I’d heard about the NSF’s Future Internet Design (FIND) project, but hadn’t really paid attention to it. There was a panel at TPRC, with Dave Clark and other participants. My thoughts here are perhaps in some way derived from what somebody said, but no panel participants should be held responsible for what I write here.

Many interesting issues include what do do about firewalls: redesign to upgrade them or to eliminate the need for them?

How could you eliminate the need for firewalls? Well, they filter by ports, and they need to do that because well-known ports are the way Internet clients traditionally find servers. That’s sort of a historical accident. The MIT CHAOSNet protocols did not have well-known ports. Xerox’s network protocols used random numbers for rendezvous.

But if a firewall can’t filter on ports, haven’t you made it worse? Continue reading →