VeriSign's CEO hits back at critics
Published: 17 Oct 2003 12:35 BST
More than unpopular. That's going to be received as a declaration of war.
It's not a declaration of war; it's a declaration of obvious needs for the network to mature; to being the infrastructure it needs to be if we're going to run the economy on it -- and we are. That's why you're seeing 10 billion hits a day on our network, and that's why you're going to see 20 billion two years from now. The global population deserves a commercially resilient and robust network and the supporting services underneath it; because of the way it grew up over the last 20 to 25 years, the Internet has pockets where that is not the case.
There's some thought that that severity of the attack was overblown. That there's a lot of caching and maybe the DNS records are elsewhere -- it's not like the whole Internet is running on these 13 servers, and if they go down -- boom! -- blackout.
That's what I'm saying. The resilience in the architecture is awesome. But if all those roots go down, every one of those cache systems has a TTL (Time To Live) in it. It's going to need data at some point. So the question is what is going to happen when the data's not available?
[Former cybersecurity czar] Richard Clark came to us two days after taking the job following 9/11, and I told him, "There are 13 geographically dispersed datacentres. You really couldn't take it out." And he said, "What if I drove a truck up to each one and blew them up at the same time?" OK, then you'd take them out. So, there's this notion of what's resilient enough and what's your recovery time.
The reason the root server problem was a big one was because they were attacking the underbelly of the addressing system. Yes, we could have lived 24 to 48 hours. You could say that in that time, we can fix anything -- but maybe not. Microsoft was down for four days with a much simpler denial-of-service attack.
You're saying to go commercial with root servers. But there also are lots of different participants in the Internet, with commerce being just one of them.
I'm not suggesting that any one entity own them. Like we did with ISPs (Internet service providers) that went commercial with backbone build-outs, we need to do something similar on the Internet. The roots are one, and you've probably got a similar situation going on with application-level protocols. The point I'm making here is that there's no turning back -- there's no putting the genie back in the bottle.
The infrastructure and the people who specify its evolution need to really understand that it's much broader today than just a group of technical folks who build research products. It scares a lot of enterprises today, if you say the network is going down or you see the attacks going on. You're starting to spend massive amounts of North American salaries on fixing things that should have been identified prior to hitting us.
Previous
Did you find this article useful?
190 out of 427 people found this useful
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
