Geek of the Week: John Romkey

Carl Malamud: Internet Talk Radio, flame of the Internet.

This is Geek of the Week and we’re talking with John Romkey, who’s a partner in the corporation of ELF Communications. John, welcome to Geek of the Week.

John Romkey: Thank you.

Malamud: You’re famous for the ToasterNet. Could you tell us what ToasterNet is and why we need one.

Romkey: Sure. Well I’m not sure you actually need one. But the Internet Toaster originally started out as sort of a partially practical joke and partially a way of demonstrating some things that you could do with SNMP and computer networks that most people didn’t tend to think about. The idea was that you could actually use SNMP to control things. Most people use SNMP today to monitor things and manage them. And they don’t tend to use it much for configuration or control. But the model of management that SNMP provides is actually pretty general, and you can model all sorts of systems in it and then actually go and control them. You could change the channel on your TV, you could control an amplifier, or you could control a toaster.

So what we did is we took a toaster that Stuart Vance at TGV actually found that’s a remarkable toaster for us. It’s a Sunbeam radiant automatic toaster. The great feature about it is that you don’t have to press any levers to actually make it start toasting. You put the toast in, you put the bread in before it’s toasted, you drop that in, and the toaster actually senses the weight of the bread and lowers it. And it only does this if power’s supplied to it.

So what we did is we took this and then we just switched the AC current going into it and we had that controlled by a PC that was running an SNMP agent. And then if the power was on, then you put in the bread and it would start toasting. You remove the power, and it stops toasting and the toasted bread rises up. So what we did then was we created a small MIB, Management Information Base, for SNMP that actually described the control variables for actually doing the toasting. And you could do things like set the type of thing that you were toasting, and so that was an enumerated variable and you’d get values like white bread, wheat bread—we decided Wonder Bread was in a class of its own, so that was neither white nor wheat. Bagel—

Malamud: Nor bread.

Romkey: Nor bread, actually, yeah. Bagels, frozen hash browns, frozen waffles, things like that. And then you’d set that and then you’d set a doneness level, 1 through 10 how brown you wanted it—and you really didn’t want to set it on 10. And another variable you could set was…and in fact perhaps the most important variable was the one you set to 1 in order to tell it start toasting, or 0 to tell it to stop toasting. And the SNMP agent that you actually had the toaster connected to, all these did were just set a few variables internally and then start a timer. So when you told us to start toasting what it did is made a computation that’d decide how long to toast for for the desired doneness of whatever it is you’re toasting, then it activated the power supply to the toaster. It started toasting then it turned it off after the appropriate number seconds had passed.

One of the really awful things was calibrating it, because you end up having to fill your garage with partially-toasted Eggos and pieces of bread and stuff, trying to fill out this matrix of values to figure out how long you have to toast an Eggo to achieve an 8 doneness on it, you know, and it’s pretty difficult to figure out what an 8 is for an Eggo in the first place.

Malamud: Well this sounds like a potential ACM SIGCOMM paper here.

Romkey: Yeah. Right. Van Jacobson might be able to come up with some optimizations for it, too.

Malamud: That’s right, you could do it based on one piece of bread, he’d have the full doneness range done.

Romkey: Yeah. One of the things we didn’t count on in demoing this at Interop, there are a couple of things we didn’t count on. This was done while I was as Epilogue Technology. And two problems we ran into is— One was a political problem with food services, which is that food services at the show, at the convention center, would get really upset at us because we were bringing food in. And only they were allowed to bring food in. And so we were actually violating Interop’s contract by bringing in frozen waffles or pieces of bread and then sticking them in this toaster.

Malamud: There’s a waffle union?

Romkey: There’s uh…some sort of problem with that. That’s why Interop ends up having to spend $2 a bottle for these little one-ounce bottles of Coke and things like that.

So, Interop actually managed to get permission for us to bring in one slice of bread. And the other problem then that we didn’t anticipate was what happens if you toast one slice of bread over, and over, and over again all day long. Or if you toast one Pop-Tart over, and over, and over again. It’s not too pretty.

Malamud: Not a pretty sight I would imagine.

Romkey: It breaks the matrix pretty badly.

Malamud: Now this wasn’t fully automated the first year, you had actually manually insert the bread into the toaster.

Romkey: Oh yeah. That’s right. You certainly had to. In fact FTP Software did a version of it where I believe they built a robot arm out of Legos which would actually drop the thing that you wanted to toast into the toaster.

Malamud: In fact as I understand it they used a powerful GETNEXT operator as the way of activating that function.

Romkey: Yep. Yep. And in fact— Yeah, in our first toaster, you actually did not get to set the variable. You got the value of the variable and that caused it to toast because it turned out that we only got the code finished a few hours before the show itself.

Part of the reason that SNMP’s not used for control applications a lot of the time has actually been because of authentication and security issues. Supposed to actually do have your Internet toaster in your kitchen, right. You really don’t want random people all over the world to decide, “Oh, I think I’ll have some fun. I’m gonna toast Carl’s bread this morning,” you know. You want to make sure you have some security there so that you can be very clear that only people who are allowed to are going to activate your toaster or play with your stereo or whatever.

Malamud: So will SNMP version 2 bring toasters into the mainstream, then?

Romkey: Well I can’t say that for sure. I think I’d have to check with Jeff Case on that. And I don’t see any standardization of the toaster MIB in the future. The Toaster MIB Working Group just doesn’t—you know, has never gone anywhere. Someday I wanted to publish the toaster MIB as an RFC. I need to sort of resurrect it and get it out there. I think John Postel— I hope he’ll treat that with the appropriate amount of seriousness as it deserves.

Malamud: Now the point you were trying to make is if I can manage a toaster I can manage anything. Did people understand that at a trade show like Interop?

Romkey: No, I don’t think they really got that point across. In fact— [sighs] It’s not too clear to me that the— The toaster had this problem of mostly being a flashy demo, but it didn’t really say anything about the company’s product, you know. And Epilogue with selling a portable SNMP protocol stack, right. And everybody says, “Oh wow, look at this toaster,” right. It’s got really…not very much to do with the actual product. And it also didn’t— I think it really actually didn’t communicate the concept all that well. Because people didn’t actually— There’s nothing to show you that SNMP’s going on there. You know, what you see is somebody presses a key on a keyboard, and this bread submerges into this toaster, you know, and there’s not enough there to actually communicate that there are bits going back and forth and what’s actually going on and what the control process is.

Simon Hackett controls his amplifier with SNMP, and that might be more useful for demonstrating the control utility of SNMP simply because there’s more you can do. You can change the radio dial setting, you can change the volume. There’s a lot more controls you can play with there, and the feedback is much more in real-time. The toaster’s a little too simple there.

Although, one person— I published the toaster MIB once on the SNMP mailing list and I did get back some email from somebody’s thanking me because she said that this actually really clarified what a MIB did, how variables in it were used, because it was something she could relate to much better than the interface table, or the IP routing table or something like that, which is pretty abstract, you know. Here it’s like pressing a button and you cause the toast to go, right. And that was a lot easier to relate to. So it may be useful for classroom environments or teaching situations. I don’t know about that.

Malamud: Is SNMP appropriate for small, arbitrary devices. Is it too much overhead, is it too complex for toasters or modems, or things of that sort?

Romkey: Most toasters don’t actually have a CPU. So, yes. SNMP is really too complicated to run on a tester but just about anything is really too complicated to run on a toaster.

As far as that goes, I think that if your device has got say, any kind of 16-bit processor with maybe 128K of memory available to it, which almost everything that has a CPU in it has available to it these days, then I don’t think SNMP is too large or too complex. It draws a lot of criticism for ASN.1 because ASN.1 is viewed to be pretty large and bulky. But by convention the facilities in ASN.1 that are used in SNMP, you know, if you work at it you can actually do a pretty decent small and efficient implementation of it. SNMP v2 is certainly going to add a lot of overhead to that just because of the of the security features int it, the encryption, and everything—you know, if you throw all that in, there’s a lot more capabilities in it and it’s going to cost you something to get that. But I can’t say that I really will, you know, see the audio industry or the home appliance industry rushing out to use SNMP to man—implement SNMP on all their devices that they build. But I don’t think it’s inappropriate to use it for those sorts of things.

There are actually standards being done by other non—completely non-IETF organizations for home control systems. There are buses, there’s a— Actually Ciarcia’s Circuit Cellar—Steve Ciarcia who used to do articles for Byte, he’s actually designed a system he calls the HCS II and I’ve been looking to get some information on that because I may want to put some of that in my home. I just bought a house in Cambridge and we’re running Ethernet through it and phone wiring in a twisted pair at every room that’s got a phone drop, and I’d actually like to get things like lights controlled from the network system in the house. And probably the appropriate way to deal with that sort of stuff is to say you know, you’ve got whatever protocol’s being spoken by that equipment that’s appropriate to it, it’s the native protocol, whether it’s a protocol spoken by the HCS II or the X.10 controllers that do dimming and you know. Or your burglar alarm system, or that sort of thing. And then have gateways that translate that into SNMP. If you really do want to control that from the Internet. A lot of this it’s really overkill to control from the Internet.

You’re listening to Geek of the Week. Support for this program is provided by O’Reilly & Associates, recognized worldwide for definitive books on the Internet, Unix, the X Windows system, and other technical topics. Additional support for Geek of the Week comes from Sun Microsystems. Sun, the network is the computer.

Don’t touch that mouse, Internet Talk Radio will be right back.

[Ask Dr. SNMP segment omitted]

Malamud: Would you feel safe, have your devices on your home network also connected to the Internet? Do you feel that you’ll have the neighborhood kids just for a lark will play with your lights in rapid succession?

Romkey: I’d love it if the neighborhood kids were sophisticated enough to play with my lights in rapid succession.

Malamud: What about the MIT kids?

Romkey: Yeah, them I’d feel more worried about. Or the German hackers, or you know, whoever people are paranoid about today. I’m not that worried about it. I’m not a big… I think security’s important but I’m not a big security person. I think security and privacy considerations are really important to deal with the global Internet where you want to be able to do things like electronic funds transactions across and things like that, certainly that needs to be very secure.

And certainly I don’t want people to be able to open my front door. Or to be able to activate a video camera in my bedroom or something like that and be able to do that across the Internet. I think that the security mechanisms in SNMP, even version 1, if they’re followed you know, using community strings or whatever, I can set up community strings that nobody’s probably gonna guess. And nobody’s gonna be able to eavesdrop on the packets that’re going back and forth on my network in my house without some pretty sophisticated technology or without gaining access to the grounds. In that case unless the NSA decides they wanna control my toaster I’m really not too worried about it. And especially with SNMP v2 with the parties and the heavy-duty authentication that’s in there, I think I’d feel pretty safe about it and feel that it was pretty secure.

Malamud: And you feel secure with your other protocols, things like electronic mail, you get an adequate level of security out of those, or do you want Privacy-Enhanced Mail.

Romkey: Actually I’m not too happy with the level of security there. I really would like to have Privacy-Enhanced Mail. I think that a lot of people, a lot of users on the Internet, are pretty ignorant of the privacy implications in the net. I suspect a lot of people don’t realize how easy it is to find out the membership of mailing lists, and probably a lot of people who would be pretty freaked out if they knew that others could find out how easily they are on certain mailing list. I don’t like the fact that email travels the net in the clear. I especially don’t like the fact that FTP control connections and telnet connections travel the net in the clear. You know, I’m not really very comfortable in the mail room typing my password to log in to my home system. I’d really… You know, I change my password before I come here and I will change it when I get back. I will not log in as root across that. Anybody who logs in as root on their office systems or home systems from Interop has gotta be crazy, you know. There are people who are monitoring the net there, and it’s intentional. I mean, it’s a good thing to be monitoring the net there. They’re demoing products and things like that. You’ve got to expect that. And I think that the level of security that’s available there is pretty poor right now and it really needs to be dealt with.

One thing that I think that people confuse a lot is authentication and privacy. I’m pretty satisfied with password protection on my Unix account on my machine at home. But I’m not satisfied with the fact that everything that I type goes across the net in the clear. And anybody who’s monitoring the links can see it. I’d be very happy if that data stream were encrypted. And that is one level of privacy there that’s completely unassociated with authentication. And if that were done, and there are mechanisms that are understood today to do that—Diffie-Hellman key exchange could provide that. In Diffie-Hellman key exchange what you do is both sides compute some random numbers and they sent parts of them over the TCP connection, say in this case TCP connection. But they send enough— I cannot profess to understand how this algorithm works, but I understand that it does work. I’ve been told by people I trust extremely—

Malamud: Well than that’s a security feature there.

Romkey: Yeah. One of the problems with security is it all comes down to trust at some point. You’ve gotta trust somebody, and if they lie to you you’re in trouble.

But the way this works is you compute these two sets of numbers and then you send parts of them over the connection. And it turns out that both sides can then construct enough of the numbers to encrypt and decrypt the data stream, but an eavesdropper who can see everything going across the connection does not have enough information to do that. So then without having to do any— The good thing here is you don’t have to do a full key exchange in the clear, you don’t have to have keys prearranged, and you don’t have to rendezvous with some sort of key server.

So now, two processes who don’t know anything about one another can have a secure—or rather, private—TCP connection that cannot be eavesdropped upon. And that’s something that’s a technology that I think is very important and I really wish that was there today.

Malamud: Well do you think the RSA-based technology is what we should be using in the Internet, then? That’s certainly the basis for Privacy-enhanced Mail.

Romkey: Right. I think that there are there a lot of issues involved in that. I mean it’s not just technical, unfortunately. There are political issues, there are issues with export controls. RSA actually isn’t covered by patent in Europe. But however were not allowed to export it without specific export licenses from various government agencies. That’s fairly ridiculous because you can actually pick it up for free, code that implements it, anywhere off the net. It’s difficult— I think the IETF for instance would be in a very difficult position if it had to go and say, “You know, we want to standardize on this encryption algorithm, but you’re gonna have to license it from this company and pay them a fee.” That’s a horrible position to be in. And it may be a position that we end up having to be in. There’s a lot of people who feel that software patents are invalid. However, that’s not upheld in courts of law yet. Maybe someday that will become an issue.

PGP for instance is a package called Pretty Good Privacy. It implements RSA encryption algorithms. RSA says that this violates their patent. A lot of other people say it doesn’t or that the patent is invalid because it’s a patent on an algorithm and not an implementation. This is a really messy issue. The latest versions of PGP have actually been distributed from overseas and come into the US because technically it’s illegal to distribute them from the US to the outside world. There’ve been implementations of DES, which have done likewise. They’ve been distributed around the world and they’ve come into the US.

Well, this is sort of code is all available for anonymous FTP all over the world and inside the US as it is. Anybody who thinks that they can control it by just putting export restrictions on it is being foolish because it’s—you know, it’s a genie that’s already out of the bottle. You can buy an issue of Scientific American that describes the algorithms. Just do a little bit of coding and— It may take you a while to verify that you actually coded it correctly, but…you’ve got it, and all export controls there are going to do— This is my export control flame. All export controls are going to do is prevent people who want to obey the law from using this technology to protect themselves. And anybody who doesn’t care about the law already is going to use the technology whether or not it’s legal. And that’s not gonna protect anybody.

Malamud: Pretty Good Privacy is simpler than the Privacy-Enhanced Mail, and as a result can be implemented on braindead operating systems like DOS. Do you think that the IETF in the Internet Architecture Board has been trying to have too much security and as a result we haven’t had very much at all?

Romkey: I’m not sure. I haven’t been involved with the security working groups in the IETF. I don’t understand— I mean I— I don’t understand, they’ve been working on these issues for years. Kerberos for instance, from MIT, has existed for years now, and I don’t understand why the IETF haven’t got some solutions to security and privacy problems that are standardized now—even if they’re just interim things. You know, I realize that it’s very difficult to come up with an architecture that’s going to last for quite a few years, going through unknown technology changes that’re going to happen, you know. Who knows what’s going to come out when silicon—next year—that’s going to completely stand the world on its head and we’re going to say, “Oh, we never anticipated that. I guess we’re gonna just have to throw this out and start over.” And also that’s going to be able to deal with an Internet that’s growing so rapidly that every time somebody guesses how fast it’s growing, next month they find out they were wrong, you know. I realize it’s very difficult to come up with architectures and standards that can work in that sort of environment. It’s like you don’t get the chance to do research, you’re developing in a production environment and you’re months behind at the moment you start in the way the Internet is working today. But I don’t understand why we don’t have some sort of interim mechanisms for doing this. And if the IETF can’t come up with something at least to provide us with privacy, with better privacy on the systems, then I think you’ll see a lot more people doing things. And PGP’s an ad hoc effort. It’s people out on the net who are not involved with the IETF, who aren’t involved with any standard organizations, who certainly aren’t involved with RSA. Because RSA’s very unhappy with them since they feel their patent’s been violated—

Malamud: They’re explicitly uninvolved. [laughs]

Romkey: Yeah. Right. And unlikely to ever be involved, in a good way anyway. And they’re very concerned about this, you know. And they’ve gone out and they’ve done things like PGP, and they’ve made them available to the world. And a lot of people are using PGP. And a lot of people are using Privacy-Enhanced Mail, and I guess there’s PEM and there’s RIPEM. I have not gone and actually used PEM or RIPEM. I’ve played with PGP a few times, and…

It is rather nice in that there are people who run it on Macintoshes, on PCs, on Unix. It’s been written to be fairly portable. That’s pretty important to design something like that from the start such that it works on multi-user— On a variety of platforms, rather, not multi-user systems per se but on a variety of platforms, that’s pretty important.

Figuring out how to plug something like that into your mail system can be pretty much—it can be a pretty substantial pain because there are so many different mail systems out there, and so many different mail user interfaces, so many different mailers. That’s kind of a problem.

Another problem involved in that I think is public perception. I’m kinda worried about what the non-computer hacker—and I use hacker in the good sense, not the cracker sense there. What the non-computer hacker population of the US thinks about cryptography. And I’m afraid that… I’m kind of afraid that we’re in a situation where what they hear is things like child molesters writing about the crimes they’ve committed and then encrypting them so that the FBI cannot break that and can’t get access to it, about criminals encrypting data that they’re using, encrypting records of various criminal transactions. And I’m afraid that what the public hears about is this sort of stuff and not all the ways that it’s important that the privacy technology can help them. I’m afraid they only hear about the bad side of privacy technology.

You’re listening to Geek of the Week. Support for this program is provided by Sun Microsystems. Sun Microsystems, Open Systems for Open Minds. Additional support for Geek of the Week comes from O’Reilly & Associates, publishers of books that help people get more out of computers.

This is Internet Talk Radio. You may copy these files and change the encoding format, but may not alter the content or resell the programs. You can send us mail to mail@radio.com.

Internet Talk Radio, same-day service in a nanosecond world.

Malamud: Well there’s a proposal by certain FBI officials that if we adopt certain methods of cryptography that we should also register the methods that would be used to break them so that if they have a valid warrant, they’re able to find the information. What do you think of that?

Romkey: That one left me on the floor for a long time after I heard that one. That has gotta be one of the scariest proposals that I’ve heard in a long time. Because… Okay, there are lots of different ways that people view the government. You know, some people are just scared of the government. They want the government out of their lives as much as possible. They basically think government is evil. There’s some people who think government is wonderful. They want the government to protect them. That’s fine. Both of those are valid viewpoints. There’s a whole spectrum of viewpoints in between there.

But I think the thing you’ve gotta understand—and I’m trying to not take any position on whether government’s good or bad and how the government should be involved here. I think the thing you have to understand is that the government is not a monolithic entity. That the government, even if you believe the government is a saint and will never do anything to hurt you, the government can be broken, you know. We had Richard Nixon, you know. There are abuses of power. There are people who may take government office, there are people who may have jobs in the government, who can use access to information there, and use that in criminal ways. And it’s impossible to protect against that entirely. I think that any kind of of suggestion that things like private keys be registered or backdoors be built into privacy technology completely defeats the utility of privacy technology. That’s dangerous and I think that’s an extremely bad idea.

Malamud: Well what about the argument that by not registering those backdoors you’re gonna let a murderer go free.

Romkey: Why is the murderer gonna register it anyway? Oh, that’s the backdoor. Okay. Sorry. If this were a private key, why would the murderer register his private key anyway, you know? If I were gonna do that— It’s like you keep two sets of books, right. You keep the book to show the IRS and you keep the books that keep you aware of what’s really going on. You never show that second set of books to the IRS. You’d never show your private key to the IRS. It’s too late for the backdoors anyway, you know.

As far as backdoors go, to the best of the world’s knowledge PGP has no backdoors. There are other encryption algorithms—implementations of encryption algorithms that have no backdoors. Those exist today. Those aren’t goin’ away. You can get a CD-ROM with those on them. Go to any of a very large number of bulletin board systems or anonymous FTP archives, pick it up from there. So even if the federal government required today that all encryption programs have backdoors in them and that the government was required to be told those backdoors or ways of breaking the algorithms, first of all the existing technology would not go away, and that would continue to be used and be available. So you’re defeated there.

Second of all there will always be some kind of underground or black market for software where—you know, you can buy a cable TV descrambler, right. You’ll also be able to buy a backdoor-free version of PGP or some kind of encryption command. Of course, you’re trusting the people who are selling that to you to be telling the truth there.

You know, there’s also some things I’ve heard about where you can send in samples of drugs. You go on the street, buy some illegal drugs, right. So then you go send these to this drug testing center in Florida or something. You write four-number random sequence of digits on the sample that you sent in, right. Then you call then up— Go use a pay phone or something somewhere, you don’t want anybody to know who you are. Call them up and tell them the number and they’ll tell you what was actually in these drugs. Of course the DEA runs many of these centers, right. So you never know who you’re dealing with and there’s this level of trust there.

And maybe PGP does have backdoors in it. I don’t know enough about cryptography to be able to look at that code and be sure. And 99% of the US population knows way less than I know. So when they go buy a package from Apple or from Microsoft, who knows, it may be compromised. I’m not trying to accuse Apple or Microsoft of doing anything there, but it may be compromised. Maybe unintentionally compromised, you know. There may be bugs in it that weaken the encryption algorithm. Maybe the key generator doesn’t quite generate the right key sequences, you know. There are all sorts of potential problems in there.

But I don’t think anything that would require registration of keys or algorithms for breaking software or anything, I don’t think that can really stand a chance of working. All that’s going to do is weaken the utility of privacy technology for people who are actually trying to obey the law. And anybody who’s going to try to use it to break the law, they’ve already got access to ample resources to get around that.

Malamud: You’re listening to Geek of the Week. Support for this program is provided by Sun Microsystems. Sun Microsystems, Open Systems for Open Minds. Additional support for Geek of the Week comes from O’Reilly & Associates, publishers of books that help people get more out of computers.

Don’t touch that mouse, Internet Talk Radio will be right back.

Malamud: This is a special edition of Geek of the Week. We have with us a guest, A Concerned Member of the Internet Community, who is the author of…GUP. What is GUP?

Concerned: GUP is a Generic Ultimate Protocol, intended to solve all foreseeable and unforeseeable problems in near, medium, and long-term future.

Malamud: Well that sounds like a commendable goal. Does it operate at the network layer?

Concerned: Well, GUP decided to get rid of all the net layers, and it can operate at any layer.

Malamud: How can we have one simple protocol that does everything?

Concerned: Well, it’s a result of very careful analysis of existing solutions, and experience in the Internet. And as a result of this work we were able to design a single protocol for all the problems.

Malamud: And what is the format of this protocol? Does it have a header?

Concerned: Well we actually decided a header isn’t needed any longer because each field is encoded as triplets: type, length, and value. And you can have an arbitrary number of these fields, arbitrary length.

Malamud: Well but how do we do a migration into GUP? Is there a version number in the field that tells us which version of GUP we’re working with?

Concerned: Well, certainly version is a wrong idea. It shouldn’t be applied to GUP. And as a matter of fact, experience with the Internet Protocol suite shows us that version numbers should be deprecated as soon as possible. So GUP doesn’t have a version number.

Malamud: I see. I see. So we could put any protocol on top of GUP.

Concerned: That is certainly correct. And as a matter of fact, if you read the document on GUP, it tells you how GUP can be applied to such diverse problems as solving routing and addressing problems in the Internet, and at the other end of the spectrum, solving AI problems.

Malamud: Okay. So how does it solve routing and addressing, then?

Concerned: Well, you just encode any information you like in a GUP and send them as GUP PDUs.

Malamud: And…how do I know what that address is?

Concerned: That it actually between two consenting adults, because GUP operates on a [indistinct] basis. Multicast will be added later on.

Malamud: So multicast is not in GUP yet.

Concerned: But work is in progress.

Malamud: I see. I see. And how do we handle artificial intelligence with GUP?

Concerned: We’re seeing that because GUP is so flexible, it would let us put arbitrary information in a protocol. And you’ll just build GUP translation boxes that will interpret information— Put properly at some key places in the Internet, these boxes would allow it to concatenate dissimilar network layer protocols and build seamless infrastructure.

Malamud: I see. So GUP-to-GUP translating gateways.

Concerned: That is certainly correct.

Malamud: I assume those GUP-to-GUP translating gateways are coded in GUP.

Concerned: Oh, certainly yes.

Malamud: Of course.

Concerned: GUP is the ultimate solution.

Malamud: Nathaniel Borenstein and some colleagues have come up with a new MIME body part for non-sentient lifeforms, which is essentially a way of including a human being in a MIME message. Would GUP be the appropriate way to do this?

Concerned: I would suggest that we should work together and try to unify GUP and the proposal you mentioned into a new unified architecture.

Malamud: GUP is the open systems solution.

Concerned: Truly open.

Malamud: John, you helped found FTP Software, you worked at Epilogue, and you’ve spent much of your career deep in the bowels of the protocol stack, doing a lot of low-level coding. And your new company, ELF Communications is looking at higher-level issues. I know you can’t discuss details of what the products are that you’re developing, but can you give us a bit of a vision of what’s missing in applications on the networks? What you’d like to see.

Romkey: Sure. I think that we’ve— I mean, many of the people in the IETF here have been working on protocol stacks, and routing protocols, and security protocols and all of this for years and years and years. I’ve written way more protocol stack implementations and ever want to—I never want to write another one. I think I’ve learned just about everything I can or want to learn by writing them.

I think that if you look at the people who are using the Internet today, and the people who will be using the Internet as time goes on, that what you’re going to find is they really don’t care what’s going on there, you know. To them it’s like whether their disk uses SCSI interface or an ST interface or something like that, what they care about is the price and reliability characteristics. And more than that, they care what they can do with it. That’s why I think you’re seeing more applications things like Gopher, and WAIS, and the World Wide Web showing up.

Some things that I think are particularly important are that there’s an awful lot of complexity involved in both running an Internet site and using an Internet site. And you know, things like IP addresses and domain names, those’re great for us, you know, for computer geeks. We go and we say, “Oh yeah, 192 dot 48 dot 232 dot 17. Yeah, that’s a Class C address. I know what Class C addresses are about,” right.

Malamud: Not only that, I know who owns it.

Romkey: Yeah, right! Right, and if I don’t I can find out, and I know how to find out. Doctors. don’t. care. And they shouldn’t have to care, you know. I don’t think that they should have to care. To be honest, I’m tired of caring about that, you know. I have a certain capacity in my brain and I’d really actually like to use some of it for things other than remembering how dotted IP addresses work and things like that. I need to know that because of my line of work, and to be honest I do enjoy playing with it and it’s a nice toy, you know, and I have a lot of fun with it. But a lot of the world doesn’t care. And I think that they need, and they deserve, tools to assist them with the dealing with that sort of stuff, hiding that sort of complexity.

And some of this is simply user interface technology. User interfaces to a lot of existing TCP/IP software are horrible. And the reason why I think is because they’re not horrible to the people who wrote them, and they’re not horrible probably to you or to me. That’s because we understand what’s going on at a deep level inside the software, you know. We know how protocol stacks work, we know how routing works, we know how IP addresses work. Now, we realize that you type “ftp elf.com” and it comes back and says “host unknown,” oh, we probably can’t talk to the domain name server. Okay. I remember the IP address, I’ll type that in. We understand what’s going on there. But for other people they shouldn’t have to understand that. And—

Malamud: Is it a matter of just new software? Do we just needed a higher-level interface to FTP, or do we need a better file transfer protocol?

Romkey: I think we need both. You know, there are certainly valid cases today where you still— I don’t think I want to say that you should never have to interact with FTP. I think I do want to say that you shouldn’t have to interact with it as much as you do now. I’d like to see tools out there that would automatically invoke FTP for you. And for instance Gopher will automatically FTP files for you. That’s great. That’s one of the wonderful things. In that case, ftp’s still there. It’s an important protocol, but everything going on with it is going on under the covers and the user doesn’t know that that’s going on there. And I think that’s really important. What the user cares about is getting the file, whether that file was sent via electronic mail, whether it came over FTP, or whether it was accessed via NFS, it doesn’t matter. The user really doesn’t care. There are different properties to those different methods of accessing the file, though, and the user may care about some of those characteristics of it.

I think that if the user does have to deal with FTP that there are certainly ways that we can improve the user interface to ftp. I can’t say that I am one of the world’s people most enamored of say, the Microsoft Windows file manager. You know, it’s there, it’s a file manager, it’s a graphic user interface. Okay, I’ll live with it. Most of the time to be honest I go to a DOS prompt and I type command line instead of using the file manager. However there’s an awful lot of people who are used to the file manager and have a lot easier time dealing with it than they have dealing with a command line interface. And certainly an alternative type of user interface to an FTP client, say for Microsoft Windows, would be to provide something that looks like the file manager, you know. You do an FTP to the system, you get a window that pops up, it looks like the file manager, you can drag and drop just like the file manager, you can use menus just like in file manager, use the toolbar just like that. And I wouldn’t stand up and say that’s the world’s best user interface. I don’t think there is such a thing as best user interface. User interface, it’s like writing a book. You’re talking to a certain audience. You write a user interface for a certain audience, you know. FTP command line user interface in 4.whatever Berkeley Unix, that’s great for a certain audience. It’s awful for a certain other audience. The problem is that there’s much more of that other audience than there is of the audience it’s good for, and we’ve got to start dealing with that.

Part of the reason why we oughta to start dealing with that is just a type of… What the Internet can do for us, and the access to resources that the Internet can provide us I think is so great, you know, and what the world could be like if everybody could use the Internet. And if things like government records data that the government collect, databases, everything could be on there, that is so amazing that it would be criminal—from my point of view of where the Internet could go—be criminal to not try to make it available to everybody.

One of the things I’m kinda worried about there is not only may the technology be unusable to a lot of people simply because of the way the interfaces to it are, but also it may be inaccessible, and I’m pretty worried about that. I don’t want to see— Something I’d really love to see is congressional voting records online. I’d love to find out how my senators voted because I would love to beat them up on it and make sure that they are actually representing me in Congress.

Malamud: You know, they are online. The Cleveland Freenet has the Congressional Memory Project. Not all record are online, but every week they take a dozen bills and they enter in the voting records.

Romkey: Okay.

Malamud: And they’re slowly building that over time.

Romkey: That’s great. I’m glad to hear about that. There’s so many things going on around the Internet today that I can not keep track of them all anymore. I try. I need something—I need a box to read my net news for me. That would help a lot.

Malamud: And that’s basically what your vision is of the type of software that you want to see, is things that’ll help you do that?

Romkey: Yeah. That’s part of it, that’s certainly part of it. Part of it is— There’s a lot of data that’s published that’s pretty much unstructured. Part of the vision is tools to add structure to it that the user uses. Eventually, it’s important that the structure be added by the people who publish the data as well, you know. That’s another aspect of it. And it turns out that data you publish and you put structure on may not be structured in a way that’s useful to me. So I still need tools to put my own structure on it, right. That’s certainly part of it.

More tools to assist me in finding that data, you know, not necessarily even putting structure on it so it’s useful to me. Like voting records. Well, I just want to extract my senator’s name to find out how they voted. I probably really don’t want to read the text of the bill or anything like that. So I want tools to help me to do that. But I also need to just find out that it’s there in the first place. I don’t have to deal with FTP to get it, I want to have a software agent that will go out and get it for me. Things like that. Those are all important aspects of it.

Malamud: You have an unusual electronic mail address, asylum.sf.california.us, yet you live in Boston. Do you have a leased line that goes all the way to California to do your Internet access?

Romkey: That would be pretty horrendous. Yeah, I got a cheap— You know, I got a swamp in Florida I could sell you and I got a leased line that goes from Boston to San Francisco.

Malamud: Well you must work for a telephone company, then. [both laugh] You can call to San Francisco.

Romkey: Yeah. I moved to San Francisco about five— I actually moved to the Bay Area, San Francisco Bay Area about five years ago and was talked into putting my host Asylum into the .us domain at that time. It seemed like a good idea, you know. I lived in Belmont, not in San Francisco, and a bunch of sites in the San Francisco area decided that what they really wanted was ba.ca.us, “ba” for “Bay Area.” But that wouldn’t be granted because that didn’t fit into the .us domain conventions. So that’s okay. We said well, we’ll lie a little bit, we’ll say San Francisco, because I figured I wasn’t going to live in Belmont for the rest of my life, you know. And it turns out I didn’t. But instead of moving to San Matteo, I moved to Reading, Massachusetts, and now I’ve moved to Cambridge.

I kept my domain name, though. And the reason why is that my system of several megabytes of mail a day. I have no idea what mailing lists it’s on, you know, and I don’t really want to have to go out and change that. I don’t want to have to update all the places that have pointers to my system. We have fairly—relatively substantial anonymous FTP archives on the system and some other things like that. Nothing like what UUNET has but you know, we have we a hundred megabytes or so of stuff we give away to the net and don’t want to have to tell everybody the difference. But people make assumptions about it. This is one of the reasons I think that geographic naming in… Geographic information in host names is actually a pretty bad idea because things move around, you know—

Malamud: Well names are not addresses, at least in theory, and I think you’ve proved that.

Romkey: Right. And Dave Clark wrote a wonderful RFC on that years ago and everybody seems to forget about it, you know. He talks about the difference between names, addresses, and routes. And there’s very important differences, and people seem to get confused about that all the time and they just keep making the same mistakes over and over again. In fact part of the reason why I keep the name now it also serves as an existence proof of why it’s bad to do that sort of thing.

I’m involved in a tape tree. This is a thing where somebody goes and gets a bootleg tape, with bands’ permission, off a soundboard at a concert, you know. And this band happens to be Phish from Vermont. And so somebody got a tape with the band’s permission and they’re organizing this tree where they actually have a DAT tape of a show, and then several people send them blank DATs, they make masters of that and then those people have five or six people under them who send them blank tapes, and you do this tree, right. And everybody only has to make five or six copies but hundreds of people can actually get copies of the show. And that’s a pretty cool thing.

Well, they ignored my my US mail address and they assumed I was in California because of my email address, and they organized this based on states to try to minimize the delay for tapes to actually travel in the mail. So, it’s not a big deal but it’s one of the examples of how people will make assumptions based on information they see in a domain name that’s actually out of date or invalid, you know, and it’s something that’s misleading. The number of—

Malamud: Well you know the old saying, don’t judge a domain by its name.

Romkey: [both laughing] Yeah.

Malamud: Well, this has been Geek of the Week. We’ve been talking to John Romkey. Thanks a lot, John.

Romkey: Sure. Thank you.

Malamud: This has been Geek of the Week, brought to you by Sun Microsystems, and by O’Reilly & Associates. To purchase an audio cassette or audio CD of this program, send electronic mail to radio@ora.com.

Internet Talk Radio, the medium is the message.

Open Transcripts

presented by Carl Malamud, John Romkey
in Geek of the Week
on 05/29/1993

Tags

Common Tags

Open Transcripts