Escola de Governança da Internet - Vint Cerf

hi my name is Vince surf I'm Google's Chief internet evangelist but today I'd like to talk to you about the history of the internet its technology how it evolved and how the governance of the internet and its uh various bodies that are responsible for managing its operation all fit together so we're going to turn first to go back in history to 1969 to the days before the internet when the defense Advanced research projects agency funded the development into something called the arpanet it was 1969 and the defense Advanced research projects agency decided it needed to build a network to connect the computers of a half dozen universities around the United States that were doing research on computer science computation artificial intelligence and a variety of other tasks along those lines non-numerical processing so they built this network and activated it in 1969 I was a graduate student at the time at UCLA writing software to connect the computer to the arpanet for purposes not only of exchanging data but also Gathering measurements about the performance of that Network this system was based on a technology called packet switching the basic idea is a little bag of bits with a two address and a from address and the network would take that bag of bits that packet of data and move it from the source to the destination so the network didn't know what applications were running all it knew was It was supposed to deliver data from one place to another it was the computers at the edges of the net that interpreted the contents of the packet this notion was incredibly successful it was demonstrated uh to the general public in 1972 And in the course of preparing for that demonstration the defense department the advanced research projects agency concluded that if it was going to use computers like this in command and control it would need to have computers on board aircraft on board ships at Sea and on ground mobile Vehicles this network was built on the basis of connecting packet switches together using dedicated telephone circuits but you can't do that the ships at sea or uh vehicles on land you know the tanks run over the wires and they break and it just doesn't work so you need radio and satellite communication so in order to prove this idea the advanced research projects agency also sponsored to the development of two more networks one of them was called the packet radio net and it involved mobile vehicles moving around plus radios that were in high areas like on the tops of mountains in the San Francisco Bay area and the other one was called the packet satellite Network which used inat 4A over the Atlantic to connect the western part of Europe to the eastern part of the United States so the idea here was to try to develop networks that would allow devices on any of these networks including some that were mobile to use radios and others like uh um fixed sites at different parts of Europe and the US to connect to a satellite based Network up here in the sky also using radio methods to reach that satellite so in this period of time time during the early 1970s we had to figure out how to interconnect all of these networks together they were all packet switched but they didn't have the same formats they didn't have the same speeds they had variable delay depending on whether you were going up to a satellite or transmitting over radio links the data rates and the errors were error rates were different somehow we had to make this amalgam of packet switch networks look uniform to all the computers that happen to be attached to these different Nets and so my partner in the design of the internet Robert Khan who had come to uh arpa in the late 1970 in late 72 uh joined me at Stanford University where I had moved to join the faculty to work on this so-called internet problem and within about 6 months we figured out how to design a system that would make this work we published a paper in 1974 describing what this would look like and after several years of development work in 1977 we demonstrated how to make all three of these systems connect together using a set of protocols that are now called TCP IP the IP layer the Internet Protocol layer is B basically the um underlying packet switch system for the entire global internet it has packets that have two and from addresses that speak to their Global Sources and destinations and uh content like a little um electronic postcard if you like the TCP layer deals with the fact that the Internet Protocol layer can lose packets can get them out of order uh May in fact duplicate them and so on they they can have a number of uh infirmities associated with this best efforts Internet Protocol layer so the TCP transmission control protocol puts everything back together in the right order retransmits if that's necessary so during this period of time 1977 to about 1983 there was a huge effort to implement the TCP IP protocols for just about every operating system certainly all the ones that were available on the arpan net the packet satellite net and the packet radio net in the computers that were attached so in 1983 that was a very important date January 1 1983 we turned the internet on so the internet has been operating uh since 19 1983 so here it is 2014 you can do the math it's quite a long time this network grew very very rapidly around 1985 or so the National Science Foundation in the United States recognized that this could be a very powerful tool for linking the universities research universities of the United States together so the National Science Foundation developed what it called the NSF net and in order to link think the 3,000 universities around the United States rather than having just one single Network and 3,000 termination points they proposed and uh developed the idea of intermediate level networks so there were a collection of about a dozen of these intermediate level networks that connected to the NSF net backbone and the NSF net backbone connected by way of gateways to each of these various networks so these gateways were the interneting tool that linked all the systems together there were more gateways here and here and then hosts would hang off on the edges where computers and supercomputers and other things would be used so we saw an ensemble of network starting to grow starting around 1985 or 1986 in the same time period other parts of the US government got very interested in the use of this technology to link the research Community together and so there was yet another net called es net for energy Sciences Network that was sponsored by the department of energy and another Network down here which we'll call the NASA science internet which was put together by NASA again to link together the research institutions and Laboratories of NASA and again we had Gateway connections between these networks as you can see by the by the time I I'm get done drawing this it's going to look very complicated ated and we'll have to erase a lot of it or we'll go crazy but the idea here was that these networks could be interconnected in multiple ways so part of the value of packet switching is that you don't have to care exactly how the packets are being routed through the network if there are alternate paths and one of them breaks it's okay you can retransmit send a packet on another alternate path so there is great resilience in this kind of architecture well this is just looking at the early days of of the internet in the United states in the same time frame the mid 1980s we started to see other networks research networks in particular in different parts of the world Europe in particular uh and in Asia later in Latin America and also uh Africa beginning to be part of this Ensemble of networks the network of networks that we call uh the internet interestingly enough uh as time goes on and the number of networks proliferates eventually some of them become unnecessary and in fact the arpanet was in fact shut down in 1990 and all of the computers that had been connected to it uh were connected by alternative means typically going to the NSF net so when the arpanet was shut down we had other connections that uh picked up where the arpanet had left off and then amazingly uh around 1988 uh the US government allowed uh commercial traffic to be carried on the internet backbones particularly the NSF net now you might wonder why is that important well the answer is up until 1988 uh there was no commercial traffic permitted on any of these government sponsored backbones and around that time I began thinking that we wouldn't see the Internet available to the general public if we didn't find some way to allow commercial traffic to be carried on the government backbones to show to the commercial Community to the private sector that there was a business to be had moving packets around in this internet environment so I asked permission from uh the network Federal networking Council of the time made up of US government agencies for p the uh the privilege of connecting something called MCI mail which was a commercial email service developed at MCI curiously around 1983 so I got permission from this Federal networking Council to make a connection between the MCI mail service which had thousands of users and this NSF net backbone primarily for the purpose of demonstrating that this commercial system could be compatible with the electronic mail services of the NSF net or the general internet and they they gave me permission to do that and so in 1989 we got that connection up and running and as soon as that we announced that the MCI mail service could reach all the internet users the other commercial email service providers for example telet well T mail I should say from telet or on time from the U timet organization all said well wait a minute oh there was copy serve here too they all said wait a minute uh these people can't have this privileged position we want to be connected too and the result was that all of these commercial email Services were interconnected to the internet in 1989 now there were several interesting side effects of this outcome the first one is that because each of these here to for separated and non-interoperable Commercial email Services were isolated Islands they all had to meet the standard Protocols of the internet and perhaps at this point I should call this internet to represent all of the various networks that are part of the system uh these uh email Services had to meet the standards of the internet email service and the consequence of this is that mail from Cy serve could go through the internet and land on MCI mail or t mail or on time everyone could communicate with everyone else this sort of shocked the commercial email service providers who thought that they had been isolated with their captured uh uh users now they were all interconnected but the second thing that happened in 1989 was the creation of three commercial internet service providers I'm starting to run out of room to illustrate this but I'm going to erase the packet satellite net for now and show you three more commercial networks in the US one of them was called psinet one of them was called uunet and one of them was called surf net there's a little story that goes with that so they too were connected by gateways to the internet uh two things first of all the term Gateway was adopted by uh Bob Khan and me and my colleagues very early in the origins of the internet back in the 1970s but commercial suppliers of packet switches eventually called them rout and so today you hear routers connecting internets to each other uh we didn't know back in 1973 we were supposed to call these routers so he called them gateways these three U commercial internet service providers took advantage of the fact that commercial traffic was now permitted on the backbone the reason they were created in part is that it was shown to the private sector without having to build their own um national scale uh backbone that there was a a service to be be had and a business to be had providing commercial internet service to users and to businesses around the United States and of course a similar Discovery was being made in other parts of the world that were part of the academic Network and eventually as time goes on all of this becomes commercially available in fact interestingly enough in 1995 the National Science Foundation shut down the nsfnet and said well we ought to be able to use systems called network access points naps to interconnect the remaining networks which had been relying on the NSF net for their connectivity so the Naps turned out to be places where all of these networks could interconnect I'm not going to be able to draw this very clearly but in fact all of these various networks had connections to one or more of these network access points so the idea here although I'm not going to try to complete this this graph entirely is that the network access points performed uh a glue like function linking all these various commercial and non-commercial networks together uh absent that core backbone the NSF net which had been the last major uh core Backbone in the United States that's gone now all of these Commercial Services now are linked together at peering points around the uh world uh either at public peering points where multiple parties meet or in some cases where the traffic is sufficiently high private connections are made between network service providers or internet service providers so here you get a kind of a not very clean picture of the growth of the internet until now hundreds of thousands of networks are part of the internet backbone so now we want to go back to 1969 and start looking at the institutions that have Arisen out of the internet's Evolution so in 19 69 uh the arpanet project is underway and my very good friend Steve Crocker who is a graduate student with me at UCLA is responsible for organizing and managing the development of the host to host protocols that will be used to communicate across the arpanet and so he came up with two ideas one of them was called the network working group which was simply the collection of graduate students and researchers who were responsible for developing host to- host protocols and application protocols above that for the arpanet he also instituted in 1969 a series of documents that he called requests for comments the requests for comments were intended simply to document our conversations to document our speculations to document our aspirations for the development of this system as the uh aranet begins to uh develop further and Bob Khan and I begin to explore the possibility of an Internet with multiple networks interconnecting to each other uh we U began uh developing the protocols I was at Stanford University at the time we used our own uh series of notes so starting about 1973 uh we had something called the internet experiment notes that were the analog of the rfc's these were for the arpanet and these were for the internet but as time went on I wound up at the defense Advanced research projects agency as well with B KH again leading this program from Washington and by about 1979 uh remember we had had the three Network demonstration in 1977 uh we were uh literally in the process of developing all of the implementations of the tcpip protocols for a lot of computers that were in use on the original aret and at this point Bob Khan said to me what happens if you get hit by a bus he said I can't have you know all of this stuff in your head in no place else else no matter how much documentation there was I need to have a group that could be aware of everything that's planned and everything that's been done and so in order to discourage anyone from wanting to be on this group we called it the internet configuration control board to make it as boring as possible but in that group were all of the heads of the research programs that were developing various aspects of the internet and its applications well I departed from DARPA uh in late 1982 and I was replaced by a man named Barry leer who in 1984 uh changed the name of the internet configuration control board and restructured it he called it the internet activities board and it had something like 10 different task forces one of which was the internet engineering task force there were a number of others for architecture other technology development so this I IAB was really the way in which we were keeping track of what the uh research program was doing and around this same U period of time we switched over actually it was a little earlier uh we switched over from the en to the rfc's because at this point internet by by in particular by 1983 became the U primary uh protocol used throughout all the internet including the aranet and so it seemed appropriate to continue documenting the history and standards for all these protocols using this wellestablished system the rfc's um in this uh time frame in the late 70s and early 80s uh a man named John Pell who had been the editor of the RFC series and had been responsible for keeping track of all of the uh addresses that were being used in the aranet became what he called the internet assigned numbers Authority or aana John was a remarkable person he was an editor for the documents of the RFC series he managed the domain names which is something that the domain name system which was also invented in ' 84 he managed the allocation of domain names for the internet and the allocation of Internet Protocol addresses which were the analog of the addresses that were used in the arpanet so John became the internet assigned numbers Authority and he performed that function for over 25 years and you'll see as we get through the rest of this uh Story how this all unfolds so what's important is in 1984 we recognized that uh it the way in which we had figured out how to refer to computers in the both the arpanet and the internet uh in the arpanet world it was essentially just a host name so you would say send this to UCLA and if you were sending email you would say send it to surf at UCLA and so UCLA was the host name and surf in my case was the name of my mailbox so electronic mail was part of the arpanet development uh in 1971 but as we got into this expanding internet environment we realized that sending a list of all of the host names and their matching addresses was not going to be very efficient it could not be possible to keep up with this escalating scale of the net and so Paul marcket petris and John pastell invented something called the domain name system this is a distributed network of servers that know how to map domain names into IP addresses so for example uh if you were to look at www. well I shouldn't use that because the worldwide web didn't happen yet uh so if it was let's say foo. com where fu is a computer on the top level domain uh if you wanted to find out what is the corresponding IP address in the early days we had 13 domain name servers that were connected to the internet so if you'll allow me to refer to this as the internet this one giant Cloud which by the way was the origin of the term cloud computing we always used to draw the networks of the internet as clouds because in a sense we didn't care what their insides look like we just drew them as if all you didn't have to know what was inside all you had to know was you had to connect to it so if you were a computer down here we'll call it a and and you wanted to reach another computer for some purpose sending email or sending a file or doing an interactive service you needed to go to one of 13 domain name servers oh now I've done a bad thing because the domain name servers are labeled AB BC D and so I better make these W and x and this is a a b c d e f g uh and L is that right A B C D E F G H I J K L M there's 13 of them so these are the domain name servers and their job is to take a query from say host W saying how do I get to oh that's how do I get to x.

com and ask this server for example what's the address of x. com and what would come back is the IP address that was needed to set up a TCP connection in order for w to talk to X if it turned out that a wasn't accessible these machines knew what the other 13 addresses were and they keep trying until they found somebody to respond to that so that was the original DNS design very simple 13 servers uh which kept get up uh kept getting updated every single day day with new information about the new hosts that were on this expanding internet so that's 1984 and it's the DNS so now we're going to go a little further into uh into history here um in this period of time um we're beginning to see International activity to cope with the scaling up of the internet so for example in 1989 John pastell uh delegated to an organization called ripe NCC the responsibility for managing the internet addresses of uh the uh of the assigned to computers and networks that were part of the European environment and also the African environment so ripen CC covered a significant part of the world and there were several other developments at this uh in the same time frame um let's see what have I left out sorry I go to look at my notes because I can't read them um oh yes okay so in 1992 uh I was told by the National Science Foundation that they didn't want to continue paying for the cost of what the internet engineering task force they were paying for a Secretariat to operate that they said that they thought this was now such a commercial activity that they need to fund it from Government research money so my partner Bob Khan and I uh who were cnri at the time um created along with the a number of other parties who were part of the internet architecture board something called the internet Society in 1992 and its job basically was to uh support the operation of the internet engineering task for and and the internet architecture board so the internet Society sometimes called ISO became uh the home for this whole activity of Standards making in 1993 another one of the um Network control or network coordination centers was created uh in this case uh it was AP Nick for Asia Pacific and again this is a delegation done by John pastel for purposes of allocating uh Internet Protocol addresses to internet service providers in the Asia Pacific region in 1997 the US government uh entered into the picture and said that they thought that this same process of managing internet addresses should also be privatized and so uh there was created in that year something called the America's registry for internet numbers which included both North and South America and the Caribbean islands in 1998 uh another institution was created ated called I can the internet Corporation for sign names and numbers now let me just give you a brief understanding of why this was created and by whom by this time John pastell who had been involved since 1969 in this whole process of managing both arpanet and Internet domain names and addresses realized that first of all this was getting very big and second that he wasn't going to last forever and so in 96 he began asking the community how should we institutionalize this whole process of Internet assign numbers and and addresses and names so there was an Community discussion about this which soon got out of hand because about this time 1996 or so the do boom started and to go uh back just a little bit um the period in 1989 was when Tim berer Lee first wrote about the worldwide web so this this is the worldwide web um design starts in 1989 in 1993 actually in 1991 um Tim berners Lee released his first version of the worldwide web so this is this is the release and then in 1993 Mark Andre developed with his uh uh partner Eric beina the what was called mosaic now Mosaic was a graphical interface to the worldwide web and it took the Internet by storm because it was the first time anyone had seen images and eventually sound and video be a part of the internet up until that time most of the interactions were just text and numbers and things like that going back and forth on very simple looking screens but Mosaic first brought all this you know colorful imagery and video moving moving images in the like so this this uh sets off a firestorm a company called n Netscape Communications gets created in 1994 and it goes public in 1995 the uh IPO the initial public offering goes straight through the roof and the dot boom is on the way so at this point 96 the dot boom is happening and as John pastell is saying we ought to privatize and institutionalize the a functions everybody has dollar signs in their eyes and there wasn't a whole lot of agreement in the community about how to go about uh privatizing the institution of what was called aana eventually this landed uh in front of President Clinton who handed the problem to a man named IRA magaziner and said go solve this so Ira in the midst of all this clamor issues with a lot of Health uh from the community a green paper which gets commented upon turns into a white paper which says basically how do we take this function and privatize it and a number of people put together a proposal for the internet Corporation for assign names and numbers that organization was founded and began in 1998 and I'm sorry to tell you the two weeks before this organization was founded John pastell died he had a serious heart condition the timing of this could not have been worse he was supposed to be the chief technology officer for Ian but nonetheless uh you know the the ball was was moving and we all had to just pick up and keep going so I can get started in 1998 in 19 99 laik which is the uh Latin American and uh Caribbean area network information center is peeled off from Aaron and is now a separate institution allocating uh internet addresses to the internet service providers in that region and finally uh in 2000 I'm sorry in 19 that's 99 in 2003 the then existing four uh Regional internet registries for internet numbers so that's R and AP Nick and Aaron and black Nick all get together and create the number resource organization to coordinate their work and to create Global policies which ultimately are approved by Ian for use around the world and in 2005 I hope the camera can pick up this far down uh we have afron created which performs the same function in Africa peeling off a lot of of the responsibility that have been taken by ripe NCC so what you're seeing here uh is the evolution of a lot of the institutions that are part of the uh internet governance process now one thing I did not mention to you although we sort of uh drew a little picture before do you remember the picture that showed of the domain name servers a through M well it turns out that uh these are are called root servers because they help you translate domain names like www. google now I can say that.

this is a top level domain there used to be only seven. com. net org.

Mill uh edu and so ongov uh and int um and then there were about 14 more that Ian initiated and then a couple of years ago Ian began to open up the top level domain space now there's 2,000 applications for top level domains. com so this space has gotten much bigger and of course much more complicated there were multiple biders for the same domain names uh and that had to be sorted out either by auction or by agreement among the various conflicting parties but what's important is the technology also changed and so while in the earliest days there had been only 13 of these name servers in fact there are now hundreds of them if not thousands and the way this is done done is to uh use a technology called anycast which basically allows uh any of these domain name servers to appear anywhere in the network we won't go into details about how that works but the idea here is to increase the resilience of that part of the internet's operation so now we have root servers and a root server advisory committee that Serv Services I can this is a multi-stakeholder organ organization so it brings to policy development the technical community uh the uh private sector the Civil Society that's users like you and me and the government to sit down and help develop policy which then I can implements using its responsibilities for aenna now what I think I would like to do now uh is to spend a little bit of time on internet governance so well I going have to erase the board again and we'll start again giving you a sense for what's that issue when we talk about the governance of the internet I'd like to suggest to you that governance is a very broad topic generally speaking it has to do with what you're allowed to do and what you're not allowed to do who tells you that uh why do they get to tell you that and how do they enforce it so that's sort of the broad way of talking about governance I think it's probably best to speak of Internet governance in several different ways so let's start with what we'll call technical governance what does that mean well in this case it's sort of what does the technology lets you do and what does it not let you do and in fact this is terribly important because there are people who want to make rules about the internet who don't know how it works the consequence is they try to make rules that aren't implementable Because the Internet doesn't work that way or can't be um can't be somehow distorted to work that way so the technical governance of the internet has to do with its standards so the internet engineering task force and the internet architecture board that I mentioned earlier are two of the key bodies that are part of the standards making process for the internet but there are other standards which are very important to the internet they support it from below so as an example i e is responsible for ethernet St standards among other things you know know of them is 802. 11 and there are a number of other related radio standards that the ietf is responsible for that support the internet from below there are other organizations that also provide support itut which is the Telecommunications standards making activity of itu uh has done some important work in this same space with ATM and frame relay and underlying uh transmission protocols the same thing could be said for the international standards organization and there are a number of others uh that are part of this technical framework upon which the internet sits and relies upon so that's one kind of technical one kind of of governance another kind of um governance has to do with law enforcement and so let me put that in the second spot here and this is more to do with the things that people people do on the net there are abusive behaviors that show up on the net I'm sorry to tell you that there is are malware this is programs that go in and and steal your identity or uh somehow interfere with the operation of your pro of your uh computer equipment or take it over and use it for some purpose that you hadn't intended a botn net for example launching denial or service attacks among other things so one of the questions is how to cope with uh illegality on the network what about illegal content for example in an international setting this is really hard and the reason it's so hard is that the internet is in fact a transnational uh system uh although I didn't mention it before the addressing structure of the internet is not like the phone system in the phone system you have things called country codes and you dial a country code to go for example from here in the US to uh the UK you would dial a 44 in ahead of the number that you're trying to reach and that tells the telephone system and please go to the UK the addresses of the internet are not that way they're purely topological they just refer to groupings of uh routers that are part of a particular Network and all the network gets networks get numbers so they are non-national the result of that is that the internet doesn't know when it's crossed an international boundary the result is that if there's some legal issue with the behavior of someone on the net a victim could be in one country's jurisdiction and the perpet Traer in another and there aren't any widely adopted internationally adopted rules for law enforcement so at this stage of the game if there is going to be any kind of enforcement of uh bad behavior or constraint on bad behavior it has to be National or somehow Regional or jurisdictional in scope eventually internet governance is going to have to treat the question of cooperation among nations to deal with bad behavior on the network another issue associated with this we can call it abusive practices is one and U can't spell practices here another would be intellectual property theft uh and you can be sure that there are a lot of people who are concerned about movies and music and books and other things who's uh uh that is under copyright and people because these are in digital form can often copy and redistribute illegally without permission and that's a big issue for some part of the uh of the internet environment I I could list a lot of other issues arising I won't try to go through all of them but malware is another sending viruses and worms denial of service attacks is another big issue uh invasion of privacy is another major issue it's it it is both National or domestic and uh and Global in scope in fact all of these issues have both domestic and international characters to them uh what about fraud uh what about identity theft well I could go on but I won't uh you can see that there are a whole lot of of issues in the internet environment where there are Bad actors there aren't all that many Bad actors I mean the bulk of the internet has been used for very constructive purposes but the problem is that there are a few people out there who don't care about other people's rights they don't care about it anyone else's interests they only care about their own and they will abuse the internet in order to uh attain their ends this of course creates another challenge for the technical community which is to figure out how to design and build more secure safer systems how to teach the public safe networking how to use usernames passwords and two-factor authentication in order to protect themselves from some of the bad guys who behave in this way uh there's also uh another element here in this uh enforcement and that's resource allocation and we just spent a considerable amount of time in the earlier segment in this discussion talking about various parts of the system that deal with resour resource allocation so I can and aenna are responsible for the top level management or coordination of both internet addresses and domain names and also the tables of parameters that help the internet protocols work so that we document those things so the protocols will be implemented and operate uh properly uh we have for the case of uh Internet Protocol allocation the regional internet registries which I mentioned and the nro which is The Ensemble of those Regional internet registries together for domain names Ian is responsible for policy development and implementation and it has contracts with a variety of Registries and registers the Registries are the operators of top level domains like net.

com and.