Reviewer: Chakchai So-in
Date: 9-20-2007
How would you rate this paper, relative to others we have read? top 50%, but not top 25%
How would you rate your knowledge of the topic of this paper? familiar, but not expert
What problem or issue does the paper address? Why is it important?
The main problem issued here is the inevitable Internet fragmentation such as NATs and firewall. How to overcome this problem if there exists some route passing through the private network.
What are the main contributions of the paper and why are they important?
The contribution here is to propose “Blossom”, peer-to-peer overlay network of forwarders carrying TCP traffic that act as intermediaries between nodes that cannot communicate directly. Basically, this mechanism builds a tunnel through the network across fragments to a remote forwarder that can access to the remote resource.
How significant are these contributions relative to previous work?
In my opinion, the main idea of this technique is to find a way to connect to a particular network or host which can not connect through directly by usual routing. I do not think that some other relate work concerns on this issue. Most of them have solved the naming system for next generation of Internet not DNS.
Give detailed comments justifying your view of the paper.
The authors have tried to explain how to use TCP tunneling and introduce naming system. To me, I am not sure if this technique could be implemented or is the good solution unless so many issues have been addressed. I believe there is a reason behind having a strict policy for hiding a resource or have some server behind a firewall. In case there is a way to reach that particular resource in different way, in ISP or administrator perspective, there is something wrong we should not allow that path either. Second, it seems to me much like a trap door. If somebody wants to go to some resource in my network but due to a strict policy, they might use some peer-to-peer application to login to some particular running that application to go into the resource inside which I do not allow. Moreover, in term of routing transit especially for company, from administrator point of view, I would rather block any transit packet. However, if it’s the need to access to that resource legally, still many issues are to be concerned. First, how can we make a clustering for fragmentation area; how many and how big the cluster should be? How to represent the forwarder for each cluster? With the unique address for the resource such as foo.com.78cad3, how are users supposed to know; whether they have to remember all this? Maybe the users themselves have to remember it. Next, if we treat foo.com.78cad3 much like one name in DNS, what is the distribution, routing, updating, propagating policy? In terms of security concern, a kind of Public/ Private key might have to represent the unique key.