Discussion Summary for:
"A Layered Naming Architecture for the Internet"
 by Hari Balakrishnan, Karthik Lakshminarayana, Sylvia Ratnasamy,
Scott Shenker, Ion Stoica, Michael Walfish

In this paper, Balakrishnan, et al. argue that there should be three levels of name resolution, as opposed to the one layer DNS system we use now. The three levels of resolution they propose are from (1) user-level descriptors (ULDs) to service identifiers (SIDs); (2) from service identifiers to endpoint identifiers; and (3) from endpoint identifiers (EIDs) to IP addresses. The authors claims the new levels would "allow services and data to be first class Internet objects", "seamlessly accommodate mobility and multi-homing", and "integrate middleboxes into the Internet architecture". In addition to these claims, the authors argue that a flat namespace is a good choice for both SIDs and EIDs, and that this flat namespace can be resolved using distributed hash tables (DHTs).

In the paper, the authors list four design principles they feel are important with regards to the use of names on the Internet. The use these four principles as a basis for their architectural choices. The four principles are:

The majority of the reviews that I read thought the paper was flawed in many ways. The absence of such important aspects like management of SIDs and EIDs, the neglect of security issues, implementation issues (cost, coordination, etc.) left most people with a feeling that the paper was incomplete. Overall, most people rated the paper poorly in their reviews. When suggested by Dr. Gorinsky that we rate this paper based on its value as a proposal of new direction and not as a technical paper most people voted the paper as a mid-range paper (except for Dr. Gorinsky who rated the paper at the bottom third even after defending the paper as a proposal and not a technical paper).

During the discussion, we focused on several topics. One of the more important topics was the issue of security. Adding this new layer of resolution increases potential security flaws, none of which are addressed in the paper. There is the problem of hijacked SIDs and EIDs, potential for DoS attack by rerouting SIDs to new locations, and even trustworthiness of machines on you SID routing list (are they who you think they are). There was also a small discussion on whether or not hackers would be able to use the SIDs to route packets around protective structures like firewalls.

We also discussed the feasibility of implementing the proposed architecture. Things like cost of upgrades and training, and coordination between entities for deployment, all seemed to make a transition to such an architecture highly unlikely. In addition, it was noted that people are comfortable with the way things work now, and it's fairly easy to find any service you want, just "Google" it.

In addition to implementation of such an architecture, management of SIDs and EIDs were a topic of discussion. Who would manage them? Would we trust the people managing them? How would they be delegated?

We also tried to find a clear benefit of the proposed architecture. Disregarding security and management issues, would the upgrade really make anything better? Are web redirects really THAT much of a problem? Are invalid DNS entries really making it hard to find a service or page that may have moved? Just "Google" it!!! I feel the most compelling argument that the authors make for their architecture was support for multi-home systems such as MobileIP. But even MobileIP has a system that works fairly well using a single home that redirects when a device isn't in the home area. And if changes were to be made to better support MobileIP systems, it seems that an architecture with slightly different priorities would produce a better and more reasonable architecture.

James Moscola