A few years ago I got cornered by an enthusiastic academic praising the beauties of his cryptography-based system that would (after replacing the whole Internet) solve all the supposed woes we’re facing with BGP today.
His ideas were technically sound, but probably won’t ever see widespread adoption – it doesn’t matter if you have great ideas if there’s not enough motivation to implementing them (The Myths of Innovation is a mandatory reading if you’re interested in these topics).
Here’s a pretty useful filter you can use when someone tries to tell you he solved a really hard problem:
- Find out all the prior proposed solutions (if the problem is worth solving, someone else probably tried to solve it before);
- Figure out whether the other solutions failed due to technical reasons (in which case there might be hope);
- If the prior solutions were technically feasible but weren’t accepted, there might be a business reason for that;
- If the proposed solution sufficiently changes the business model, there might be hope. Otherwise, move on.
Coming back to BGP example:
- We had RPKI for years. Uptake is minimal;
- BGPsec was also developed years ago. Nobody even thinks about using it due to the additional compute overload it would create;
- There are tools to generate prefix lists from public routing databases. A very small percentage of ISPs cares enough about the quality of Internet routing to use them… in many cases due to someone passionate about quality like Job Snijders.
In case you’re wondering what’s wrong with the BGP world, Russ White (among numerous other things one of many ipSpace.net webinar authors and member of ExpertExpress team) nicely explained it in BGP Security: A Gentle Reminder that Networking Is Business. Have fun!