The Case for Rebuilding The Internet From Scratch

dotnothing writes "I just caught a column on a security site advocating for a total start from scratch as far as certain internet protocols like SMTP. It's an interesting idea and there are some ideas on how to conduct the transition... if everyone would agree on something like this it would definitely reduce the spam (among other things)."

Get real

[Ars-Fartsica]

We can't even roll out IPV6. Even Internet2 has some basis in existing standards.

Just have a new system concurrently

[corsec67]

You could have a new version of SMTP, maybe called SMTP2 that would refuse connections from an SMTP1 server. That would cause most people to change rather quickly, and might even be workable.

Something like IP, otoh, would be best if the new version could coexist with the old version.

Agreement?

[randumb_surfer]

You can't get 3 people to agree on where to eat. How does anyone expect to reach a worldwide agreement on how to redesign something that's become such a huge part of our lives.

The only way we ended up with something as good as we have was due to the fact that it was created by a small group of very intelligent men with much foresight.

With that in mind I suggest we form a task force to look into this matter. That way we can sleep soundly at night knowing nothing will ever actually happen.

Might be good in theory

[yankeessuck]

Seems like every implementation I've seen first hand of "let's rebuild this super humoungous system from scratch" never goes as planned. Inevitably, there are many unforseen problems with the new system. Some of these problems are due to poor planning. Some are not. Some of these problems will be a tremendous pain to fix. Some will be discovered immediately while others will be discovered months or years down the road. In the end, you may wind up with more problems than the old system and you wonder if it was really worth it. Just my $0.02.

Re:This says it all...

[neitzsche]

I agree. There were a couple slim areas in this article - the presumption that SPAMmers would not adapt was distressing.

Reading this article, I recalled that the ones that probably would gain the most financially from an increase in spam would be spam filtering companies.

Also, the idea of individuals having certificates was pretty funny. Good way to increase certificate sales without addressing the underlying SPAM problem at all.

Won't happen

[sfe_software]

SMTP being replace, that's a possibility. But with "trusted authorities" such as Verisign? Never. Those of us already having to deal with Verisign (or Microsoft or whoever) do NOT want something as important as email to be completely in someone else's hands.

SMTP should be replaced by a protocol that requires authentication. That's the biggest probley (open relays) really. Going any further than that will be more of a pain than its worth.

As for everything else (including IPv4), there are too many old clients out there (old meaning unsupported by the vendor). There are enough Windows 95 clients out there, not to mention other systems where upgrades are simply unnecessary otherwise, to where changing the underlying protocol simply won't happen.

Incremental upgrates, sure. We'll probably end up replacing SMTP -- or updating it -- to support, or even require, authentication. In a few years. We may even supplant FTP with SFTP or some other more secure variant.

But to try and simply replace a major, established protocol -- with no backward compatibility -- simply will not happen. There will be enough resistance and reluctance to make it infeasible; then the upgraders will have to begin supporting both "legacy" and new protocols, and we'll be in a bigger mess than before.

So, my opinion is this: we'll slowly, with full backward compatibility, supplant older protocols with updated ones -- perhaps via adding extensions to them (like SMTP Authentication), allowing slow upgraders to catch up as needed. No revolutionary changes will happen, no forced upgrades...