<i>In NDN, all data is signed by data producers and verified by the consumers, and the data name provides essential context for security.</i><p>Centralizing the concept of security in the network's architecture will create an intractable problem. Certain parties will still want to impose their desire to be able to eavesdrop on the data. Therefore, there cannot be any real security in such centralized design for security.<p>The <i>in tempore non suspecto</i> in which it was still possible to roll out security jokes such as SSL, is over now. Nowadays, 95% of the world population (and their governments) will refuse to adopt any centralized security design, because they do not trust it.<p>In my impression, the project is dead on arrival.
One of the earliest attempts to replace the the TCP/IP model (or rather the lower layers of the ISO-OSI model) was the Asynchronous Transfer Mode (ATM). Despite being a well-intentioned idea, it failed to see real world usage because of the complexity.<p>Along the way many developments happened. People learned to live and work with IPv4. Even IPv6 hasn't picked up despite solving some important problems. So when it comes to updating the core networking infrastructure, I don't think TCP/IP is replaceable. It just works <i>very</i> well now -- you can have real time chats, high throughput data lines, has time-tested code libraries, there's vast amounts of knowledge so you can build apps fast and all that.<p>As I understand, what this 'Named Data Networking' technology is proposing is to replace IP addressing scheme with Names. I'm not sure if the whole internet backbone infrastructure would change it's networking strategy now.<p>TCP/IP addressing format is very structured and that's its strength. IMHO that's actually how communication should take place; not with names that can have high-variation in format.
I wonder if it's just my naiveté however it sounds like this is more likely to produce an X400 than an SMTP.<p>The vision seems pretty grand and all encompassing wholesale replacement of the entire networking stack, rather than small and easy to implement iterative approach. It seems that the biggest thing the TCP/IP folks got 'wrong' was the 32 bit address space, and even that small change is taking forever to be deployed.<p>Yes you could certainly improve TCP/IP but is it going to be 10X better?
Maybe it's just my nature to be guarded about grand visions, but does this idea really have a good chance of succeeding? Will it displace TCP/IP given the extent of IP deployment around the world?<p>No doubt there are people here who are network experts who can give a more learned review than I can after quickly reading the overview on the website.<p>I have a lot to learn about the subject...
I believe what they're proposing is largely the same, if not identical, to Content-Centric Networking from Xerox PARC.<p>The central idea is:<p><pre><code> Instead of asking one particular server for some content, just ask for the content by name.
</code></pre>
Since the content may come from any handy server, it is up to the receiver to validate it is really the content he requested. Nothing about this implies the evil "centralized security model" people are going on about. Sure, some bad actor could weasel it in later, but it's not there now.
There's already IEEE_802.1aq which is optimizing routing and allowing multiple parallel routing paths. <a href="https://en.wikipedia.org/wiki/IEEE_802.1aq" rel="nofollow">https://en.wikipedia.org/wiki/IEEE_802.1aq</a><p>Lecture well worth of watching: Frank Fitzek, Aalborg University: Network Coding for Future Communication and Storage Systems <a href="https://www.youtube.com/watch?v=qaJYWrYKVRo" rel="nofollow">https://www.youtube.com/watch?v=qaJYWrYKVRo</a>
Whatever Cisco plans to do, I won't trust it not to have a back door. After all Cisco is the author of the IETF protocol for "lawful intercept" in routers, and if I'm not mistaken they also have a pretty high placed co-chair at IETF.<p><a href="http://www.cisco.com/c/en/us/tech/security-vpn/lawful-intercept/index.html" rel="nofollow">http://www.cisco.com/c/en/us/tech/security-vpn/lawful-interc...</a><p><a href="https://www.blackhat.com/presentations/bh-dc-10/Cross_Tom/BlackHat-DC-2010-Cross-Attacking-LawfulI-Intercept-wp.pdf" rel="nofollow">https://www.blackhat.com/presentations/bh-dc-10/Cross_Tom/Bl...</a>
So if I've understood this correctly, NDN works be giving each piece of content a unique address, instead of stopping at the host?<p>Basically baking a URI into the low-level protocols?
People are trying for almost 15 years to replace IPv4. That's almost impossible, 96% of the traffic worldwide is still IPv4.<p>This project is dead on arrival.
This is the old Content Distribution Network.
It does work -- provided you can easily identify a resource in the network.
URIs are hierarchal, but do not follow the network connections hierarchy.
Also, now every router needs to be able to track all the streams that go through it.<p>In short, everything explodes when you try to scale the thing.
Isn't this identical in spirit to Content-Centric Networking (CCN) as espoused by Van Jacobsen?<p>I distinctly remember watching his Google Tech Talk on the idea (<a href="https://www.youtube.com/watch?v=oCZMoY3q2uM" rel="nofollow">https://www.youtube.com/watch?v=oCZMoY3q2uM</a>) when I first joined AeroFS.
Someone who knows more than me; does this intend to <i>complement</i> TCP, or <i>replace</i> TCP? If the latter, how would one use NDN to implement a system that naturally fits the "conversation" model of TCP, e.g. an MMORPG?
What could possibly go wrong? It's not like the whole internet as we know it depends at some level of tcp/ip and there's (probably) billions of lines of code depending on it.
Umm.. how about let's NOT replace TCP/IP with anything because it's may be the only well-designed thing on the Internet that actually works? If you want an impossible super-hero project to work on, try replacing HTTP instead - at least you'd actually be solving a problem.
Nothing except efficiency is preventing us from using names as parts of network/subnet hierarchy instead of numbers, e.g. : steve.home.town.country instead of 192.168.5.6 (or the same thing on IPv6), and even efficiency could be improved by the smart use of hashing... BUT! The major problem I see here is that there simply <i>are more numbers than words</i>.<p>In practice, especially at large companies, it will <i>certainly without a doubt</i> degrade into workstation001, workstation002... workstation999 and then we're in effect back where we started from - using numbers.<p>This looks like a solution in search of a problem.