this expired.
I registered.
I need to renew this.
We somehow missed it.
I know Hover well.
And so they said, oh, yeah, no problem.
So we talked through it, and they said, oh,, oh no, this is a.fm domain.
Yes, a country code.
So the deal with special domains like.fm is... Most top-level domains are country code. At least they were for a long time, country code domains.
If you're.com, there's a grace period of a few days where it expires, no big deal,
you just renew it.
You can thank me for that partially.
Thank you, Carl. And then everything's copacetic. But for.fm, there's no grace period.
Once it's gone, it goes into something called redemption, which is this other ICANN thing where you're supposed to be able to get it back.
Yeah, redemption grace.
Yeah.
You're supposed to be able to get it back forβ
That's not mandated on the country code top-level domains.
But they have it.
They might.
For.fm, they do.
Although, Hover said they didn't. So, didn't so hover said well we don't do this no well they tried to first they said oh we're going to charge you 200 extra
bucks to do this i'm like fine and i thought it was i'd solve the problem live and learn and then
they came back on the phone so oh we don't do resent redemption for dot fm you're gonna have
to wait for this to go back on the market and And I said, how long does that take? Oh, we don't know. And then you can buy it there. And it turns out going back on
the market means the redemption period for.fm, which exists, which is probably 30 plus days,
has to expire. And then it'll go back on the market. And then somebody else can do an auction
for it, which means you'd lose it. You probably will, because there's a lot of people who buy up
recently expired names, because what they do is set up a website and plaster up
AdSense ads. I found a website called Expired Domains, and it gives
you a list of all the expired domains, sorted by how much
traffic they get. And so ours would have been actually quite near the top of
things with the word embedded in them, and somebody would have snapped it up.
So we were kind of despairing,
kept calling Hover and saying,
what about this, what about this?
But we told our listeners and people to stop emailing us.
Well, we recorded a short show that is now gone
that said, we're working on it, please, please,
please don't contact us.
We bought a new domain, embeddedifm.com,
and pointed everything to that and said,
everybody, go here.
Which we knew was not really the best solution.
And we fixed the podcast the best we could.
Things could have worked without it, but it was a major pain.
But then a listener, Matt Harris, slacked me and said,
hey, I saw you were having trouble and I went looking around
and here's the thing on.fm's website,
.fm being the official registrar for the FM.
Federation of Micronesia.
Micronesia, exactly.
And there's a form to fill out to get out of redemption.
I was like, well, that's weird because Hover said they can't do it.
And so, Alicia called the.fm people and said.
No, I emailed them.
You emailed them.
But they were really fast.
And they said, yeah, there's no reason.
They aren't necessarily in Micronesia.
No, they're in San Francisco.
Oh, see, I never knew that.
But they said, we can't do it because we work with people like Hover,
they're registrars, and we can't mess with their business.
I don't remember the terms, but it was like fiduciary duty something.
It was probably contractual obligations.
But they said, there's no reason that Hover can't go into their management console and do this themselves.
Except it says so that they just don't do it.
And so we called Hover and said, so what?
Why won't you do this for us?
Why are you being mean to us?
This is your fault because you didn't notify us in the first place.
Why didn't you try to renew it days ahead of time?
Why did you give me no notification whatsoever when this failed or when it was about to fail?
And so after some yelling.
146 calls to hover later.
That's an exaggeration.
But it was a lot.
It was a lot.
I know who you should have called.
You?
We called you.
No, no, no, no. You called Chris. My Chris.
DNS busters?
No. Well, Hover is a spinoff of 2Couch.
Yeah, yeah.
You know, the world's ultimate collection of Windows software.
That's right. A little bit outdated name, but...
Yeah. And I don't know if the people I know still run Hover, but that's always what was our contact was go to the top.
Well, we had some lawyers queued up too, so.
Yeah, the emails got way less polite as time went on and got to, well, wait a minute.
We never screwed up. Our credit card expired, but that's not a major screw up.
Why don't you have... Yeah, they got...
Although the Hover support people
were super nice.
They just couldn't help us.
They were sorry.
Well, there is
a question, a threshold question, which is
why do domain names expire?
Let's come
back to that.
Put a pin in that. Anyway anyway i don't remember what exactly
happened but i think we we said we talked to dot fm and they said there's no reason you can't do
this and that was the thing that kind of yeah and then at hover we said go to your management
we basically told them to to do exactly what i said well we'll talk to our domain folks like who have i been talking to yeah uh anyway three hundred dollars later they did it and then three days after that
it five days five days took even though it only took yeah micronesia three days it took hover
five days yeah but you still got off cheap yeah no it's fine it's what you did meet mr murphy
and his law yeah yeah and it i mean i think the most expensive part was the stress, not the cash.
Yeah.
And if we actually made money from that and that was our business.
If this was our business.
Oh, my God.
Oh, man.
So it was lucky that we're basically a nonprofit and we're sad that we're all screwed up.
We know somebody who had.sex or sex.com, I mean.
And that was a really high traffic thing.
And it was stolen from him, literally.
I mean, it landed up lawsuits and people, a guy in Mexico and destroyed houses and all kinds of things.
So you were saying, why do domain names expire?
So why do domain names expire? Yes. So why do domain names expire? Well, arbitrary and capricious, which is in law is one of the phrases of condemnation.
It's a damning phrase.
There's no particular reason.
I mean, yeah, you do want things to die after some period of time just for garbage collection. but it was literally something that i can in its early early days simply
pulled out of something beginning with an a and i'll say air
it's completely arbitrary that domains are one year periods for a maximum of 10 years in any
single contract there is no reason for it.
There's no reason why IBM can't buy IBM.com for 100 years.
Yeah, it seems very strange.
I mean, especially if you have a trademark.
Now, I did mention that I set up a thing called.u.ewe as a top-level domain.
It exists only in competing routes, and I designed it to violate as many of ICANN's rules as I could.
The idea is that you should get a digital certificate representing your control of a domain name.
This is in.u, it says nothing to do with ICANN.
And that you use the digital certificate to sign essentially work orders to the registry saying,
do this, do that, and they can charge you for this.
And if you want to transfer it, you transfer the certificate through some sort of repudiation authority.
And the name is issued forever.
And if there's going to be a market in buying and selling it, the market is outside the registry.
It would be a market for buying and selling these certificates.
There's no reason this technically can't happen.
In fact, some people have done it.
They've created a thing called Namecoin.
It's a Bitcoin kind of thing.
No, no, no.
Which represents β one of the great things about Bitcoin technology, it's not a use of money, but it is a one thing.
It can represent β there's only one of them.
And you can represent this thing as a token representing ownership or control of a thing,
whether it be a domain name or a piece of real property or something else. This property of oneness is actually a very useful property of blockchain technology,
completely apart from money.
So what I did with.U, and how I got.U is a long story.
It started out with, remember Windows Me?
Unfortunately.
Yeah.
So my brain, rotted as it is, said, Me.
Well, there's that old phrase, enough about me, let's talk about you.
And that immediately evolved instead of Y-O-U to become, well, E-W-E.
Like sheep.
Yes.
So I had.E-W-E.
That, I said I started writing, this is one of those projects I started, never finished,
and it's a registry to do this kind of bearer bond digital certificate ownership where you get a domain name forever.
As long as the certificate β now, I was going to also β I put in β
I was going to bugger the name server so that if there was no queries
after so many years that it would fall out of disuse,
just expire because of unuse as a means of garbage collection.
But if you actively use the name, you had it forever. And the payment was for services for updating name servers and records like that.
It wasn't for yearly rent.
There's no reason ICANN couldn't have gone down that course
or made it for 100 years at a time or something like that.
But they just arbitrarily decided not to.
So we've mentioned ICANN,
and we've mentioned registries and registrars.
Again, another arbitrary thing.
When we say registrar, we mean something like Hover or GoDaddy
or Namecheap or DreamHost.
There are a million
people who act as
registrars. They're kind of like brokers.
They're like the first level. They're sales agents.
And then there are
registries.
That's where the money is.
Those are the people who own
.fm or
.com
.tv Tuvalu. tuvalu tuvalu yeah um there was a climbing expedition to i know
the people had dot tv and they went out to climb mount tuvalu which uh they did the whole thing
north face you know this and that and mount tuvalu is eight feet above sea level.
Okay.
So there are the registries, and the registries are the things that say who owns which thing. So embedded.fm.
Owns is probably the wrong word.
Points to?
It's a contractual relationship.
They're given the role of managing it.
A lot of people have this notion of owns means some sort of property rights, and they get all confused as what it is.
Just think of it as a contractual relationship.
Rents?
With whom?
So like.fm, the country, the Federated States of Micronesia has some claim on it.
Do they have that with ICANN?
Yeah.
John Postel way back when decided that we should have domain names tied to country codes.
And ICANN took it further and said country codes are sort of a notion attached to the sovereignty of nations so that ICANN didn't have the same control over the country code top-level domains as they had over the things like.com or the newer ones.
I've been associated with a group called Uniregistry out in the Cayman Islands, and they have a couple of hundred of the new tlds for example as and they're all under ican contracts that set rules but the the
country codes are pretty much free to do what they want because they're considered an attribute of
sovereignty there are some interesting questions with respect to country codes like what's the
country with respect to dot su the soviet union it still exists right and um in the european union we have.eu
for the european union but we also have.fr and.uk and so and if the we look at the european
union as a association of a federation of sovereign states well what about the united
states it's an association of under our constitution, the states are sovereign too. Yeah, we should get.ca
back from Canada. We should, even though
I'm Canadian.
I'm kind of conflicted
here. What about things like.toaster?
That's not a country. There's
presumably some registrar that is in charge of
that. I was
one of the people who helped build the first internet toasters.
This does not surprise me.
You said TLD.
And as we say TLD, that's top-level domain.
Like.com.toaster.
It's the last thing in the name.
So I just wanted β okay, so β
Actually, the last thing is that dot at the very end, which stands for the root, A root.
And I own all of those.
Yes.
Actually, nobody seems to know.
You know, ownership kind of arises out of doing something, asserting ownership and doing it well that people accept you over a period of time.
There's this great phrase in the law about something is so old that it runs not contrary to the memory of man or something like that.
And it's sort of a notion of how old does something have to be when it becomes old enough that everybody just accepts it.
Okay, so we have these top-level domains,
and we have the country codes, or some of them,
and we have the.com,.gov,.edu,
which I've always thought were kind of the U.S. ones
because, I don't know, because we're privileged.
I don't know. Well, because.co.uk kind of the U.S. ones because, I don't know, because we're privileged. I don't know.
Well, because.co.uk exists for their stuff.
Yeah.
It all started off with the internet was β the ARPANET was kind of a club.
We used to have this book.
I still have a copy of just all our names and addresses.
That was the first Who Is was just this book.
It was our club roster, as it were.
And we knew each other.
Nobody objected to that sort of thing.
It wasn't considered privacy busting.
And we had this β the government imposed this thing called the appropriate use policy.
And so names β and they used to be of.edu suffixes for things that were kind of educational and.com for commercial because those were outside the AUP and.net for operators and.gov, which was U.S., not governments in general, and.mil for the U.S. military.
These kind of just were kind of natural divisions in the context of an appropriate use policy
saying who are you so how to get how you can use the net so there we started with the original you
know seven dwarfs of a edu and com and things like that most of which are operated by a company
called verisign which is making out like a bandit because iANN is letting them have a couple of billion dollars a year for free out of your pockets.
And it was only later that ICANN got the chutzpah to start adding to that.
It gave away.cat to Catalonia because there was a board member, a really good guy, but he was from Catalonia.
And they said, well, let's let him have it.
I don't know where.dog went.
And later on, ICANN i can and i can made some
money off that original thing but then back a few years ago they went nuts and opened up the doors
to anybody who wanted to apply at 186 000 per application and they got a couple of thousand
applications that's all that's the year i can made $400 million. And I helped put in something like 150 of those applications at 300 pages each.
Okay, so ICANN.
This is some random organization.
Internet Corporation for Signed Names and Numbers.
There you go.
And who started ICANN?
How did they get to be in charge?
Why do we pay them?
John Postel.
Another person who went to Van Nuys High like I did, along with Vince Cerf and Steve Crocker and many other people. Van Nuys High, the home of the internet.
I don't think the high school
realizes that so many people at the beginning of the internet came from there.
Anyway, so John was the keeper of
numbers. Somebody has to keep track of all the magic numbers on the internet.
What are the protocol numbers used?
What are the domain names used?
And John and Joyce Reynolds just did it by themselves.
And they had a really great sense of humor, easy to work with.
We had a friend, Stev Knowles, who got married.
And we contacted Joyce and said, we need a couple of protocol numbers that we want to give as wedding gifts.
And she assigned protocol numbers.
So somewhere out there, there's Telnet option numbers, which are assigned to Stev and Sue Knowles as wedding gifts.
Well, I can't β John up and died at an unfortunate time, which was when the domain name system was β the government was operating this through VeriSign under a cooperative agreement.
And it was costing the government a lot of money because the processing fees were high and they didn't want to be in the business.
It wasn't even clear they had the statutory authority to do this sort of thing.
So John died in the middle of this transition. And various forces in Washington realized, well, there's money to be made in them that are hills.
And formed this thing called the National Telecommunications and Information Administration.
That's quite a mouthful.
I think it's 20 syllables or something like that.
I almost went to work for them in 1978.
The world would have been a different place had I been there.
I would have been the management of protocol numbers,
which are completely non-controversial.
It's just basically like the bakery ticket.
Pull down a number, next one, give it to somebody.
This is like UDP and TCP ports and stuff.
Yeah, or enterprise numbers or product ops numbers or cryptographic numbers
or things like that.
It's basically a
totally administrative sort of thing. And there are some technical questions on very rare occasions,
but the IETF and the RFCs assigns a technical authority to help IANA do this assigning of
numbers. There are IP address space, which nobody ever talks about except those who actually care
about IP addresses. there needs to be some
authority for assigning ip addresses because routing depends that the ip address allocation
has some distant relationship to actual physical topology of the network you kind you when you're
doing bgp as you mentioned you want to advertise large blocks of destinations.
Otherwise, you have so many prefixes you're advertising that you start overloading things.
So, I have Cisco.
We're pretty much sure that the internet would go boom when we reach 200,000 prefixes.
We're well above that number now.
I remember that conversation just about every year.
Oh, we're hitting the limit.
We're all going to die.
Yeah. And it didn't happen.
And now we've got IPv6, which has its own.
So there was this notion of regional address registries, which were generally continental in scope because that's kind of where the lumpiness of the internet allocations were
connectivity although we discovered in 9-11 that africa really was dependent on new york
all their connectivity was a star network off new york so these these things um aaron ripe
aaron being the american registry right being european apnic asian pacific there's lachnick for latin america there's afnic for
africa uh these kind of evolved to hand out ip addresses mostly ipv4 addresses to area to people
which is why if you have ip addresses they you go to these these groups and and ask for addresses
and then there's those of us who have ipv4 addresses direct from John Postel, and we kind of just wave our noses at those people and say, we're completely beyond your control.
That was supposed to be under ICANN.
And it was.
But it's so well run.
These regional registries run very well. They serve the user's needs that they kind of just drifted away from ICANN.
And ICANN doesn't really exert any serious control over them anymore.
Which leaving the domain name part, which is where all of the contention comes from.
Because people fight about names.
They just look at what's in ICANN today.
We have Amazon.
Amazon wants, the company Amazon wants a top-level domain.amazon.
Well.
Really?
Yeah.
Why not?
I know.
Well, if people living in Brazil and Peru kind of think Amazonia, Amazon is theirs.
Oh, yeah. That would be why not.
Well, they kind of forget that there's also Greek stories about Amazon, so why doesn't
people in Greece get it?
Oh my God,.chris.
Everybody I know would be like...
There's too many Chris's.
You'd all be fighting.
Overstock wants.o.
They've been fighting for it a lot.
.o?
Oh, just think of.o.
Don't worry about.o.
This is an important function of ICANN.
.o.
It's a circular symbol.
Well, every language script, well, there's all we know, the problem of conflating O's with zeros. But imagine, is it a Cyrillic circle versus a
Latin language circle versus an Asian Chinese symbol circle?
Carl, don't be offended by this, but I think the internet might have been a bad idea.
And we're blaming you.
No, I'm not.
And Van Nuys High School.
Yes. If you want to go back in time.
I remember running.
Van Nuys High School is where you go.
Before I met my Chris, I remember meeting somebody who said, we really need in Santa
Cruz County, we need to rip up all the highways.
And the only way you should be able to get around is by walking, by boat, or by, she
wrote horses, by horse.
Yeah, because the 17th century was a hell of a lot better.
It was great.
Yeah, you might die of some horrible disease.
Be murdered randomly and dumped by bandits, but that's fine.
Well, I'm reading these stories of, you know, people coming to California during roughly the 1850s area.
And like, William Tecumseh Sherman, the general, he lived in California before,
he was shipwrecked twice in one day
coming to California.
So you got all these Shakespeare's plays
and they begin with a shipwreck or something.
Well, you know, that doesn't happen.
That was just like blowing a tire.
Yeah.
So yeah, the 17th century wasn't so great.
But the 17th century did have 1640-something in it, which was the Treaty of a country
governs the territory within the country. It was the notion of sovereignty based on geographic
extent. That worked pretty well till about 1945 when we had the rise of multinational corporations
that kind of spanned. And that was troublesome. But it wasn't absolutely horrible. But then we had the rise
of the internet. And with the internet, borders? What are borders?
It's a bookstore.
Is it still a bookstore? No, I don't think so.
So we're undergoing a fundamental change in the concept of
governance.
Well, ICANN is Laputa, which is from Jonathan Swift.
It was this island that was in the air.
It floated around above other places.
And when it was upset at somebody, it would just float over whoever it was mad at and drop rocks on them, or it would lower the island and crush them.
Well, ICANN is kind of like Laputa.
It's this body of sovereignty that doesn't have any territory.
But as I told and really ticked off one senator at a hearing once, it's fun to tick off a senator.
This senator was a total jerk. It's fun to take off a senator. This senator was a total jerk.
It's getting easier.
Well, this guy was running for president, and he was the guy who said, you know,
it was the macaque guy, Stevens of Virginia. And he was totally condescending. And he had asked me this question about, Mr. Auerbach, how did you get on the board of directors of ICANN?
And I was getting really angry at him. I said, the same way you did, Senator, I won more votes than my opponent.
And I went on to say, and unlike you, if I can get the agreement of nine others on my board of
directors, we can enact a law of trademark that supersedes and trumps anything you, as a mere United States senator,
could ever enact.
Did he enjoy that?
No.
He was so angry.
Wait a minute.
This is actually really important, not just funny.
We went from...
It sounds like an extra-governmental body.
We're getting to this world where there's these new governmental agencies that exist, but they're not tied to territory.
Yet they have as much authority as the United States government or the government of France or Japan or whatever, just in their own limited scopes. And they're organized without recourse
to the principles we thought of when the U.S. Constitution came. At least we had Madison and
Jefferson and Monahue and Voltaire to look at. But these things are put together basically out
of principles that came from Heinlein's, you know, stranger in a strange land, kind of hopeful hippiedom.
And which gives rise to this, to me, is a profanity of the highest scope, which is governance by stakeholder.
If you look at all ICANN and a lot of other bodies, even our own local city council, they
talk about, well, we'll get the stakeholders together.
Well, why don't you get the citizens together? Isn't democracy the notion that people are the source of authority? Stakeholderism is
the notion that the level of your voice is based on how much stake, usually meaning money, do you
have in the outcome. And somebody has to a priori decide this. So when ICANN was created, it was designed a priori that people with trad rules over domain names, such as the UDRP, which is the dispute policy between domain names, gives preference to trademark holders over people who claim rights to a name, say, because it's their deity, the name of their dog, the name of their family, the name of the school, whatever.
Trademarks trump that.
Intellectual property owners, they're the ones who want this Whois system,
which is essentially publishing ownership of a domain name to anybody, 24 by 7 by 365.
It started out because Whois started because it was our roster of our of our arpanet club but it's now it has hundreds of millions of names in it and if and if you're a parent and you want to get a domain
name for your daughter you have to publish your name and address to the public now most people
aren't isn't going to hurt most people, but there are predators out there.
And we do have this thing called Megan's Law, which you publish the name predators so people
can find out who's living near them. Well, this who is system in a way is kind of Megan's Law
in reverse. You're publishing the names of potentially vulnerable people to the world.
Well, why are we doing that? Because trademark owners want a way of finding out people
to accuse quickly and efficiently. And I know people who are trademark warriors and they're
careful about doing it right. But there are other people who simply send cease and desist letters out to
me because we saw that right here in Santa Cruz with the cat and cloud coffee, where Caterpillar
Heavy Equipment Company sent a cease and desist letter saying, you can't use the name cat.
Apparently it was because apparently Caterpillar Tractor has a clothing line,
surprised me. And so did the store. And I was wondering when Caterpillar Tractor has a clothing line. Surprised me. And so did the store.
And I was wondering when Caterpillar Heavy Equipment was going to go after, you know, Coffee Cat in Scotts Valley.
But there's a lot of this intellectual property interest because it makes it more efficient for them to go after people they think are offending their valued trademarks.
Now, I know that for some domains you can do this who is protection thing where it'll put you beyond a layer of indirection.
That has caused great consternation because that was done without ICANN's approval.
It was done by companies like Hover that said, our customers do want a level of protection.
The rubric for having who is, the reason for it, the technical reason was when something
goes wrong, you'd like to have somebody to contact.
There's also who is for IP addresses.
And that one, nobody objects to that because it's used respectfully.
And if you have an IP address that's emitting something bad, you really do need to contact somebody.
So shut that source down.
But in the domain name system, the idea was to contact somebody.
It doesn't mean you have to have a
direct contact. So the premise of things like these privacy protections from Hover is that the
registrar will offer this additional service. Because remember, registrars are running with
very thin profit margins. So they have to find ancillary services to put on to attract customers.
So they'll offer this service whereby they front end.
So if somebody wants to complain, the complainant contacts the registrar, and the registrar contacts you.
The assumption is that that last step, they'll actually do it, and you will actually read it and respond.
I've had Hover contact me. We use Hover. Contact me and
you'll close the loop. Trademark
people, protectors, really don't like that because it adds
slowness to the system.
The Whois system has been, even before ICANN was started, there was
meetings about just what should we do about this sort of thing.
And I remember a meeting in Washington, D.C.
Tamar Frankel was the chair of it.
And the big issue was privacy. Yeah, it was fine when it was a couple of dozen people running networks at schools
and government places, but who all knew each other. Or companies.
Or companies. You know, you contact your general counsels to contact.
Even we knew all the general counsels. Yeah. But once it got to be
more democratic and anybody could have a website,
it becomes, privacy becomes an issue.
What's the enforcement?
When you register a domain name, how do they tell I didn't put 123 Nightmare on Elm Street?
Bart Simpson.
You can.
There is issues of having accuracy, and the intellectual property interests in ICANN are
up in arms about making
sure things are accurate and they put the burden on the red now credit card transactions are
preferred because that offloads the burden to the banks and when you do have a financial closed loop
you tend to have to have at least some legitimate contact information but i do want to go back to one thing you said, the web. Those of us old internet people think of the internet as distinct and apart from the
World Wide Web. The web is just one of many applications layered on top of the internet.
I know, and I used to think that way too, and now I just use them interchangeably.
Well, the Internet of Things is yet another thing that's being layered on top of the Internet.
Well, it's getting layered on top of the web because you can have HTTP stuff happening that has nothing to do with web browsers.
Yeah, but HTTP is amazingly inefficient.
Oh, yes.
Which is what Google's going after with all these new TCP variants and web HTTP variants.
Which they're doing outside of IT,ETF for the best part, right? One of the big protocols outside of HTTP
is this thing called MQTT.
Yeah.
And it's one of a class of PubSub
publication subscribe protocols
where you send messages
based on, and messages can be big.
As an experiment, I sent the
Linux kernels in an MQTT message.
The
source for the compiled version.
Compiled.
And it's a convenient large file.
It addresses by topics.
It's also kind of a multicast thing
where people subscribe to topics
and the brokers get it from the source to the destination.
Amazon's building its whole IoT infrastructure on that. And it's really kind of cool because I can
take a little IoT device like a, you know, ESP32 or something like that. I can call on AWS services.
I can call on what they call a Lambda function,
which is an anonymous computation,
to do something which is well beyond what I could ever do on this tiny little processor.
And I just do send an MQTT message.
Well, there needs to be a lord of names for these topics.
That's where another ICANN will come from.
RFID tags, they kind of more fit into the domain name paradigm.
But topics don't fit very well into domain name paradigm.
I mentioned attribute-based lookups.
That's also really interesting in the IoT world or even in our personal world.
I care about an ATM.
I don't really care which ATM.
I may say I want a Wells Fargo ATM, but I don't care which one.
I want to care one about close.
I care about attributes.
I don't care about names.
So the DNS is weak in this notion of attribute-based lookups.
DNS is a good system for,
it's really solid for mappings lower down.
But the internet is evolving into these other kinds
of naming systems and lookups.
And the World Wide Web uses a URL-URI structure,
which may in turn to be ultimately
the ultimate address in the internet,
buried under things like Twitter handles
and Facebook names and what have you.
But the net's evolving. It's having these new naming systems. So what we're seeing with ICANN
and domain name wars is going to repeat in other contexts. It may not make the mistake the domain
name system had of having these names being humanly meaningful. We would have been much happier in
the domain name space if we had just simply said every one of these domain name labels is a GUID,
you know, from the point of view of human bike systems.
But that's not how human brains work.
I know. But I have telephone numbers. Telephone numbers still exist, but I don't know what they
are.
Not anymore.
I have a contact list, and I say, you know, call somebody.
And I tell Miss A, call somebody. It's a local context lookup. It's my lookup. So yeah, these
addresses and things still exist, but I don't have to remember them. I have a tool that remembers
them for me. And that lookup is local to you and can be shared with your friends.
And it may be attribute-based.
But it isn't a global lookup.
Yeah.
It may be global in the sense of big companies like Twitter or Facebook.
Yeah, because they may publish their information.
But I don't, you know, the Chinese is equivalent to Facebook and things.
I don't know what their names are,
but there can be separate clusters of these names.
They may all map down to Mac addresses at the bottom and,
but who cares?
Everything does at the bottom.
Everything maps to electrons.
Yes.
Okay.
Changing subjects entirely.
Cause it's a topic I know that is important to you and is ongoing.
Can you tell me about the history of the Internet Project?
Oh, yes.
Well, people have a lot of not understanding where the Internet came from
or all of the paths we did not take
or the ideas which are laying along,
the golden nuggets laying along the road that we never not take, or the ideas which are laying along, the golden nuggets laying along the
road that we'd never managed to capitalize on.
Most of the people are still alive who did this.
They're dying.
We've lost several people we want to interview.
But most of them are still alive.
But there's already been a growth of folklore about the internet.
Like this notion the internet was designed not as a response to nuclear holocaust has been β there's a lot of people who deny that.
I don't know why, but there are.
We decided that β my wife Chris and I decided that we were part of that.
I worked at UCLA right next to imp number one.
I didn't work on the network, but we could hear β they had an AM radio perched on the top of it.
So you could listen to the machines because all the RF leakage.
Back then you didn't have to shield machines very well.
So we decided that we know most of these people. I mean, Vint Cerf worked for me
as a consultant when I was at SDC. TCP was split off from IP, at least it was probably split off
many times in different contexts. But at least once it was done on my blackboard in my office
at SDC. I have a photograph of the blackboard. We were trying to insert encryption between the
datagram, because TCP started off as a monolithic thing at first, and the datagram, the IP layer, got split off later.
And we were trying to insert something that resembled, to a degree, IPsec in the middle between the two.
So all these stories of things happened.
There's the stories of all the little companies that cropped up in the 80s.
My company, Epilogue Technology, FTP Software, Intercon, Beam and Whiteside, TGV here in Santa
Cruz. That was two guys in the VACs. All popped up during that period. There was whatever happened to OSI? And how did we ever overcome the telco notion of
circuit switching as
opposed to packet switching? Because
telcos really resisted packet switching
way back when. Whatever happened
to X and S at Xerox?
It went to NetWare, which that
faded away.
How did these ideas develop?
How did they conflict with one another? How did we ever
get from this world of TCP, how did it ever overcome things like DECnet and all the academic
networks? How did it merge? How did we ever get, how did the National Science Foundation get
involved? So we decided, well, let's talk to all of these people because
we know them so the idea was we know them so they'll talk to us in detail our interest is
not in the technology because technology is other people can cover that our interest was
how do you get ideas how do do the ideas conflict with one another?
What fun did you have along the way? My wife, Chris, and I met because of the Interop Trade Shows.
And the Interop Trade Shows was a big clocking force.
Twice a year or once a year, everybody had to have their products ready as of October something every year to run.
And we got them together and we hooked them together. And everybody had to have their products ready as of October something every year to run.
And we got them together and we hooked them together.
And sometimes they smoked and a lot of times they didn't work, but it was a forcing function.
But along the way, we had a lot of fun.
We also pushed the tech, like we discovered back when FDDI was a thing.
Oh, no, no, no.
An error was discovered in the design.
It was fixed and people were blowing new proms in the hotel rooms to stick in the equipment.
So it was a forcing of mandatory interoperability.
So we wanted to bring this story.
So our thought was nobody has an attention span anymore.
Plus, we have no idea how to do this.
So our goal is to collect a zillion interviews.
Some of them are as long as six hours each.
Like I think we talked to Dave Farber for like six hours, not all of which was recorded.
And a lot of it was we don't know what we were doing. We did it at the Pacific Union Club in Knob Hill.
And we had the windows open.
And we didn't have the microphone sticking right in the face.
So punctuated throughout the interview is ding, ding, ding, ding from the passing cable cars.
So, and we decided, well, we don't know how to tell a story.
We have a background in theater.
And we know that we're going to evolve and get better over time.
So we're going to do it in five-minute episodes, YouTube style.
We have roughly 200 of them planned, probably more.
That's an amazing amount of content, 200 YouTube episodes.
Our first pieces or our trailer, we've only got three things posted.
Our trailer was fun because if you can identify the five or six movies from which we stole content, you can get some brownie points.
I'll give you a hint.
One of them is The Magnetic Monster.
I see.
Only the classics.
Yeah.
We also have Desk Set, a couple of others.
Our second piece was about severe tire damage,
the first internet band.
And we realized at that point,
we knew nothing about making a video.
We had, there's only three surviving members of the band.
We had them really close to a wall with wires behind them,
bad micing, bad color balance lights we did everything wrong but it was fun because um it was an
interesting story about how they got started and were consuming most of the internet bandwidth
that they tried to respect copyright but nobody cared because nobody realized that the net was going to be this issue for music.
Then the third one we posted was just an emergency one.
Phil Karn is really an interesting person on the internet.
He was involved in KA9Q, which is his radio call sign, early implementation of TCP for PC.
I used that on Windows.
He also
was involved in the cryptography wars
during the
Clipper chip era.
He published certain
algorithms as a book
printed in OCR.
And
the government said, you're exporting
arms and all that sort of stuff.
And he said, no, it's a book.
It's covered by First Amendment.
And he went to court, and I think he won.
Plus, recently, however, there was that satellite that was in solar orbit
that got the NASA abandoned.
Oh, yeah.
And it came around again.
And there was an attempt by amateurs to recapture it.
So he wrote the software to do the decoder.
Unfortunately, it ran out of fuel before they could fully capture it.
But we interviewed him about that.
And so we had to do a real quick edit and post it. And we realized, yes, our video skills are still lacking because we have a pole sticking right at the top of his head.
Well, it's the content that's important sometimes. Yeah, the content's important.
We're collecting the videos.
We're going to publish the raw takes, all the raw media, up under either Creative Commons license, not for commercial reuse,
because we do not want hacks like the History Channel or the Smithsonian Channel toβ
You don't have any aliens, so you're safe from the History Channel.
Or we don't have Hitler in it either.
Or Hitler aliens.
Yeah.
But we want to be able to control the commercial reuse, we want people who care about history, Internet history, to do it.
But the raw takes we want available to all.
Some people, like Brewster Kahle, want his stuff in public domain.
He's offered, at least I hope he still remembers, that he would store this, make this material.
Because this is going to be terabytes of stuff when we get done.
Make it all available. We'll do our own edits, which we'll have our own rights to,
but we won't allow anybody else to take the same material, because we figure a hundred years from now, people will probably still care, and they'll have a different perspective
on it. Might be living in the internet by then. One can only hope. Or not.
So we're learning as we go.
We're learning how to interview people.
We're learning how to do video badly.
We've learned that sound is harder than video.
And we've learned that I have absolutely no sense of color balance.
And someday we will all get to see these videos.
Yeah, if I live so long, yeah.
All right, well, I think we should stop there.
But, Carl, before we go, do you have any thoughts you'd like to leave us with?
Well, with respect to the Internet, we ain't finished yet, so nobody should despair and think there's no future ideas.
I think I'll stop there.
Okay.
Our guest has been Carl Auerbach,
CTO of Interworking Labs and winner of the Norbert Wiener Award for Social
and Professional Responsibility.
Thanks to him,
there are,
I can grace redemption periods,
which we are awfully appreciative of.
Thanks, Carl.
This was awesome.
Bye.
Thank you to Christopher for producing and co-hosting.
Thank you to Matt Harris for breaking the rules.
Thank you, Matt.
It was really helpful.
And of course, thank you for listening.
You can always contact us at show at embedded.fm.
Yay, embedded.fm.
Or hit the contact link on embedded.fm. Yay, embedded.fm. Or hit the contact link on embedded.fm.
And there is a new blog post up, so if you are interested in such things. Now, do you want a quote or a joke? A joke. Okay. Early adopter invites an embedded systems engineer over to his
house. And the early adopter is kind of surprised when the embedded systems engineer shows up packing heat.
And so the early adopter says,
so why did you bring a gun?
And the embedded systems engineer says,
the Internet of Things.
Early adopter laughs.
Engineer laughs.
Toaster laughs.
The gun shoots the toaster laughs. Engineer laughs. Toaster laughs. The gun shoots the toaster.
The gun laughs.
Embedded is an independently produced radio show that focuses on the many aspects of engineering.
It is a production of Logical Elegance, an embedded software consulting company in California.
If there are advertisements in the show, we did not put them there and do not receive money from them. At this time, our sponsors are Logical Elegance and listeners like you.