It’s also worth noting that the author is affiliated with a company based in Bermuda. So it doesn’t feel like it comes from a legitimate institute. For all i know this was vibe-written by an AI in an afternoon.
In 2014, One Communications Ltd. began a series of strategic mergers and acquisitions in order to position itself competitively in an industry driven by technological change. The Company acquired internet, cellular and cable television companies in both Bermuda and the Cayman Islands. These transactions have transformed One Communications Ltd. into a robust triple-play service provider with the networks and data access infrastructures needed to meet the demands of ever-growing bandwidth consumption. Through its operating subsidiaries, the Company is positioned as the leading full-service telecommunications provider for corporate and residential customers in both Bermuda and Cayman.
The operating subsidiaries of One Communications Ltd. are Logic Communications Ltd. (trading as One Communications), Bermuda Digital Communications Ltd. (trading as One Communications), Cable Co. Ltd., and WestTel Limited in the Cayman Islands (trading as Logic)."
Why not discuss the contents of the draft and why it's awful. The fact that the author works for a telecom provider in a small country does not by itself mean much. Perhaps the proposal has been trialled there
Need more facts (cf. speculation)
https://bernews.com/2016/11/video-two-into-one-equals-new-un...
$0.02 is that it's Palantir, maybe Meta. OAuth on every packet kills anonymity forever.
As the top tax rates fell, from 90% in 1950 to under 40% now - the use of tax shelters increased. So unless your “comes a time” is referencing pre 1915 USA, this isn’t a valid justification.
If inflation is the issue, keep your money in a different currency.
I just don’t see actions from the very rich (the ones using tax shelters) that back up your justifications.
I think it’s simply the collapse of any kind of cohesion between the wealthy and the nation in which they live. Or put another way: I’m rich, i shouldn’t have to pay for stuff i don’t use!
They evade taxes for financial reasons, not moral reasons.
"A well-formed RFC starts with a well-formed Internet-Draft."
https://www.rfc-editor.org/pubprocess/
For example, here is the Internet Draft for IPv6 which eventually became RFC 2460
https://www.ietf.org/archive/id/draft-ietf-ipngwg-ipv6-spec-...
Why not discuss the I-D itself. Many drafts are garbage but simply being a draft does not by itself tell us about its likelihood of becoming an RFC or standard
Isn't it 2 weeks late for April Fools'?
But what makes this quote a problem? I mean, it seems a bit excessive, but I don't understand why...
to make a request you need to receive a token
to receive a token you need to make a request
This is pure Catch-22.
and if we're going to use IPv4 / 6 to get set up, why switch to IPv8? we're already talking, and it's working so use certs and tokens over those protocols
Like most AI slop it might sound reasonable at first glance but there's no substance behind it. Usually there's some (deeply flawed) substance but here it's just completely absent.
How is this different from IPv6? We've had 6to4 for ages, the problem is the other direction: how does a IPv4 host initiate a connection to a IPv8 host?
Existing IPv4 applications use the standard BSD socket API with AF_INET and sockaddr_in. The IPv8 compatibility layer intercepts socket calls transparently -- the application has zero IPv8 awareness.
Except many IPv4 applications use the addresses of the source or that they bind to in some form. If it's secretly an IPv8 behind their back that'll break.
If you give up on P2P it just doesn't. All servers have IPv4 and NAT64 (or whatever they call it) handles v6-only clients.
Sure, but then it's not as "plug and play" as they make it out to be. Many multiplayer games rely on P2P these days for example.
The whole thing isn't a joke because of this. Technically, it's IPv4++ and that about it.
> Every manageable element in an IPv8 network is authorised via OAuth2 JWT tokens
What ?!
I'm not sure it's the path I want to follow.
There's also at least three ipv9s, only one of which was a joke https://en.wikipedia.org/wiki/List_of_IP_version_numbers
"IPv4 is a proper subset of IPv8. No existing device, application, or network requires modification. 100% backward compatible."
This cannot be true. Section 5.1 states that IPv8 uses version number 8 in the IP header Version field and the header is 8 octets longer than IPv4's. Any existing IPv4 router, switch ASIC, NIC, host stack, or firewall that sees a Version=8 packet will fail to parse it (most will drop it). Backward compatibility is logically impossible when the wire format is different.
The spec simultaneously demands sweeping new machinery everywhere: new socket API (AF_INET8), new DNS record type (A8), new ARP (ARP8), new ICMP (ICMPv8), new BGP/OSPF/IS-IS, mandatory certified NIC firmware with hardware rate limits, mandatory Zone Servers, mandatory OAuth2 on switch ports, mandatory persistent TCP/443 to the Zone Server from every end device, and a new IANA version-number assignment. "No modification required" is contradicted on nearly every page.
IP version 8 is already historically assigned (it was PIP, later folded into the IPv6 effort). The draft's IANA request ignores this.
The ASN model conflates identity with location. ASNs are organizational identifiers assigned by RIRs, turning them into the 32-bit routing prefix means an organization cannot change providers, multihome with provider-assigned space, or use PI space the way networks do today. Every organization that wants public IPv8 connectivity must now hold an ASN - roughly a 1000x increase in ASN allocation.
The /16 minimum injectable prefix rule eliminates essentially all of today's BGP traffic engineering and most multihoming patterns.
Cross-AS Cost Factor (CF) requires every AS on Earth to trust the metrics injected by every other AS, including a "economic policy" component. BGP is policy-based precisely because ASes do not trust each other's metrics, this has been understood since the 1990s.
The Zone Server kitchen sink (DNS + DHCP + NTP + OAuth + telemetry + ACL + NAT + WHOIS validation + PVRST root) concentrates a dozen unrelated functions into one box on one hardcoded address (.253/.254). This is an operational and security anti-pattern.
PVRST is mandated. PVRST is a Cisco-proprietary spanning tree variant, mandating a vendor-specific protocol in a Standards-Track draft is a non-starter for IETF.
The companion drafts (WHOIS8, NetLog8, Update8, WiFi8, Zone Server, RINE, routing protocols) are all by the same author, none have working-group review, and the core draft depends on all of them to function.
Having said that... China once proposed their IP version to create a locked-down domestic Internet. You have to wonder about the OAuth requirement in this IPv8 proposal. Maybe someone fleeced a dictator somewhere out of their money by promising to get a new secure Internet protocol standardised for them!
[1] With what prompt!? I like the terse output! Do share...
I must be missing something or misinterpreting that section because if there is no "lateral movement" how do people in an office print a file, access a network drive, connect to the Exchange server? And those are only the most naive scenarios.
Local networks are too dangerous to be trusted.
If its not going through Azure you shouldn’t be allowed to connect to your peer devices.
(/s. if that is needed).
Yes, let's conflate routing and addressing while throwing out decades of IPv6 implementation and design. (/sarcasm)
"1.7. Backward Compatibility and Transition
IPv4 is a proper subset of IPv8:
IPv8 address with r.r.r.r = 0.0.0.0 = IPv4 address Processed by standard IPv4 rules No modification to IPv4 device required No modification to IPv4 application required No modification to IPv4 internal network required
IPv8 does not require dual-stack operation. There is no flag day. 8to4 tunnelling enables IPv8 islands separated by IPv4- only transit networks to communicate immediately. CF naturally incentivises IPv4 transit ASNs to upgrade by measuring higher latency on 8to4 paths -- an automatic economic signal without any mandate."
I didn't make it past page three. Enjoy responsibly.
But more seriously, it gives me a pause when we try to bake more complex, application-centric logic into foundational protocols. The list of assigned IPv4 and TCP option numbers is a graveyard of tech experiments, but at least we had the sense to separate them from the main protocol. Baking JSON web tokens and OAuth into IP seems kinda crazy from that point of view. Is this what we want to commit to for the next 40 years?
I kinda wish that IPv6 just used this ("IPv8") addressing scheme and left everything else the same, though. I think the expectation that IPv6 should entail an architectural rethink for existing networks really slowed us down. Fun fact: at this point, IPv6 is 30 years old, we're still under 50%, and growth is visibly tapering off.
2001:db8::ff00:42:8329
to
128.1.13.184..255.0.0.66.131.41
By doing this, I have changed IPv6 from the strange unwanted alien thing everyone hates, to the new wonder protocol that "just adds more dots" that everyone wants.
I await my FIFA Peace Prize.
If I wanted to memorize the addresses for some reason (maybe I broke DNS or something?), I'd just start numbering devices at 1 and keep going up.
I break my DNS very often, or at least, often enough that it'd become nuisance that I can't instantly recall IP address of every machine in any of my 5 VLANs, AND type it in manually within 3 seconds.
With IPv6, I'd have to drop whatever I'm doing and fix my DNS first.
It'll be even easier because you can use numbers greater than 254 for your local devices, or l33t-style hex addresses, without setting up routed subnets when you exceed your /24 like on IPv4.
By which I mean to insinuate there's a lot of nuance and learned lessons in the current situation that this design seems not to learn from. Even though it did learn some lessons, I don't think this passes 'Chestertons fence'
I'm hoping someone will be brave (or stupid) enough to actually implement this. I have a personal ASN number that I'm willing to participate with :)