Network Working Group R. Atkinson, Ed. Request for Comments: 3869 S. Floyd, Ed. Category: Informational Internet Architecture Board August 2004
Network Working Group R. Atkinson, Ed. Request for Comments: 3869 S. Floyd, Ed. Category: Informational Internet Architecture Board August 2004
IAB Concerns and Recommendations Regarding Internet Research and Evolution
IAB对互联网研究和发展的关注和建议
Status of this Memo
本备忘录的状况
This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited.
本备忘录为互联网社区提供信息。它没有规定任何类型的互联网标准。本备忘录的分发不受限制。
Copyright Notice
版权公告
Copyright (C) The Internet Society (2004).
版权所有(C)互联网协会(2004年)。
Abstract
摘要
This document discusses IAB concerns that ongoing research is needed to further the evolution of the Internet infrastructure, and that consistent, sufficient non-commercial funding is needed to enable such research.
本文件讨论了IAB关注的问题,即需要进行研究以促进互联网基础设施的发展,并且需要一致、充足的非商业资金来支持此类研究。
Table of Contents
目录
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1. Document Organization. . . . . . . . . . . . . . . . . . 2 1.2. IAB Concerns . . . . . . . . . . . . . . . . . . . . . . 3 1.3. Contributions to this Document . . . . . . . . . . . . . 4 2. History of Internet Research and Research Funding. . . . . . . 4 2.1. Prior to 1980. . . . . . . . . . . . . . . . . . . . . . 4 2.2. 1980s and early 1990s. . . . . . . . . . . . . . . . . . 5 2.3. Mid-1990s to 2003. . . . . . . . . . . . . . . . . . . . 6 2.4. Current Status . . . . . . . . . . . . . . . . . . . . . 6 3. Open Internet Research Topics. . . . . . . . . . . . . . . . . 7 3.1. Scope and Limitations. . . . . . . . . . . . . . . . . . 7 3.2. Naming . . . . . . . . . . . . . . . . . . . . . . . . . 8 3.2.1. Domain Name System (DNS). . . . . . . . . . . . 8 3.2.2. New Namespaces. . . . . . . . . . . . . . . . . 9 3.3. Routing. . . . . . . . . . . . . . . . . . . . . . . . . 9 3.3.1. Inter-domain Routing. . . . . . . . . . . . . . 10 3.3.2. Routing Integrity . . . . . . . . . . . . . . . 11 3.3.3. Routing Algorithms. . . . . . . . . . . . . . . 12 3.3.4. Mobile and Ad-Hoc Routing . . . . . . . . . . . 13 3.4. Security . . . . . . . . . . . . . . . . . . . . . . . . 13
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1. Document Organization. . . . . . . . . . . . . . . . . . 2 1.2. IAB Concerns . . . . . . . . . . . . . . . . . . . . . . 3 1.3. Contributions to this Document . . . . . . . . . . . . . 4 2. History of Internet Research and Research Funding. . . . . . . 4 2.1. Prior to 1980. . . . . . . . . . . . . . . . . . . . . . 4 2.2. 1980s and early 1990s. . . . . . . . . . . . . . . . . . 5 2.3. Mid-1990s to 2003. . . . . . . . . . . . . . . . . . . . 6 2.4. Current Status . . . . . . . . . . . . . . . . . . . . . 6 3. Open Internet Research Topics. . . . . . . . . . . . . . . . . 7 3.1. Scope and Limitations. . . . . . . . . . . . . . . . . . 7 3.2. Naming . . . . . . . . . . . . . . . . . . . . . . . . . 8 3.2.1. Domain Name System (DNS). . . . . . . . . . . . 8 3.2.2. New Namespaces. . . . . . . . . . . . . . . . . 9 3.3. Routing. . . . . . . . . . . . . . . . . . . . . . . . . 9 3.3.1. Inter-domain Routing. . . . . . . . . . . . . . 10 3.3.2. Routing Integrity . . . . . . . . . . . . . . . 11 3.3.3. Routing Algorithms. . . . . . . . . . . . . . . 12 3.3.4. Mobile and Ad-Hoc Routing . . . . . . . . . . . 13 3.4. Security . . . . . . . . . . . . . . . . . . . . . . . . 13
3.4.1. Formal Methods. . . . . . . . . . . . . . . . . 14 3.4.2. Key Management. . . . . . . . . . . . . . . . . 14 3.4.3. Cryptography. . . . . . . . . . . . . . . . . . 15 3.4.4. Security for Distributed Computing. . . . . . . 15 3.4.5. Deployment Considerations in Security . . . . . 15 3.4.6. Denial of Service Protection. . . . . . . . . . 16 3.5. Network Management . . . . . . . . . . . . . . . . . . . 16 3.5.1. Managing Networks, Not Devices. . . . . . . . . 16 3.5.2. Enhanced Monitoring Capabilities. . . . . . . . 17 3.5.3. Customer Network Management . . . . . . . . . . 17 3.5.4. Autonomous Network Management . . . . . . . . . 17 3.6. Quality of Service . . . . . . . . . . . . . . . . . . . 17 3.6.1. Inter-Domain QoS Architecture . . . . . . . . . 18 3.6.2. New Queuing Disciplines . . . . . . . . . . . . 19 3.7. Congestion Control . . . . . . . . . . . . . . . . . . . 19 3.8. Studying the Evolution of the Internet Infrastructure. . 20 3.9. Middleboxes. . . . . . . . . . . . . . . . . . . . . . . 21 3.10. Internet Measurement . . . . . . . . . . . . . . . . . . 21 3.11. Applications . . . . . . . . . . . . . . . . . . . . . . 22 3.12. Meeting the Needs of the Future. . . . . . . . . . . . . 22 3.13. Freely Distributable Prototypes. . . . . . . . . . . . . 23 4. Conclusions. . . . . . . . . . . . . . . . . . . . . . . . . . 23 5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 23 6. Security Considerations. . . . . . . . . . . . . . . . . . . . 24 7. Informative References . . . . . . . . . . . . . . . . . . . . 24 8. Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 29 9. Full Copyright Statement . . . . . . . . . . . . . . . . . . . 30
3.4.1. Formal Methods. . . . . . . . . . . . . . . . . 14 3.4.2. Key Management. . . . . . . . . . . . . . . . . 14 3.4.3. Cryptography. . . . . . . . . . . . . . . . . . 15 3.4.4. Security for Distributed Computing. . . . . . . 15 3.4.5. Deployment Considerations in Security . . . . . 15 3.4.6. Denial of Service Protection. . . . . . . . . . 16 3.5. Network Management . . . . . . . . . . . . . . . . . . . 16 3.5.1. Managing Networks, Not Devices. . . . . . . . . 16 3.5.2. Enhanced Monitoring Capabilities. . . . . . . . 17 3.5.3. Customer Network Management . . . . . . . . . . 17 3.5.4. Autonomous Network Management . . . . . . . . . 17 3.6. Quality of Service . . . . . . . . . . . . . . . . . . . 17 3.6.1. Inter-Domain QoS Architecture . . . . . . . . . 18 3.6.2. New Queuing Disciplines . . . . . . . . . . . . 19 3.7. Congestion Control . . . . . . . . . . . . . . . . . . . 19 3.8. Studying the Evolution of the Internet Infrastructure. . 20 3.9. Middleboxes. . . . . . . . . . . . . . . . . . . . . . . 21 3.10. Internet Measurement . . . . . . . . . . . . . . . . . . 21 3.11. Applications . . . . . . . . . . . . . . . . . . . . . . 22 3.12. Meeting the Needs of the Future. . . . . . . . . . . . . 22 3.13. Freely Distributable Prototypes. . . . . . . . . . . . . 23 4. Conclusions. . . . . . . . . . . . . . . . . . . . . . . . . . 23 5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 23 6. Security Considerations. . . . . . . . . . . . . . . . . . . . 24 7. Informative References . . . . . . . . . . . . . . . . . . . . 24 8. Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 29 9. Full Copyright Statement . . . . . . . . . . . . . . . . . . . 30
This document discusses the history of funding for Internet research, expresses concern about the current state of such funding, and outlines several specific areas that the IAB believes merit additional research. Current funding levels for Internet research are not generally adequate, and several important research areas are significantly underfunded. This situation needs to be rectified for the Internet to continue its evolution and development.
本文件讨论了互联网研究的资助历史,对此类资助的现状表示关注,并概述了IAB认为值得进一步研究的几个具体领域。目前互联网研究的资金水平总体上并不充足,一些重要的研究领域资金严重不足。这种情况需要纠正,互联网才能继续演进和发展。
The first part of the document is a high-level discussion of the history of funding for Internet research to provide some historical context to this document. The early funding of Internet research was largely from the U.S. government, followed by a period in the second half of the 1990s of commercial funding and of funding from several governments. However, the commercial funding for Internet research has been reduced due to the recent economic downturn.
本文件的第一部分是对互联网研究资助历史的高层次讨论,为本文件提供一些历史背景。互联网研究的早期资金主要来自美国政府,随后是20世纪90年代后半期的商业资金和几个政府的资金。然而,由于最近的经济衰退,互联网研究的商业资金已经减少。
The second part of the document provides an incomplete set of open Internet research topics. These are only examples, intended to illustrate the breadth of open research topics. This second section supports the general thesis that ongoing research is needed to further the evolution of the Internet infrastructure. This includes research on the medium-time-scale evolution of the Internet infrastructure as well as research on longer-time-scale grand challenges. This also includes many research issues that are already being actively investigated in the Internet research community.
文件的第二部分提供了一套不完整的开放式互联网研究主题。这些只是示例,旨在说明开放研究主题的广度。第二部分支持了一个一般性论点,即需要进行研究,以进一步推动互联网基础设施的发展。这包括对互联网基础设施中时间尺度演变的研究,以及对更长时间尺度重大挑战的研究。这还包括互联网研究界已经在积极调查的许多研究问题。
Areas that are discussed in this section include the following: naming, routing, security, network management, and transport. Issues that require more research also include more general architectural issues such as layering and communication between layers. In addition, general topics discussed in this section include modeling, measurement, simulation, test-beds, etc. We are focusing on topics that are related to the IETF and IRTF (Internet Research Task Force) agendas. (For example, Grid issues are not discussed in this document because they are addressed through the Global Grid Forum and other Grid-specific organizations, not in the IETF.)
本节讨论的领域包括:命名、路由、安全、网络管理和传输。需要更多研究的问题还包括更一般的体系结构问题,如分层和层之间的通信。此外,本节讨论的一般主题包括建模、测量、仿真、试验台等。我们重点关注与IETF和IRTF(互联网研究工作队)议程相关的主题。(例如,本文件不讨论网格问题,因为这些问题是通过全球网格论坛和其他特定于网格的组织解决的,而不是通过IETF解决的。)
Where possible, the examples in this document point to separate documents on these issues, and only give a high-level summary of the issues raised in those documents.
在可能的情况下,本文件中的示例指出了关于这些问题的单独文件,并且仅对这些文件中提出的问题进行了高层次的总结。
In the aftermath of September 11 2001, there seems to be a renewed interest by governments in funding research for Internet-related security issues. From [Jackson02]: "It is generally agreed that the security and reliability of the basic protocols underlying the Internet have not received enough attention because no one has a proprietary interest in them".
在2001年9月11日之后,各国政府似乎重新对资助互联网相关安全问题的研究产生了兴趣。来自[Jackson02]:“人们普遍认为,互联网基础基本协议的安全性和可靠性没有得到足够的重视,因为没有人对它们有所有权。”。
That quote brings out a key issue in funding for Internet research, which is that because no single organization (e.g., no single government, software company, equipment vendor, or network operator) has a sense of ownership of the global Internet infrastructure, research on the general issues of the Internet infrastructure are often not adequately funded. In our current challenging economic climate, it is not surprising that commercial funding sources are more likely to fund that research that leads to a direct competitive advantage.
这句话引出了互联网研究资助的一个关键问题,这是因为没有一个组织(例如,没有一个政府、软件公司、设备供应商或网络运营商)对全球互联网基础设施拥有所有权,关于互联网基础设施一般问题的研究往往没有足够的资金。在我们当前充满挑战的经济环境中,商业资金来源更有可能资助能够带来直接竞争优势的研究也就不足为奇了。
The principal thesis of this document is that if commercial funding is the main source of funding for future Internet research, the future of the Internet infrastructure could be in trouble. In addition to issues about which projects are funded, the funding
本文件的主要论点是,如果商业资金是未来互联网研究的主要资金来源,那么互联网基础设施的未来可能会遇到麻烦。除了关于资助哪些项目的问题外,资金
source can also affect the content of the research, for example, towards or against the development of open standards, or taking varying degrees of care about the effect of the developed protocols on the other traffic on the Internet.
来源也可能影响研究内容,例如,支持或反对开放标准的开发,或在不同程度上关注已开发协议对互联网上其他流量的影响。
At the same time, many significant research contributions in networking have come from commercial funding. However, for most of the topics in this document, relying solely on commercially-funded research would not be adequate. Much of today's commercial funding is focused on technology transition, taking results from non-commercial research and putting them into shipping commercial products. We have not tried to delve into each of the research issues below to discuss, for each issue, what are the potentials and limitations of commercial funding for research in that area.
与此同时,网络方面的许多重大研究贡献都来自商业资金。然而,对于本文件中的大多数主题,仅依靠商业资助的研究是不够的。今天的大部分商业资金都集中在技术转型上,从非商业研究中获取成果,并将其投入商业产品的运输。我们没有尝试深入研究以下每一个研究问题,以讨论每个问题,该领域研究的商业资金的潜力和局限性。
On a more practical note, if there was no commercial funding for Internet research, then few research projects would be taken to completion with implementations, deployment, and follow-up evaluation.
更实际的是,如果互联网研究没有商业资金,那么很少有研究项目会在实施、部署和后续评估中完成。
While it is theoretically possible for there to be too much funding for Internet research, that is far from the current problem. There is also much that could be done within the network research community to make Internet research more focused and productive, but that would belong in a separate document.
虽然从理论上讲,互联网研究可能会有太多的资金,但这远远不是当前的问题。在网络研究社区内,还有很多工作可以做,以使互联网研究更加集中和富有成效,但这将属于一份单独的文件。
A number of people have directly contributed text for this document, even though, following current conventions, the official RFC author list includes only the key editors of the document. The Acknowledgements section at the end of the document thanks other people who contributed to this document in some form.
许多人直接为本文档提供了文本,尽管按照当前惯例,官方RFC作者列表仅包括文档的关键编辑。文档末尾的致谢部分感谢以某种形式对本文档作出贡献的其他人。
Most of the early research into packet-switched networks was sponsored by the U.S. Defense Advanced Research Projects Agency (DARPA) [CSTB99]. This includes the initial design, implementation, and deployment of the ARPAnet connecting several universities and other DARPA contractors. The ARPAnet originally came online in the late 1960s. It grew in size during the 1970s, still chiefly with DARPA funding, and demonstrated the utility of packet-switched networking.
大多数对分组交换网络的早期研究是由美国国防高级研究计划局(DARPA)[CSTB99]赞助的。这包括连接几所大学和其他DARPA承包商的ARPAnet的初步设计、实施和部署。ARPAnet最初是在20世纪60年代末上线的。20世纪70年代,它的规模不断扩大,主要还是在DARPA的资助下,并证明了分组交换网络的实用性。
DARPA funding for Internet design started in 1973, just four years after the initial ARPAnet deployment. The support for Internet design was one result of prior DARPA funding for packet radio and packet satellite research. The existence of multiple networks (ARPAnet, packet radio, and packet satellite) drove the need for internetworking research. The Internet arose in large measure as a consequence of DARPA research funding for these three networks -- and arise only incidentally from the commercially-funded work at Xerox PARC on Ethernet.
DARPA对互联网设计的资助始于1973年,距离ARPAnet最初部署仅四年。对互联网设计的支持是DARPA先前资助分组无线电和分组卫星研究的结果之一。多个网络(ARPAnet、分组无线电和分组卫星)的存在推动了互联网研究的需求。互联网的出现在很大程度上是DARPA对这三个网络的研究资助的结果——只是偶然地从施乐PARC在以太网上的商业资助工作中产生的。
The ARPAnet converted to the Internet Protocol (IP) on January 1, 1983, approximately 20 years before this document was written. Throughout the 1980s, the U.S. Government continued strong research and development funding for Internet technology. DARPA continued to be the key funding source, but was supplemented by other DoD (U.S. Department of Defense) funding (e.g., via the Defense Data Network (DDN) program of the Defense Communication Agency (DCA)) and other U.S. Government funding (e.g., U.S. Department of Energy (DoE) funding for research networks at DoE national laboratories, (U.S.) National Science Foundation (NSF) funding for academic institutions). This funding included basic research, applied research (including freely distributable prototypes), the purchase of IP-capable products, and operating support for the IP-based government networks such as ARPAnet, ESnet, MILnet, the NASA Science Internet, and NSFnet.
ARPAnet于1983年1月1日转换为互联网协议(IP),大约在本文件编写前20年。在整个20世纪80年代,美国政府继续为互联网技术提供强大的研发资金。DARPA仍然是主要的资金来源,但得到了其他国防部(美国国防部)资金(例如,通过国防通信局(DCA)的国防数据网络(DDN)计划)和其他美国政府资金(例如,美国能源部(DoE)对DoE国家实验室研究网络的资金)的补充国家科学基金会(NSF)资助学术机构。这笔资金包括基础研究、应用研究(包括可自由分发的原型)、购买具有IP能力的产品以及对基于IP的政府网络(如ARPAnet、ESnet、MILnet、NASA科学互联网和NSFnet)的运营支持。
During the 1980s, the U.S. DoD desired to leave the business of providing operational network services to academic institutions, so funding for most academic activities moved over to the NSF during the decade. NSF's initial work included sponsorship of CSnet in 1981. By 1986, NSF was also sponsoring various research projects into networking (e.g., Mills' work on Fuzzballs). In the late 1980s, NSF created the NSFnet backbone and sponsored the creation of several NSF regional networks (e.g., SURAnet) and interconnections with several international research networks. NSF also funded gigabit networking research, through the Corporation for National Research Initiatives (CNRI), starting in the late 1980s. It is important to note that the NSF sponsorship was focused on achieving core NSF goals, such as connecting scientists at leading universities to NSF supercomputing centers. The needs of high-performance remote access to supercomputers drove the overall NSFnet performance. As a side effect, this meant that students and faculty at those universities enjoyed a relatively high-performance Internet environment. As those students graduated, they drove both commercial use of the Internet and the nascent residential market. It is no accident that this was the environment from which the world wide web emerged.
20世纪80年代,美国国防部希望放弃向学术机构提供运营网络服务的业务,因此在这十年中,大部分学术活动的资金转移到了国家科学基金会。NSF的初始工作包括在1981年赞助CSnet。到1986年,国家科学基金会还赞助了各种网络研究项目(例如,米尔斯关于模糊球的研究)。20世纪80年代末,NSF创建了NSFnet主干网,并赞助创建了几个NSF区域网络(如SURAnet),并与几个国际研究网络互连。从20世纪80年代末开始,国家科学基金会还通过国家研究倡议公司(CNRI)资助了千兆网络研究。值得注意的是,国家科学基金会的赞助重点是实现国家科学基金会的核心目标,例如将一流大学的科学家与国家科学基金会超级计算中心联系起来。对超级计算机的高性能远程访问需求推动了NSFnet的整体性能。作为一种副作用,这意味着这些大学的学生和教师享有一个相对高性能的互联网环境。随着这些学生的毕业,他们推动了互联网的商业应用和新生的住宅市场。这正是万维网诞生的环境,这并非偶然。
Most research funding outside the U.S. during the 1980s and early 1990s was focused on the ISO OSI networking project or on then-new forms of network media (e.g., wireless, broadband access). The European Union was a significant source of research funding for the networking community in Europe during this period. Some of the best early work in gigabit networking was undertaken in the UK and Sweden.
20世纪80年代和90年代初,美国以外的大部分研究资金都集中在ISO OSI网络项目或当时的新形式网络媒体(如无线、宽带接入)上。在此期间,欧盟是欧洲网络社区研究资金的重要来源。英国和瑞典在千兆网络方面进行了一些最好的早期工作。
Starting in the middle 1990s, U.S. Government funding for Internet research and development was significantly reduced. The premise for this was that the growing Internet industry would pay for whatever research and development that was needed. Some funding for Internet research and development has continued in this period from European and Asian organizations (e.g., the WIDE Project in Japan [WIDE]). Reseaux IP Europeens [RIPE] is an example of market-funded networking research in Europe during this period.
从20世纪90年代中期开始,美国政府对互联网研究和开发的资金大大减少。这样做的前提是,不断增长的互联网行业将为所需的任何研发支付费用。在此期间,欧洲和亚洲组织(例如,日本的WIDE项目[WIDE])继续为互联网研究和开发提供了一些资金。Reseaux IP Europeens[成熟]是这一时期欧洲市场资助网络研究的一个例子。
Experience during this period has been that commercial firms have often focused on donating equipment to academic institutions and promoting somewhat vocationally-focused educational projects. Many of the commercially-funded research and development projects appear to have been selected because they appeared likely to give the funding source a specific short-term economic advantage over its competitors. Higher risk, more innovative research proposals generally have not been funded by industry. A common view in Silicon Valley has been that established commercial firms are not very good at transitioning cutting edge research into products, but were instead good at buying small startup firms who had successfully transitioned such cutting edge research into products. Unfortunately, small startup companies are generally unable financially to fund any research themselves.
这一时期的经验是,商业公司往往专注于向学术机构捐赠设备,并推动一些以职业为重点的教育项目。许多由商业资助的研究和开发项目之所以被选中,似乎是因为它们可能使资金来源比竞争对手具有特定的短期经济优势。高风险、更具创新性的研究提案通常没有得到行业的资助。硅谷的一个普遍观点是,老牌商业公司并不擅长将尖端研究转化为产品,而是擅长收购成功将尖端研究转化为产品的小型初创公司。不幸的是,小型初创公司通常在财务上无法自己资助任何研究。
The result of reduced U.S. Government funding and profit-focused, low-risk, short-term industry funding has been a decline in higher-risk but more innovative research activities. Industry has also been less interested in research to evolve the overall Internet architecture, because such work does not translate into a competitive advantage for the firm funding such work.
美国政府资金和以利润为中心的低风险短期行业资金减少的结果是高风险但更具创新性的研究活动减少。业界也对发展整个互联网体系结构的研究不太感兴趣,因为这类工作不会转化为资助这类工作的公司的竞争优势。
The IAB believes that it would be helpful for governments and other non-commercial sponsors to increase their funding of both basic research and applied research relating to the Internet, and to sustain these funding levels going forward.
IAB认为,增加政府和其他非商业赞助者对互联网基础研究和应用研究的资助,并维持这些资助水平,将有助于政府和其他非商业赞助者。
This section primarily discusses some specific topics that the IAB believes merit additional research. Research, of course, includes not just devising a theory, algorithm, or mechanism to accomplish a goal, but also evaluating the general efficacy of the approach and then the benefits vs. the costs of deploying that algorithm or mechanism. Important cautionary notes about this discussion are given in the next sub-section. This particular set of topics is not intended to be comprehensive, but instead is intended to demonstrate the breadth of open Internet research questions.
本节主要讨论IAB认为值得进一步研究的一些特定主题。当然,研究不仅包括设计实现目标的理论、算法或机制,还包括评估方法的总体效能,以及部署该算法或机制的收益与成本。有关此讨论的重要注意事项将在下一小节中给出。这组特定的主题并非旨在全面,而是旨在展示开放式互联网研究问题的广度。
Other discussions of problems of the Internet that merit further research include the following: [CIPB02,Claffy03a,Floyd,NSF03a,NSF03b].
值得进一步研究的互联网问题的其他讨论包括以下内容:[CIPB02,Claffy03a,Floyd,NSF03a,NSF03b]。
This document is NOT intended as a guide for public funding agencies as to exactly which projects or proposals should or should not be funded.
本文件无意为公共资助机构提供指南,以明确哪些项目或提案应该或不应该获得资助。
In particular, this document is NOT intended to be a comprehensive list of *all* of the research questions that are important to further the evolution of the Internet; that would be a daunting task, and would presuppose a wider and more intensive effort than we have undertaken in this document.
特别是,本文件并非旨在全面列出*所有*对推动互联网发展至关重要的研究问题;这将是一项艰巨的任务,并将以比我们在本文件中所作的更广泛和更密集的努力为前提。
Similarly, this document is not intended to list the research questions that are judged to be only of peripheral importance, or to survey the current (global; governmental, commercial, and academic) avenues for funding for Internet research, or to make specific recommendations about which areas need additional funding. The purpose of the document is to persuade the reader that ongoing research is needed towards the continued evolution of the Internet infrastructure; the purpose is not to make binding pronouncements about which specific areas are and are not worthy of future funding.
同样,本文件不打算列出被认为仅具有外围重要性的研究问题,也不打算调查互联网研究的当前(全球;政府、商业和学术)融资渠道,也不打算就哪些领域需要额外资金提出具体建议。本文件的目的是说服读者,需要对互联网基础设施的持续发展进行持续研究;其目的不是就哪些特定领域值得或不值得未来资助发表具有约束力的声明。
For some research clearly relevant to the future evolution of the Internet, there are grand controversies between competing proposals or competing schools of thought; it is not the purpose of this document to take positions in these controversies, or to take positions on the nature of the solutions for areas needing further research.
对于一些与互联网未来发展明确相关的研究,在相互竞争的提案或相互竞争的思想流派之间存在着巨大的争议;本文件的目的不是对这些争议采取立场,也不是对需要进一步研究的领域的解决方案的性质采取立场。
That all carefully noted, the remainder of this section discusses a broad set of research areas, noting a subset of particular topics of interest in each of those research areas. Again, this list is NOT comprehensive, but rather is intended to suggest that a broad range of ongoing research is needed, and to propose some candidate topics.
本节剩余部分将讨论一系列广泛的研究领域,并指出每个研究领域中感兴趣的特定主题的子集。同样,该列表并不全面,而是旨在表明需要进行广泛的持续研究,并提出一些候选主题。
Several places in this document refer to 'network operators'. By that term, we intend to include anyone or any organization that operates an IP-based network; we are not using that term in the narrow meaning of commercial network service providers.
本文件中有几个地方提到“网络运营商”。在该术语中,我们打算包括运营基于IP的网络的任何人或任何组织;我们不是在狭义的商业网络服务提供商中使用该术语。
The Internet currently has several different namespaces, including IP addresses, sockets (specified by the IP address, upper-layer protocol, and upper-layer port number), Autonomous System (AS) number, and the Fully-Qualified Domain Name (FQDN). Many of the Internet's namespaces are supported by the widely deployed Domain Name System [RFC-3467] or by various Internet applications [RFC-2407, Section 4.6.2.1]
Internet目前有几个不同的名称空间,包括IP地址、套接字(由IP地址、上层协议和上层端口号指定)、自治系统(AS)号和完全限定域名(FQDN)。广泛部署的域名系统[RFC-3467]或各种互联网应用程序[RFC-2407,第4.6.2.1节]支持许多互联网名称空间
The DNS system, while it works well given its current constraints, has several stress points.
DNS系统在当前的限制条件下运行良好,但有几个压力点。
The current DNS system relies on UDP for transport, rather than SCTP or TCP. Given the very large number of clients using a typical DNS server, it is desirable to minimize the state on the DNS server side of the connection. UDP does this well, so it is a reasonable choice, though this has other implications, for example a reliance on UDP fragmentation. With IPv6, intermediate fragmentation is not allowed and Path MTU Discovery is mandated. However, the amount of state required to deploy Path MTU Discovery for IPv6 on a DNS server might be a significant practical problem.
当前的DNS系统依赖UDP进行传输,而不是SCTP或TCP。考虑到使用典型DNS服务器的客户机数量非常多,最好将连接的DNS服务器端的状态降至最低。UDP做得很好,所以这是一个合理的选择,尽管这还有其他影响,例如依赖UDP碎片。对于IPv6,不允许中间分段,并且强制要求进行路径MTU发现。但是,在DNS服务器上部署IPv6路径MTU发现所需的状态量可能是一个重大的实际问题。
One implication of this is that research into alternative transport protocols, designed more for DNS-like applications where there are very many clients using each server, might be useful. Of particular interest would be transport protocols with little burden for the DNS server, even if that increased the burden somewhat for the DNS client.
这意味着对替代传输协议的研究可能是有用的,这些协议更多地是为类似DNS的应用程序设计的,在这些应用程序中,有很多客户端使用每台服务器。特别令人感兴趣的是对DNS服务器几乎没有负担的传输协议,即使这在一定程度上增加了DNS客户端的负担。
Additional study of DNS caching, both currently available caching techniques and also of potential new caching techniques, might be helpful in finding ways to reduce the offered load for a typical DNS
对DNS缓存的进一步研究,包括当前可用的缓存技术和潜在的新缓存技术,可能有助于找到减少典型DNS负载的方法
server. In particular, examination of DNS caching through typical commercial firewalls might be interesting if it lead to alternative firewall implementations that were less of an obstacle to DNS caching.
服务器特别是,通过典型的商用防火墙检查DNS缓存可能会很有意思,如果它可以导致对DNS缓存的障碍更小的替代防火墙实现。
The community lacks a widely-agreed-upon set of metrics for measuring DNS server performance. It would be helpful if people would seriously consider what characteristics of the DNS system should be measured.
社区缺乏一套广泛认可的衡量DNS服务器性能的指标。如果人们认真考虑DNS系统应该测量哪些特性将是有益的。
Some in the community would advocate replacing the current DNS system with something better. Past attempts to devise a better approach have not yielded results that persuaded the community to change. Proposed work in this area could be very useful, but might require careful scrutiny to avoid falling into historic design pitfalls.
社区中的一些人会主张用更好的系统取代当前的DNS系统。过去试图设计一种更好的方法的尝试并没有产生说服社区改变的结果。这方面的拟议工作可能非常有用,但可能需要仔细审查,以避免落入历史设计陷阱。
With regards to DNS security, major technical concerns include finding practical methods for signing very large DNS zones (e.g., and tools to make it easier to manage secure DNS infrastructure.
关于DNS安全,主要的技术问题包括寻找签署非常大的DNS区域的实用方法(例如,和使安全DNS基础设施更易于管理的工具)。
Most users are unable to distinguish a DNS-related failure from a more general network failure. Hence, maintaining the integrity and availability of the Domain Name System is very important for the future health of the Internet.
大多数用户无法区分DNS相关故障和更一般的网络故障。因此,维护域名系统的完整性和可用性对于互联网的未来健康非常重要。
Additionally, the Namespace Research Group (NSRG) of the Internet Research Task Force (IRTF) studied adding one or more additional namespaces to the Internet Architecture [LD2002]. Many members of the IRTF NSRG believe that there would be significant architectural benefit to adding one or more additional namespaces to the Internet Architecture. Because smooth consensus on that question or on the properties of a new namespace was not obtained, the IRTF NSRG did not make a formal recommendation to the IETF community regarding namespaces. The IAB believes that this is an open research question worth examining further.
此外,互联网研究工作组(IRTF)的名称空间研究小组(NSRG)研究了在互联网体系结构中添加一个或多个额外的名称空间[LD2002]。IRTF NSRG的许多成员认为,在Internet体系结构中添加一个或多个附加名称空间将带来重大的体系结构好处。由于没有就这个问题或新名称空间的属性达成一致意见,IRTF NSRG没有就名称空间向IETF社区提出正式建议。IAB认为这是一个值得进一步研究的开放性研究问题。
Finally, we believe that future research into the evolution of Internet-based distributed computing might well benefit from studying adding additional namespaces as part of a new approach to distributed computing.
最后,我们相信,作为分布式计算新方法的一部分,研究添加额外的名称空间,对基于Internet的分布式计算的发展的未来研究可能会受益匪浅。
The currently deployed unicast routing system works reasonably well for most users. However, the current unicast routing architecture is suboptimal in several areas, including the following: end-to-end
目前部署的单播路由系统对大多数用户来说运行良好。然而,当前的单播路由体系结构在以下几个方面并不理想:端到端
convergence times in global-scale catenets (a system of networks interconnected via gateways); the ability of the existing inter-domain path-vector algorithm to scale well beyond 200K prefixes; the ability of both intra-domain and inter-domain routing to use multiple metrics and multiple kinds of metrics concurrently; and the ability of IPv4 and IPv6 to support widespread site multi-homing without undue adverse impact on the inter-domain routing system. Integrating policy into routing is also a general concern, both for intra-domain and inter-domain routing. In many cases, routing policy is directly tied to economic issues for the network operators, so applied research into routing ideally would consider economic considerations as well as technical considerations.
全球规模连锁网络(通过网关互连的网络系统)的收敛时间;现有域间路径向量算法的扩展能力远远超过200K前缀;域内和域间路由同时使用多个度量和多种度量的能力;IPv4和IPv6能够支持广泛的站点多主,而不会对域间路由系统造成不必要的不利影响。对于域内和域间路由,将策略集成到路由中也是一个普遍关注的问题。在许多情况下,路由策略直接关系到网络运营商的经济问题,因此对路由的应用研究将考虑经济考虑和技术考虑。
This is an issue for which the commercial interest is clear, but that seems unlikely to be solved through commercial funding for research, in the absence of a consortium of some type.
这是一个商业利益显而易见的问题,但在缺乏某种财团的情况下,似乎不太可能通过研究的商业资金来解决。
The current operational inter-domain routing system has between 150,000 and 200,000 routing prefixes in the default-free zone (DFZ) [RFC-3221]. ASIC technology obviates concerns about the ability to forward packets at very high speeds. ASIC technology also obviates concerns about the time required to perform longest-prefix-match computations. However, some senior members of the Internet routing community have concerns that the end-to-end convergence properties of the global Internet might hit fundamental algorithmic limitations (i.e., not hardware limitations) when the DFZ is somewhere between 200,000 and 300,000 prefixes. Research into whether this concern is well-founded in scientific terms seems very timely.
当前运行的域间路由系统在默认自由区(DFZ)[RFC-3221]中有150000到200000个路由前缀。ASIC技术消除了对高速转发数据包能力的担忧。ASIC技术还消除了对执行最长前缀匹配计算所需时间的担忧。然而,互联网路由社区的一些高级成员担心,当DFZ的前缀介于200000和300000之间时,全球互联网的端到端收敛特性可能会受到基本算法限制(即,不是硬件限制)。从科学角度研究这一担忧是否有充分的依据似乎非常及时。
Separately from the above concern, recent work has shown that there can be significant BGP convergence issues today. At present, it appears that the currently observed convergence issues relate to how BGP has been configured by network operators, rather than being any sort of fundamental algorithmic limitation [MGVK02]. This convergence time issue makes the duration of the apparent network outage much longer than it should be. Additional applied research into which aspects of a BGP configuration have the strongest impact on convergence times would help mitigate the currently observed operational issues.
除上述问题外,最近的工作表明,今天可能存在重大的BGP融合问题。目前,目前观察到的收敛问题似乎与网络运营商如何配置BGP有关,而不是任何基本算法限制[MGVK02]。这种收敛时间问题使得明显的网络中断持续时间比应该的要长得多。对BGP配置的哪些方面对收敛时间影响最大进行更多的应用研究,将有助于缓解目前观察到的运营问题。
Also, inter-domain routing currently requires significant human engineering of specific inter-AS paths to ensure that reasonably optimal paths are used by actual traffic. Ideally, the inter-domain routing system would automatically cause reasonably optimal paths to be chosen. Recent work indicates that improved BGP policy mechanisms
此外,域间路由目前需要对特定的域间AS路径进行大量人工工程,以确保实际流量使用合理的最优路径。理想情况下,域间路由系统会自动选择合理的最优路径。最近的工作表明,改进的BGP策略机制
might help ensure that reasonably optimal paths are normally used for inter-domain IP traffic. [SMA03] Continued applied research in this area might lead to substantially better technical approaches.
可能有助于确保合理的最佳路径通常用于域间IP通信。[SMA03]在这一领域继续进行应用研究可能会带来更好的技术方法。
The current approach to site multi-homing has the highly undesirable side-effect of significantly increasing the growth rate of prefix entries in the DFZ (by impairing the deployment of prefix aggregation). Research is needed into new routing architectures that can support large-scale site multi-homing without the undesirable impacts on inter-domain routing of the current multi-homing technique.
当前的站点多宿主方法有一个非常不受欢迎的副作用,即显著增加DFZ中前缀项的增长率(通过削弱前缀聚合的部署)。需要研究新的路由体系结构,以支持大规模站点多归属,而不受当前多归属技术对域间路由的不良影响。
The original application for BGP was in inter-domain routing, primarily within service provider networks but also with some use by multi-homed sites. However, some are now trying to use BGP in other contexts, for example highly mobile environments, where it is less obviously well suited. Research into inter-domain routing and/or intra-domain policy routing might lead to other approaches for any emerging environments where the current BGP approach is not the optimal one.
BGP最初的应用是在域间路由中,主要在服务提供商网络中,但也有一些被多宿主站点使用。然而,一些人现在正试图在其他环境中使用BGP,例如高度移动的环境,在这些环境中BGP显然不太适合。对域间路由和/或域内策略路由的研究可能会为当前BGP方法不是最佳方法的任何新兴环境带来其他方法。
Recently there has been increased awareness of the longstanding issue of deploying strong authentication into the Internet inter-domain routing system. Currently deployed mechanisms (e.g., BGP TCP MD5 [RFC-2385], OSPF MD5, RIP MD5 [RFC-2082]) provide cryptographic authentication of routing protocol messages, but no authentication of the actual routing data. Recent proposals (e.g., S-BGP [KLMS2000]) for improving this in inter-domain routing appear difficult to deploy across the Internet, in part because of their reliance on a single trust hierarchy (e.g., a single PKI). Similar proposals (e.g., OSPF with Digital Signatures, [RFC-2154]) for intra-domain routing are argued to be computationally infeasible to deploy in a large network.
最近,人们越来越意识到在Internet域间路由系统中部署强身份验证这一长期存在的问题。目前部署的机制(例如,BGP TCP MD5[RFC-2385]、OSPF MD5、RIP MD5[RFC-2082])提供路由协议消息的加密身份验证,但不提供实际路由数据的身份验证。最近提出的改进域间路由的建议(如S-BGP[KLMS2000])似乎难以在互联网上部署,部分原因是它们依赖于单一信任层次结构(如单一PKI)。域内路由的类似建议(例如,带数字签名的OSPF[RFC-2154])被认为在计算上不可能部署在大型网络中。
A recurring challenge with any form of inter-domain routing authentication is that there is no single completely accurate source of truth about which organizations have the authority to advertise which address blocks. Alternative approaches to authentication of data in the routing system need to be developed. In particular, the ability to perform partial authentication of routing data would facilitate incremental deployment of routing authentication mechanisms. Also, the ability to use non-hierarchical trust models (e.g., the web of trust used in the PGP application) might facilitate incremental deployment and might resolve existing concerns about centralized administration of the routing system, hence it merits additional study and consideration.
任何形式的域间路由身份验证都面临一个反复出现的挑战,即对于哪些组织有权公布哪些地址块,没有一个完全准确的真实来源。需要开发路由系统中数据认证的替代方法。特别是,对路由数据执行部分身份验证的能力将促进路由身份验证机制的增量部署。此外,使用非分层信任模型(例如,PGP应用程序中使用的信任网)的能力可能有助于增量部署,并可能解决有关路由系统集中管理的现有问题,因此值得进一步研究和考虑。
The current Internet routing system relies primarily on two algorithms. Link-state routing uses the Dijkstra algorithm [Dijkstra59]. Distance-Vector routing (e.g., RIP) and Path-Vector routing (e.g., BGP) use the Bellman-Ford algorithm [Bellman1957, FF1962]. Additional ongoing basic research into graph theory as applied to routing is worthwhile and might yield algorithms that would enable a new routing architecture or otherwise provide improvements to the routing system.
当前的Internet路由系统主要依赖于两种算法。链路状态路由使用Dijkstra算法[Dijkstra59]。距离向量路由(例如RIP)和路径向量路由(例如BGP)使用Bellman-Ford算法[Bellman 1957,FF1962]。对于应用于路由的图论的其他正在进行的基础研究是值得的,并且可能会产生一些算法,这些算法将支持新的路由体系结构或以其他方式改进路由系统。
Currently deployed multicast routing relies on the Deering RPF algorithm [Deering1988]. Ongoing research into alternative multicast routing algorithms and protocols might help alleviate current concerns with the scalability of multicast routing.
目前部署的多播路由依赖于Deering RPF算法[Deering1988]。正在进行的对替代多播路由算法和协议的研究可能有助于缓解当前对多播路由可扩展性的担忧。
The deployed Internet routing system assumes that the shortest path is always the best path. This is provably false, however it is a reasonable compromise given the routing protocols currently available. The Internet lacks deployable approaches for policy-based routing or routing with alternative metrics (i.e., some metric other than the number of hops to the destination). Examples of alternative policies include: the path with lowest monetary cost; the path with the lowest probability of packet loss; the path with minimized jitter; and the path with minimized latency. Policy metrics also need to take business relationships into account. Historic work on QoS-based routing has tended to be unsuccessful in part because it did not adequately consider economic and commercial considerations of the routing system and in part because of inadequate consideration of security implications.
部署的Internet路由系统假定最短路径始终是最佳路径。这是可以证明的错误,但是考虑到目前可用的路由协议,这是一个合理的折衷方案。互联网缺乏可部署的基于策略的路由方法或具有替代指标(即,除了到目的地的跳数之外的一些指标)的路由方法。替代政策的例子包括:货币成本最低的路径;丢包概率最低的路径;抖动最小的路径;以及延迟最小的路径。策略度量还需要考虑业务关系。基于QoS的路由的历史性工作往往是不成功的,部分原因是它没有充分考虑路由系统的经济和商业考虑,部分原因是由于对安全性的考虑不足。
Transitioning from the current inter-domain routing system to any new inter-domain routing system is unlikely to be a trivial exercise. So any proposal for a new routing system needs to carefully consider and document deployment strategies, transition mechanisms, and other operational considerations. Because of the cross-domain interoperability aspect of inter-domain routing, smooth transitions from one inter-domain routing system are likely to be difficult to accomplish. Separately, the inter-domain routing system lacks strong market forces that would encourage migration to better technical approaches. Hence, it appears unlikely that the commercial sector will be the source of a significantly improved inter-domain routing system.
从当前域间路由系统过渡到任何新的域间路由系统不太可能是一个简单的操作。因此,对于新的路由系统的任何建议都需要仔细考虑并记录部署策略、转换机制和其他操作考虑。由于域间路由的跨域互操作性,从一个域间路由系统平滑过渡可能很难实现。另外,域间路由系统缺乏强大的市场力量,这将鼓励迁移到更好的技术方法。因此,商业部门似乎不太可能成为显著改进的域间路由系统的来源。
While some of the earliest DARPA-sponsored networking research involved packet radio networks, mobile routing [IM1993] and mobile ad-hoc routing [RFC-2501] are relatively recent arrivals in the Internet, and are not yet widely deployed. The current approaches are not the last word in either of those arenas. We believe that additional research into routing support for mobile hosts and mobile networks is needed. Additional research for ad-hoc mobile hosts and mobile networks is also worthwhile. Ideally, mobile routing and mobile ad-hoc routing capabilities should be native inherent capabilities of the Internet routing architecture. This probably will require a significant evolution from the existing Internet routing architecture. (NB: The term "mobility" as used here is not limited to mobile telephones, but instead is very broadly defined, including laptops that people carry, cars/trains/aircraft, and so forth.)
虽然DARPA赞助的一些最早的网络研究涉及分组无线电网络,但移动路由[IM1993]和移动自组织路由[RFC-2501]在互联网上相对较新,尚未广泛部署。在这两个领域,目前的方法都不是最后的决定。我们认为,需要对移动主机和移动网络的路由支持进行更多的研究。对于adhoc移动主机和移动网络的额外研究也是值得的。理想情况下,移动路由和移动自组织路由功能应该是Internet路由架构的固有功能。这可能需要对现有的Internet路由架构进行重大改进。(注意:此处使用的术语“移动性”不限于移动电话,而是定义非常广泛,包括人们携带的笔记本电脑、汽车/火车/飞机等。)
Included in this topic are a wide variety of issues. The more distributed and dynamic nature of partially or completely self-organizing routing systems (including the associated end nodes) creates unique security challenges (especially relating to Authorization, Authentication, and Accounting, and relating to key management). Scalability of wireless networks can be difficult to measure or to achieve. Enforced hierarchy is one approach, but can be very limiting. Alternative, less constraining approaches to wireless scalability are desired. Because wireless link-layer protocols usually have some knowledge of current link characteristics such as link quality, sublayer congestion conditions, or transient channel behavior, it is desirable to find ways to let network-layer routing use such data. This raises architectural questions of what the proper layering should be, which functions should be in which layer, and also practical considerations of how and when such information sharing should occur in real implementations.
本主题包括各种各样的问题。部分或完全自组织路由系统(包括相关的终端节点)更具分布性和动态性,这就产生了独特的安全挑战(特别是与授权、身份验证和记帐以及密钥管理相关)。无线网络的可伸缩性可能难以测量或实现。强制层次结构是一种方法,但可能非常有限。另外,还需要一种限制较少的无线可伸缩性方法。由于无线链路层协议通常对当前链路特性(如链路质量、子层拥塞条件或瞬时信道行为)有一些了解,因此需要找到方法让网络层路由使用这些数据。这就提出了体系结构问题,即适当的分层应该是什么,哪些功能应该在哪一层中,以及在实际实现中如何以及何时进行此类信息共享的实际考虑。
The Internet has a reputation for not having sufficient security. In fact, the Internet has a number of security mechanisms standardized, some of which are widely deployed. However, there are a number of open research questions relating to Internet security. In particular, security mechanisms need to be incrementally deployable and easy to use. "[Security] technology must be easy to use, or it will not be configured correctly. If mis-configured, security will be lost, but things will `work'" [Schiller03].
互联网因没有足够的安全性而闻名。事实上,互联网有许多标准化的安全机制,其中一些已经广泛部署。然而,还有一些与互联网安全相关的开放性研究问题。特别是,安全机制需要可增量部署且易于使用。“[安全]技术必须易于使用,否则将无法正确配置。如果配置不当,安全性将丢失,但一切都会‘正常’”[Schiller03]。
There is an ongoing need for funding of basic research relating to Internet security, including funding of formal methods research that relates to security algorithms, protocols, and systems.
目前需要资助与互联网安全相关的基础研究,包括资助与安全算法、协议和系统相关的正式方法研究。
For example, it would be beneficial to have more formal study of non-hierarchical trust models (e.g., PGP's Web-of-Trust model). Use of a hierarchical trust model can create significant limitations in how one might approach securing components of the Internet, for example the inter-domain routing system. So research to develop new trust models suited for the Internet or on the applicability of existing non-hierarchical trust models to existing Internet problems would be worthwhile.
例如,对非层级信任模型(例如PGP的信任网模型)进行更正式的研究将是有益的。使用分层信任模型可能会对如何保护Internet组件(例如域间路由系统)造成重大限制。因此,研究开发新的适合互联网的信任模型,或者研究现有的非层次信任模型对现有互联网问题的适用性是值得的。
While there has been some work on the application of formal methods to cryptographic algorithms and cryptographic protocols, existing techniques for formal evaluation of algorithms and protocols lack sufficient automation. This lack of automation means that many protocols aren't formally evaluated in a timely manner. This is problematic for the Internet because formal evaluation has often uncovered serious anomalies in cryptographic protocols. The creation of automated tools for applying formal methods to cryptographic algorithms and/or protocols would be very helpful.
虽然已经有一些关于将形式化方法应用于密码算法和密码协议的工作,但现有的算法和协议形式化评估技术缺乏足够的自动化。缺乏自动化意味着许多协议没有及时进行正式评估。这对于互联网来说是有问题的,因为正式的评估常常发现密码协议中存在严重的异常。创建用于将正式方法应用于加密算法和/或协议的自动化工具将非常有用。
A recurring challenge to the Internet community is how to design, implement, and deploy key management appropriate to the myriad of security contexts existing in the global Internet. Most current work in unicast key management has focused on hierarchical trust models, because much of the existing work has been driven by corporate or military "top-down" operating models.
互联网社区经常面临的一个挑战是如何设计、实施和部署适合全球互联网中存在的无数安全上下文的密钥管理。目前单播密钥管理的大部分工作都集中在分层信任模型上,因为现有的大部分工作都是由公司或军方的“自上而下”操作模型驱动的。
The paucity of key management methods applicable to non-hierarchical trust models (see above) is a significant constraint on the approaches that might be taken to secure components of the Internet.
缺乏适用于非层次信任模型(见上文)的密钥管理方法是对可能采取的保护互联网组件的方法的一个重大限制。
Research focused on removing those constraints by developing practical key management methods applicable to non-hierarchical trust models would be very helpful.
通过开发适用于非层次信任模型的实用密钥管理方法来消除这些约束的研究将非常有用。
Topics worthy of additional research include key management techniques, such as non-hierarchical key management architectures (e.g., to support non-hierarchical trust models; see above), that are useful by ad-hoc groups in mobile networks and/or distributed computing.
值得进一步研究的主题包括密钥管理技术,例如非分层密钥管理体系结构(例如,支持非分层信任模型;见上文),这些技术对于移动网络和/或分布式计算中的特设组非常有用。
Although some progress has been made in recent years, scalable multicast key management is far from being a solved problem. Existing approaches to scalable multicast key management add significant constraints on the problem scope in order to come up with a deployable technical solution. Having a more general approach to scalable multicast key management (i.e., one having broader applicability and fewer constraints) would enhance the Internet's capabilities.
尽管近年来取得了一些进展,但可伸缩组播密钥管理远未成为一个解决的问题。现有的可扩展多播密钥管理方法在问题范围上增加了重大限制,以便提出可部署的技术解决方案。拥有一种更通用的可伸缩多播密钥管理方法(即具有更广泛的适用性和更少的限制)将增强互联网的能力。
In many cases, attribute negotiation is an important capability of a key management protocol. Experience with the Internet Key Exchange (IKE) to date has been that it is unduly complex. Much of IKE's complexity derives from its very general attribute negotiation capabilities. A new key management approach that supported significant attribute negotiation without creating challenging levels of deployment and operations complexity would be helpful.
在许多情况下,属性协商是密钥管理协议的一项重要功能。迄今为止,互联网密钥交换(IKE)的经验是它过于复杂。IKE的复杂性很大程度上源于其非常通用的属性协商功能。一种新的密钥管理方法将很有帮助,它支持重要的属性协商,而不会造成具有挑战性的部署和操作复杂性。
There is an ongoing need to continue the open-world research funding into both cryptography and cryptanalysis. Most governments focus their cryptographic research in the military-sector. While this is understandable, those efforts often have limited (or no) publications in the open literature. Since the Internet engineering community must work from the open literature, it is important that open-world research continues in the future.
目前需要继续向密码学和密码分析领域提供开放世界研究资金。大多数政府将密码研究的重点放在军事部门。虽然这是可以理解的,但这些努力在公开文献中的出版物往往有限(或没有)。由于互联网工程界必须从开放的文献中工作,因此开放世界的研究在未来继续是很重要的。
MIT's Project Athena was an important and broadly successful research project into distributed computing. Project Athena developed the Kerberos [RFC-1510] security system, which has significant deployment today in campus environments. However, inter-realm Kerberos is neither as widely deployed nor perceived as widely successful as single-realm Kerberos. The need for scalable inter-domain user authentication is increasingly acute as ad-hoc computing and mobile computing become more widely deployed. Thus, work on scalable mechanisms for mobile, ad-hoc, and non-hierarchical inter-domain authentication would be very helpful.
麻省理工学院的雅典娜项目是分布式计算领域一个重要且广泛成功的研究项目。雅典娜项目开发了Kerberos[RFC-1510]安全系统,该系统目前在校园环境中有着重要的部署。然而,域间Kerberos的部署和成功率都不如单域Kerberos。随着adhoc计算和移动计算的广泛部署,对可扩展域间用户身份验证的需求越来越迫切。因此,研究用于移动、自组织和非分层域间认证的可伸缩机制将非常有帮助。
Lots of work has been done on theoretically perfect security that is impossible to deploy. Unfortunately, the S-BGP proposal is an example of a good research product that has significant unresolved deployment challenges. It is far from obvious how one could widely deploy S-BGP without previously deploying a large-scale inter-domain public-key infrastructure and also centralizing route advertisement
在理论上完美的安全性方面已经做了大量工作,但这是不可能部署的。不幸的是,S-BGP提案是一个具有重大未解决部署挑战的优秀研究产品的例子。如何在不部署大规模域间公钥基础设施的情况下广泛部署S-BGP,以及如何集中路由广告,这一点还很不明显
policy enforcement in the Routing Information Registries or some similar body. Historically, public-key infrastructures have been either very difficult or impossible to deploy at large scale. Security mechanisms that need additional infrastructure have not been deployed well. We desperately need security that is general, easy to install, and easy to manage.
路由信息注册中心或类似机构中的策略实施。从历史上看,公钥基础设施很难或不可能大规模部署。需要额外基础设施的安全机制没有得到很好的部署。我们迫切需要通用、易于安装和易于管理的安全性。
Historically, the Internet community has mostly ignored pure Denial of Service (DoS) attacks. This was appropriate at one time since such attacks were rare and are hard to defend against. However, one of the recent trends in adversarial software (e.g., viruses, worms) has been the incorporation of features that turn the infected host into a "zombie". Such zombies can be remotely controlled to mount a distributed denial of service attack on some victim machine. In many cases, the authorized operators of systems are not aware that some or all of their systems have become zombies. It appears that the presence of non-trivial numbers of zombies in the global Internet is now endemic, which makes distributed denial of service attacks a much larger concern. So Internet threat models need to assume the presence of such zombies in significant numbers. This makes the design of protocols resilient in the presence of distributed denial of service attacks very important to the health of the Internet. Some work has been done on this front [Savage00], [MBFIPS01], but more is needed.
从历史上看,互联网社区大多忽略了纯粹的拒绝服务(DoS)攻击。这在某个时候是恰当的,因为此类攻击非常罕见,很难防范。然而,对抗性软件(如病毒、蠕虫)的最新趋势之一是加入了将受感染主机变成“僵尸”的功能。这样的僵尸可以被远程控制,在一些受害者机器上发起分布式拒绝服务攻击。在许多情况下,系统的授权运营商并不知道他们的部分或全部系统已经变成僵尸。看来,全球互联网上大量僵尸的存在现在已经成为一种流行病,这使得分布式拒绝服务攻击成为一个更大的问题。因此,互联网威胁模型需要假设大量僵尸的存在。这使得协议的设计在分布式拒绝服务攻击的情况下具有弹性,这对互联网的健康非常重要。在这方面已经做了一些工作[Savage00],[MBFIPS01],但还需要更多的工作。
The Internet had early success in network device monitoring with the Simple Network Management Protocol (SNMP) and its associated Management Information Base (MIB). There has been comparatively less success in managing networks, in contrast to the monitoring of individual devices. Furthermore, there are a number of operator requirements not well supported by the current Internet management framework. It is desirable to enhance the current Internet network management architecture to more fully support operational needs.
互联网通过简单网络管理协议(SNMP)及其相关管理信息库(MIB)在网络设备监控方面取得了早期成功。与监控单个设备相比,管理网络的成功率相对较低。此外,目前的互联网管理框架没有很好地支持许多运营商要求。希望增强当前的互联网网络管理架构,以更充分地支持运营需求。
Unfortunately, network management research has historically been very underfunded. Operators have complained that existing solutions are inadequate. Research is needed to find better solutions.
不幸的是,网络管理研究历来资金不足。运营商抱怨现有解决方案不足。需要进行研究以找到更好的解决方案。
At present there are few or no good tools for managing a whole network instead of isolated devices. For example, the lack of appropriate network management tools has been cited as one of the major barriers to the widespread deployment of IP multicast [Diot00,
目前,很少或没有好的工具来管理整个网络,而不是孤立的设备。例如,缺乏适当的网络管理工具被认为是广泛部署IP多播的主要障碍之一[Diot00,
SM03]. Current network management protocols, such as the Simple Network Management Protocol (SNMP), are fine for reading status of well-defined objects from individual boxes. Managing networks instead of isolated devices requires the ability to view the network as a large distributed system. Research is needed on scalable distributed data aggregation mechanisms, scalable distributed event correlation mechanisms, and distributed and dependable control mechanisms.
SM03]。当前的网络管理协议,如简单网络管理协议(SNMP),可以从各个框中读取定义良好的对象的状态。管理网络而不是孤立的设备需要能够将网络视为大型分布式系统。需要研究可伸缩的分布式数据聚合机制、可伸缩的分布式事件关联机制以及分布式和可靠的控制机制。
Applied research into methods of managing sets of networked devices seems worthwhile. Ideally, such a management approach would support distributed management, rather than being strictly centralized.
对网络设备管理方法的应用研究似乎是值得的。理想情况下,这种管理方法将支持分布式管理,而不是严格集中。
SNMP does not always scale well to monitoring large numbers of objects in many devices in different parts of the network. An alternative approach worth exploring is how to provide scalable and distributed monitoring, not on individual devices, but instead on groups of devices and the network-as-a-whole. This requires scalable techniques for data aggregation and event correlation of network status data originating from numerous locations in the network.
SNMP并不总是能够很好地扩展到监视网络不同部分的许多设备中的大量对象。值得探索的另一种方法是如何提供可伸缩的分布式监控,而不是在单个设备上,而是在设备组和整个网络上。这就需要可扩展的技术来对源自网络中多个位置的网络状态数据进行数据聚合和事件关联。
An open issue related to network management is helping users and others to identify and resolve problems in the network. If a user can't access a web page, it would be useful if the user could find out, easily, without having to run ping and traceroute, whether the problem was that the web server was down, that the network was partitioned due to a link failure, that there was heavy congestion along the path, that the DNS name couldn't be resolved, that the firewall prohibited the access, or that some other specific event occurred.
与网络管理相关的一个公开问题是帮助用户和其他人识别和解决网络中的问题。如果用户无法访问网页,那么如果用户能够在不必运行ping和traceroute的情况下轻松发现问题是否是web服务器停机、网络因链接故障而被分区、路径上存在严重拥塞、DNS名称无法解析,这将非常有用,防火墙禁止访问,或发生其他特定事件。
More research is needed to improve the degree of automation achieved by network management systems and to localize management. Autonomous network management might involve the application of control theory, artificial intelligence or expert system technologies to network management problems.
需要进行更多的研究,以提高网络管理系统实现的自动化程度,并使管理本地化。自主网络管理可能涉及应用控制理论、人工智能或专家系统技术解决网络管理问题。
There has been an intensive body of research and development work on adding QoS to the Internet architecture for more than ten years now [RFC-1633, RFC-2474, RFC-3260, RFC-2205, RFC-2210], yet we still
十多年来,在为互联网体系结构添加QoS方面已经有大量的研究和开发工作[RFC-1633、RFC-2474、RFC-3260、RFC-2205、RFC-2210],但我们仍然
don't have end-to-end QoS in the Internet [RFC-2990, RFC-3387]. The IETF is good at defining individual QoS mechanisms, but poor at work on deployable QoS architectures. Thus, while Differentiated Services (DiffServ) mechanisms have been standardized as per-hop behaviors, there is still much to be learned about the deployment of that or other QoS mechanisms for end-to-end QoS. In addition to work on purely technical issues, this includes close attention to the economic models and deployment strategies that would enable an increased deployment of QoS in the network.
互联网上没有端到端的QoS[RFC-2990,RFC-3387]。IETF擅长定义单独的QoS机制,但在可部署的QoS体系结构方面表现不佳。因此,尽管区分服务(Differentied Services,DiffServ)机制已经按照每跳行为进行了标准化,但对于端到端QoS的该或其他QoS机制的部署,仍有许多需要了解的地方。除了纯技术问题的工作外,这还包括密切关注经济模型和部署策略,以提高网络中QoS的部署。
In many cases, deployment of QoS mechanisms would significantly increase operational security risks [RFC-2990], so any new research on QoS mechanisms or architectures ought to specifically discuss the potential security issues associated with the new proposal(s) and how to mitigate those security issues.
在许多情况下,QoS机制的部署将显著增加运营安全风险[RFC-2990],因此任何关于QoS机制或体系结构的新研究都应该专门讨论与新提案相关的潜在安全问题以及如何缓解这些安全问题。
In some cases, the demand for QoS mechanisms has been diminished by the development of more resilient voice/video coding techniques that are better suited for the best-effort Internet than the older coding techniques that were originally designed for circuit-switched networks.
在某些情况下,对QoS机制的需求由于开发了比最初为电路交换网络设计的旧编码技术更适合尽力而为互联网的更具弹性的语音/视频编码技术而减少。
One of the factors that has blunted the demand for QoS has been the transition of the Internet infrastructure from heavy congestion in the early 1990s, to overprovisioning in backbones and in many international links now. Thus, research in QoS mechanisms also has to include some careful attention to the relative costs and benefits of QoS in different places in the network. Applied research into QoS should include explicit consideration of economic issues of deploying and operating a QoS-enabled IP network [Clark02].
阻碍QoS需求的因素之一是互联网基础设施从20世纪90年代初的严重拥塞过渡到现在主干网和许多国际链路的过度提供。因此,对QoS机制的研究还必须包括对网络中不同位置的QoS的相对成本和收益的仔细关注。对QoS的应用研究应包括明确考虑部署和运行支持QoS的IP网络的经济问题[Clark02]。
Typically, a router in the deployed inter-domain Internet provides best-effort forwarding of IP packets, without regard for whether the source or destination of the packet is a direct customer of the operator of the router. This property is a significant contributor to the current scalability of the global Internet and contributes to the difficulty of deploying inter-domain Quality of Service (QoS) mechanisms.
通常,部署的域间因特网中的路由器提供IP分组的最大努力转发,而不考虑分组的源或目的地是否是路由器的运营商的直接客户。这一特性对当前全球互联网的可伸缩性起到了重要的作用,并增加了部署域间服务质量(QoS)机制的难度。
Deploying existing Quality-of-Service (QoS) mechanisms, for example Differentiated Services or Integrated Services, across an inter-domain boundary creates a significant and easily exploited denial-of-service vulnerability for any network that provides inter-domain QoS support. This has caused network operators to refrain from supporting inter-domain QoS. The Internet would benefit from
跨域边界部署现有的服务质量(QoS)机制(例如差异化服务或集成服务)会为任何提供域间QoS支持的网络创建一个重要且易于利用的拒绝服务漏洞。这导致网络运营商不支持域间QoS。互联网将从中受益
additional research into alternative approaches to QoS, particularly into approaches that do not create such vulnerabilities and can be deployed end-to-end [RFC-2990].
对QoS替代方法的进一步研究,特别是对不会产生此类漏洞且可端到端部署的方法的研究[RFC-2990]。
Also, current business models are not consistent with inter-domain QoS, in large part because it is impractical or impossible to authenticate the identity of the sender of would-be preferred traffic while still forwarding traffic at line-rate. Absent such an ability, it is unclear how a network operator could bill or otherwise recover costs associated with providing that preferred service. So any new work on inter-domain QoS mechanisms and architectures needs to carefully consider the economic and security implications of such proposals.
此外,当前的业务模型与域间QoS不一致,这在很大程度上是因为在仍然以线路速率转发流量的情况下,验证潜在首选流量的发送者的身份是不切实际的或不可能的。如果没有这样的能力,网络运营商如何支付或以其他方式收回与提供首选服务相关的成本尚不清楚。因此,域间QoS机制和体系结构的任何新工作都需要仔细考虑这些提议的经济和安全含义。
The overall Quality-of-Service for traffic is in part determined by the scheduling and queue management mechanisms at the routers. While there are a number of existing mechanisms (e.g., RED) that work well, it is possible that improved active queuing strategies might be devised. Mechanisms that lowered the implementation cost in IP routers might help increase deployment of active queue management, for example.
流量的整体服务质量部分由路由器上的调度和队列管理机制决定。虽然有许多现有机制(如RED)工作良好,但也有可能设计出改进的主动排队策略。例如,降低IP路由器实现成本的机制可能有助于增加主动队列管理的部署。
3.7. Congestion Control.
3.7. 拥塞控制。
TCP's congestion avoidance and control mechanisms, from 1988 [Jacobson88], have been a key factor in maintaining the stability of the Internet, and are used by the bulk of the Internet's traffic. However, the congestion control mechanisms of the Internet need to be expanded and modified to meet a wide range of new requirements, from new applications such as streaming media and multicast to new environments such as wireless networks or very high bandwidth paths, and new requirements for minimizing queueing delay. While there are significant bodies of work in several of these issues, considerably more needs to be done.
从1988年开始[Jacobson88],TCP的拥塞避免和控制机制一直是保持互联网稳定性的关键因素,并被互联网的大部分流量所使用。然而,互联网的拥塞控制机制需要扩展和修改,以满足广泛的新要求,从流媒体和多播等新应用到无线网络或超高带宽路径等新环境,以及最小化排队延迟的新要求。虽然在其中几个问题上有大量的工作,但还需要做更多的工作。
We would note that research on TCP congestion control is also not yet "done", with much still to be accomplished in high-speed TCP, or in adding robust performance over paths with significant reordering, intermittent connectivity, non-congestive packet loss, and the like.
我们会注意到,关于TCP拥塞控制的研究还没有“完成”,在高速TCP方面,或者在具有显著重排序、间歇性连接、非拥塞性数据包丢失等的路径上增加鲁棒性能方面,还有很多工作要做。
Several of these issues bring up difficult fundamental questions about the potential costs and benefits of increased communication between layers. Would it help transport to receive hints or other information from routing, from link layers, or from other transport-level connections? If so, what would be the cost to robust operation across diverse environments?
其中一些问题提出了关于增加层间通信的潜在成本和收益的困难的基本问题。从路由、链路层或其他传输级连接接收提示或其他信息是否有助于传输?如果是这样,跨不同环境进行稳健运营的成本是多少?
For congestion control mechanisms in routers, active queue management and Explicit Congestion Notification are generally not yet deployed, and there are a range of proposals, in various states of maturity, in this area. At the same time, there is a great deal that we still do not understand about the interactions of queue management mechanisms with other factors in the network. Router-based congestion control mechanisms are also needed for detecting and responding to aggregate congestion such as in Distributed Denial of Service attacks and flash crowds.
对于路由器中的拥塞控制机制,通常还没有部署主动队列管理和显式拥塞通知,在不同的成熟状态下,这方面有一系列的建议。同时,对于队列管理机制与网络中其他因素的相互作用,我们仍然有很多不了解的地方。还需要基于路由器的拥塞控制机制来检测和响应聚合拥塞,例如在分布式拒绝服务攻击和flash群组中。
As more applications have the need to transfer very large files over high delay-bandwidth-product paths, the stresses on current congestion control mechanisms raise the question of whether we need more fine-grained feedback from routers. This includes the challenge of allowing connections to avoid the delays of slow-start, and to rapidly make use of newly-available bandwidth. On a more general level, we don't understand the potential and limitations for best-effort traffic over high delay-bandwidth-product paths, given the current feedback from routers, or the range of possibilities for more explicit feedback from routers.
随着越来越多的应用程序需要通过高延迟带宽乘积路径传输非常大的文件,当前拥塞控制机制的压力引发了一个问题,即我们是否需要路由器提供更细粒度的反馈。这包括允许连接避免慢启动延迟以及快速利用新可用带宽的挑战。在更一般的层面上,我们不了解在高延迟带宽乘积路径上的尽力而为流量的潜力和局限性,考虑到来自路由器的当前反馈,或者来自路由器的更明确反馈的可能性范围。
There is also a need for long-term research in congestion control that is separate from specific functional requirements like the ones listed above. We know very little about congestion control dynamics or traffic dynamics of a large, complex network like the global Internet, with its heterogeneous and changing traffic mixes, link-level technologies, network protocols and router mechanisms, patterns of congestion, pricing models, and the like. Expanding our knowledge in this area seems likely to require a rich mix of measurement, analysis, simulations, and experimentation.
此外,还需要对拥塞控制进行长期研究,这与上面列出的特定功能需求是分开的。我们对诸如全球互联网这样的大型复杂网络的拥塞控制动态或流量动态知之甚少,其具有异构和不断变化的流量混合、链路级技术、网络协议和路由器机制、拥塞模式、定价模型等。扩展我们在这一领域的知识似乎需要大量的测量、分析、模拟和实验。
The evolution of the Internet infrastructure has been frustratingly slow and difficult, with long stories about the difficulties in adding IPv6, QoS, multicast, and other functionality to the Internet. We need a more scientific understanding of the evolutionary potentials and evolutionary difficulties of the Internet infrastructure.
互联网基础设施的发展速度之慢令人沮丧,难度之大令人沮丧,关于在互联网上添加IPv6、QoS、多播和其他功能的困难的故事由来已久。我们需要更科学地理解互联网基础设施的进化潜力和进化困难。
This evolutionary potential is affected not only by the technical issues of the layered IP architecture, but by other factors as well. These factors include the changes in the environment over time (e.g., the recent overprovisioning of backbones, the deployment of firewalls), and the role of the standardization process. Economic and public policy factors are also critical, including the central fact of the Internet as a decentralized system, with key players being not only individuals, but also ISPs, companies, and entire
这种进化潜力不仅受到分层IP体系结构的技术问题的影响,还受到其他因素的影响。这些因素包括环境随时间的变化(例如,最近主干网的过度配置、防火墙的部署),以及标准化过程的作用。经济和公共政策因素也很关键,包括互联网作为一个分散系统的核心事实,关键参与者不仅是个人,还有互联网服务提供商、公司和整个网络
industries. Deployment issues are also key factors in the evolution of the Internet, including the continual chicken-and-egg problem of having enough customers to merit rolling out a service whose utility depends on the size of the customer base in the first place.
行业。部署问题也是互联网发展的关键因素,包括持续存在的鸡和蛋的问题,即有足够的客户值得推出一项服务,而这项服务的效用首先取决于客户群的规模。
Overlay networks might serve as a transition technology for some new functionality, with an initial deployment in overlay networks, and with the new functionality moving later into the core if it seems warranted.
覆盖网络可以作为一些新功能的过渡技术,在覆盖网络中进行初始部署,如果有必要的话,新功能将在以后进入核心。
There are also increased obstacles to the evolution of the Internet in the form of increased complexity [WD02], unanticipated feature interactions [Kruse00], interactions between layers [CWWS92], interventions by middleboxes [RFC-3424], and the like. Because increasing complexity appears inevitable, research is needed to understand architectural mechanisms that can accommodate increased complexity without decreasing robustness of performance in unknown environments, and without closing off future possibilities for evolution. More concretely, research is needed on how to evolve the Internet will still maintaining its core strengths, such as the current degree of global addressability of hosts, end-to-end transparency of packet forwarding, and good performance for best-effort traffic.
互联网发展的障碍也在增加,表现为复杂性增加[WD02]、意外的功能交互[Kruse00]、层间交互[CWWS92]、中间盒干预[RFC-3424]等。由于复杂性的增加似乎是不可避免的,因此需要进行研究,以了解能够适应复杂性增加而不降低未知环境中性能的稳健性,并且不关闭未来进化可能性的体系结构机制。更具体地说,需要研究如何发展互联网,以保持其核心优势,如主机的当前全球可寻址程度、数据包转发的端到端透明度以及尽力而为的流量的良好性能。
Research is needed to address the challenges posed by the wide range of middleboxes [RFC-3234]. This includes issues of security, control, data integrity, and on the general impact of middleboxes on the architecture.
需要进行研究,以应对各种中间盒所带来的挑战[RFC-3234]。这包括安全性、控制、数据完整性以及中间件对体系结构的一般影响等问题。
In many ways middleboxes are a direct outgrowth of commercial interests, but there is a need to look beyond the near-term needs for the technology, to research its broader implications and to explore ways to improve how middleboxes are integrated into the architecture.
在许多方面,中间盒是商业利益的直接产物,但有必要超越对该技术的短期需求,研究其更广泛的含义,并探索改进如何将中间盒集成到架构中的方法。
A recurring challenge is measuring the Internet; there have been many discussions about the need for measurement studies as an integral part of Internet research [Claffy03]. In this discussion, we define measurement quite broadly. For example, there are numerous challenges in measuring performance along any substantial Internet path, particularly when the path crosses administrative domain boundaries. There are also challenges in measuring protocol/application usage on any high-speed Internet link. Many of
一个反复出现的挑战是衡量互联网;关于测量研究作为互联网研究的一个组成部分的必要性,已经有很多讨论[Claffy03]。在本次讨论中,我们对测量的定义相当宽泛。例如,在测量任何实质性互联网路径的性能方面存在许多挑战,特别是当路径跨越管理域边界时。在测量任何高速互联网链路上的协议/应用程序使用情况方面也存在挑战。许多
the problems discussed above would benefit from increased frequency of measurement as well as improved quality of measurement on the deployed Internet.
以上讨论的问题将受益于在部署的互联网上增加测量频率和提高测量质量。
A key issue in network measurement is that most commercial Internet Service Providers consider the particular characteristics of their production IP network(s) to be trade secrets. Ways need to be found for cooperative measurement studies, e.g., to allow legitimate non-commercial researchers to be able to measure relevant network parameters while also protecting the privacy rights of the measured ISPs.
网络测量中的一个关键问题是,大多数商业互联网服务提供商认为其生产IP网络的特殊特性是商业秘密。需要找到合作测量研究的方法,例如,允许合法的非商业研究人员能够测量相关的网络参数,同时保护被测ISP的隐私权。
Absent measured data, there is possibly an over-reliance on network simulations in some parts of the Internet research community and probably insufficient validation that existing network simulation models are reasonably good representations of the deployed Internet (or of some plausible future Internet) [FK02].
由于缺乏测量数据,互联网研究社区的某些部分可能过度依赖网络模拟,现有网络模拟模型对已部署互联网(或某些看似合理的未来互联网)的合理良好表示的验证可能不足[FK02]。
Without solid measurement of the current Internet behavior, it is very difficult to know what otherwise unknown operational problems exist that require attention, and it is equally difficult to fully understand the impact of changes (past or future) upon the Internet's actual behavioral characteristics.
如果没有对当前互联网行为的可靠测量,就很难知道存在哪些需要关注的未知操作问题,也很难完全理解变化(过去或未来)对互联网实际行为特征的影响。
Research is needed on a wide range of issues related to Internet applications.
需要对与互联网应用相关的广泛问题进行研究。
Taking email as one example application, research is needed on understanding the spam problem, and on investigating tools and techniques to mitigate the effects of spam, including tools and techniques that aid the implementation of legal and other non-technical anti-spam measures [ASRG]. "Spam" is a generic term for a range of significantly different types of unwanted bulk email, with many types of senders, content and traffic-generating techniques. As one part of controlling spam, we need to develop a much better understanding of its many, different characteristics and their interactions with each other.
以电子邮件为例,需要研究如何理解垃圾邮件问题,以及如何调查减轻垃圾邮件影响的工具和技术,包括帮助实施法律和其他非技术性反垃圾邮件措施的工具和技术[ASRG]。“垃圾邮件”是一个通用术语,指一系列明显不同类型的不需要的批量电子邮件,包括许多类型的发件人、内容和流量生成技术。作为控制垃圾邮件的一部分,我们需要更好地了解其许多不同的特征及其相互作用。
As network size, link bandwidth, CPU capacity, and the number of users all increase, research will be needed to ensure that the Internet of the future scales to meet these increasing demands. We have discussed some of these scaling issues in specific sections above.
随着网络规模、链路带宽、CPU容量和用户数量的增加,需要进行研究,以确保未来的互联网能够满足这些日益增长的需求。我们在上面的特定章节中讨论了其中一些缩放问题。
However, for all of the research questions discussed in this document, the goal of the research must be not only to meet the challenges already experienced today, but also to meet the challenges that can be expected to emerge in the future.
然而,对于本文件中讨论的所有研究问题,研究的目标必须不仅是迎接今天已经经历的挑战,而且还要迎接未来可能出现的挑战。
U.S.'s DARPA has historically funded development of freely distributable implementations of various Internet technologies (e.g., TCP/IPv4, RSVP, IPv6, and IP security) in a variety of operating systems (e.g., 4.2 BSD, 4.3 BSD, 4.4 BSD, Tenex). Experience has shown that a good way to speed deployment of a new technology is to provide an unencumbered, freely-distributable prototype that can be incorporated into commercial products as well as non-commercial prototypes. Japan's WIDE Project has also funded some such work, primarily focused on IPv6 implementation for 4.4 BSD and Linux. [WIDE] We believe that applied research projects in networking will have an increased probability of success if the research project teams make their resulting software implementations freely available for both commercial and non-commercial uses. Examples of successes here include the DARPA funding of TCP/IPv4 integration into the 4.x BSD operating system [MBKQ96], DARPA/USN funding of ESP/AH design and integration into 4.4 BSD [Atk96], as well as separate DARPA/USN and WIDE funding of freely distributable IPv6 prototypes [Atk96, WIDE].
美国国防高级研究计划局历来资助在各种操作系统(如4.2 BSD、4.3 BSD、4.4 BSD、Tenex)中开发各种互联网技术(如TCP/IPv4、RSVP、IPv6和IP安全)的可自由分发实施。经验表明,加速新技术部署的一个好方法是提供一个无障碍、可自由分发的原型,该原型可以集成到商业产品和非商业原型中。日本的WIDE项目也资助了一些这样的工作,主要集中在4.4 BSD和Linux的IPv6实现上。[WIDE]我们相信,如果研究项目团队将其产生的软件实现免费提供给商业和非商业用途,那么网络应用研究项目的成功概率将增加。这里的成功例子包括DARPA资助TCP/IPv4集成到4.x BSD操作系统[MBKQ96],DARPA/USN资助ESP/AH设计和集成到4.4 BSD[Atk96],以及单独的DARPA/USN和广泛资助可自由分发的IPv6原型[Atk96,WIDE]。
This document has summarized the history of research funding for the Internet and highlighted examples of open research questions. The IAB believes that more research is required to further the evolution of the Internet infrastructure, and that consistent, sufficient non-commercial funding is needed to enable such research.
本文件总结了互联网研究资助的历史,并突出了开放性研究问题的例子。IAB认为,需要更多的研究来推动互联网基础设施的发展,并且需要持续、充足的非商业资金来支持此类研究。
In case there is any confusion, in this document we are not suggesting any direct or indirect role for the IAB, the IETF, or the IRTF in handling any funding for Internet research.
如果有任何混淆,在本文件中,我们不建议IAB、IETF或IRTF在处理任何互联网研究资金方面发挥任何直接或间接作用。
The people who directly contributed to this document in some form include the following: Ran Atkinson, Guy Almes, Rob Austein, Vint Cerf, Jon Crowcroft, Sally Floyd, James Kempf, Joe Macker, Craig Partridge, Vern Paxson, Juergen Schoenwaelder, and Mike St. Johns.
以某种形式直接对本文件作出贡献的人包括:冉·阿特金森、盖·阿尔姆斯、罗伯·奥斯汀、温特·瑟夫、乔恩·克罗夫特、萨利·弗洛伊德、詹姆斯·坎普夫、乔·麦克尔、克雷格·帕特里奇、弗恩·帕克森、尤尔根·舍恩瓦尔德和迈克·圣约翰。
We are also grateful to Kim Claffy, Dave Crocker, Michael Eder, Eric Fleischman, Andrei Gurtov, Stephen Kent, J.P. Martin-Flatin, and Hilarie Orman for feedback on earlier drafts of this document.
我们还感谢Kim Claffy、Dave Crocker、Michael Eder、Eric Fleischman、Andrei Gurtov、Stephen Kent、J.P.Martin Flatin和Hilarie Orman对本文件早期草稿的反馈。
We have also drawn from the following reports: [CIPB02,IST02,NV02,NSF02,NSF03,NSF03a].
我们还从以下报告中得出:[CIPB02、IST02、NV02、NSF02、NSF03、NSF03a]。
This document does not itself create any new security issues for the Internet community. Security issues within the Internet Architecture primarily are discussed in Section 3.4 above.
本文件本身不会给互联网社区带来任何新的安全问题。互联网架构内的安全问题主要在上文第3.4节中讨论。
[ASRG] Anti-Spam Research Group (ASRG) of the IRTF. URL "http://asrg.sp.am/".
[ASRG]IRTF的反垃圾邮件研究小组(ASRG)。URL“http://asrg.sp.am/".
[Atk96] R. Atkinson et al., "Implementation of IPv6 in 4.4 BSD", Proceedings of USENIX 1996 Annual Technical Conference, USENIX Association, Berkeley, CA, USA. January 1996. URL http://www.chacs.itd.nrl.navy.mil/publications/CHACS/ 1996/1996atkinson-USENIX.pdf
[Atk96]R.Atkinson等人,“在4.4 BSD中实现IPv6”,USENIX 1996年年度技术会议记录,USENIX协会,加州伯克利,美国,1996年1月。统一资源定位地址http://www.chacs.itd.nrl.navy.mil/publications/CHACS/ 1996/1996atkinson-USENIX.pdf
[Bellman1957] R.E. Bellman, "Dynamic Programming", Princeton University Press, Princeton, NJ, 1957.
[Bellman 1957]R.E.Bellman,“动态规划”,普林斯顿大学出版社,新泽西州普林斯顿,1957年。
[Claffy03] K. Claffy, "Priorities and Challenges in Internet Measurement, Simulation, and Analysis", Large Scale Network meeting, (US) National Science Foundation, Arlington, VA, USA. 10 June 2003. URL "http://www.caida.org/outreach/ presentations/2003/lsn20030610/".
[ CuleF03] K Calffy,“互联网测量、模拟和分析的优先和挑战”,大规模网络会议,(美国)国家科学基金会,阿灵顿,VA,美国。2003年6月10日。URL“http://www.caida.org/outreach/ 演示文稿/2003/lsn20030610/”。
[Claffy03a] K. Claffy, "Top Problems of the Internet and What Sysadmins and Researchers Can Do To Help", plenary talk at LISA'03, October 2003. URL "http://www.caida.org/outreach/presentations/ 2003/netproblems_lisa03/".
[Claffy03a]K.Claffy,“互联网的首要问题以及系统管理员和研究人员可以做些什么来提供帮助”,2003年10月在LISA'03的全体会议上发表的演讲。URL“http://www.caida.org/outreach/presentations/ 2003/netproblems_lisa03/”。
[Clark02] D. D. Clark, "Deploying the Internet - why does it take so long and, can research help?", Large-Scale Networking Distinguished Lecture Series, (U.S.) National Science Foundation, Arlington, VA, 8 January 2002. URL: http://www.ngi-supernet.org/conferences.html
克拉克博士,“部署互联网——为什么要花这么长时间,可以研究帮助?”,大规模网络杰出讲座系列,(美国)国家科学基金会,阿灵顿,VA,2002年1月8日。网址:http://www.ngi-supernet.org/conferences.html
[CSTB99] Computer Science and Telecommunications Board, (U.S.) National Research Council, "Funding a Revolution: Government Support for Computing Research", National Academy Press, Washington, DC, 1999. URL "http://www7.nationalacademies.org/cstb/ pub_revolution.html".
[CSTB99]计算机科学和电信委员会,(美国)国家研究委员会,“资助革命:政府支持计算机研究”,国家科学院出版社,华盛顿特区,1999年。URL“http://www7.nationalacademies.org/cstb/ pub_revolution.html”。
[CIPB02] Critical Infrastructure Protection Board, "National Strategy to Secure Cyberspace", The White House, Washington, DC, USA. September 2002, URL "http://www.whitehouse.gov/pcipb".
[CIPB02]关键基础设施保护委员会,“确保网络空间安全的国家战略”,白宫,华盛顿特区,美国,2002年9月,网址“http://www.whitehouse.gov/pcipb".
[CWWS92] J. Crowcroft, I. Wakeman, Z. Wang, and D. Sirovica, "Is Layering Harmful?", IEEE Networks, Vol. 6, Issue 1, pp 20-24, January 1992.
[CWWS92]J.Crowcroft,I.Wakeman,Z.Wang和D.Sirovica,“分层有害吗?”,IEEE网络,第6卷,第1期,第20-24页,1992年1月。
[Diot00] C. Diot, et al., "Deployment Issues for the IP Multicast Service and Architecture", IEEE Network, January/February 2000.
[Diot00]C.Diot等人,“IP多播服务和体系结构的部署问题”,IEEE网络,2000年1月/2月。
[Deering1988] S. Deering, "Multicast Routing in Internetworks and LANs", ACM Computer Communications Review, Volume 18, Issue 4, August 1988.
[Deering1988]S.Deering,“互联网和局域网中的多播路由”,ACM计算机通信评论,第18卷,第4期,1988年8月。
[Dijkstra59] E. Dijkstra, "A Note on Two Problems in Connexion with Graphs", Numerische Mathematik, 1, 1959, pp.269-271.
[Dijkstra59]E.Dijkstra,“关于与图有关的两个问题的注记”,Numerische Mathematik,1959年第1期,第269-271页。
[FF1962] L. R. Ford Jr. and D.R. Fulkerson, "Flows in Networks", Princeton University Press, Princeton, NJ, 1962.
[FF1962]小L.R.福特和D.R.富尔克森,“网络中的流量”,普林斯顿大学出版社,普林斯顿,新泽西州,1962年。
[FK02] S. Floyd and E. Kohler, "Internet Research Needs Better Models", Proceedings of 1st Workshop on Hot Topics in Networks (Hotnets-I), Princeton, NJ, USA. October 2002. URL "http://www.icir.org/models/bettermodels.html".
[FK02]S.Floyd和E.Kohler,“互联网研究需要更好的模型”,网络热点问题第一次研讨会论文集(Hotnets-I),美国新泽西州普林斯顿,2002年10月。URL“http://www.icir.org/models/bettermodels.html".
[IM1993] J. Ioannidis and G. Maguire Jr., "The Design and Implementation of a Mobile Internetworking Architecture", Proceedings of the Winter USENIX Technical Conference, pages 489-500, Berkeley, CA, USA, January 1993.
[IM1993]J.Ioannidis和G.Maguire Jr.,“移动互联网体系结构的设计和实施”,Winter USENIX技术会议记录,第489-500页,加利福尼亚州伯克利,美国,1993年1月。
[IST02] Research Networking in Europe - Striving for Global Leadership, Information Society Technologies, 2002. URL "http://www.cordis.lu/ist/rn/rn-brochure.htm".
[IST02]欧洲研究网络——争取全球领先地位,信息社会技术,2002年。URL“http://www.cordis.lu/ist/rn/rn-brochure.htm".
[Jacobson88] Van Jacobson, "Congestion Avoidance and Control", Proceedings of ACM SIGCOMM 1988 Symposium, ACM SIGCOMM, Stanford, CA, August 1988. URL "http://citeseer.nj.nec.com/jacobson88congestion.html".
[Jacobson88]Van Jacobson,“拥塞避免和控制”,ACM SIGCOMM 1988年研讨会论文集,ACM SIGCOMM,加利福尼亚州斯坦福市,1988年8月。URL“http://citeseer.nj.nec.com/jacobson88congestion.html".
[Jackson02] William Jackson, "U.S. should fund R&D for secure Internet protocols, Clarke says", Government Computer News, 31 October 2002. URL "http://www.gcn.com/vol1_no1/security/20382-1.html".
[Jackson02]William Jackson,“克拉克说,美国应该资助安全互联网协议的研发”,政府计算机新闻,2002年10月31日。URL“http://www.gcn.com/vol1_no1/security/20382-1.html".
[Kruse00] Hans Kruse, "The Pitfalls of Distributed Protocol Development: Unintentional Interactions between Network Operations and Applications Protocols", Proceedings of the 8th International Conference on Telecommunication Systems Design, Nashville, TN, USA, March 2000. URL "http://www.csm.ohiou.edu/kruse/publications/ TSYS2000.pdf".
[Kruse00]Hans Kruse,“分布式协议开发的陷阱:网络操作和应用协议之间的无意交互”,第八届电信系统设计国际会议论文集,美国田纳西州纳什维尔,2000年3月。URL“http://www.csm.ohiou.edu/kruse/publications/ TSYS2000.pdf”。
[KLMS2000] S. Kent, C. Lynn, J. Mikkelson, and K. Seo, "Secure Border Gateway Protocol (S-BGP)", Proceedings of ISOC Network and Distributed Systems Security Symposium, Internet Society, Reston, VA, February 2000.
[KLMS2000]S.Kent,C.Lynn,J.Mikkelson和K.Seo,“安全边界网关协议(S-BGP)”,ISOC网络和分布式系统安全研讨会论文集,互联网协会,弗吉尼亚州雷斯顿,2000年2月。
[LD2002] E. Lear and R. Droms, "What's in a Name: Thoughts from the NSRG", expired Internet-Draft, December 2002.
[LD2002]E.Lear和R.Droms,“名称中的内容:来自NSRG的想法”,已过期的互联网草案,2002年12月。
[MBFIPS01] Ratul Mahajan, Steven M. Bellovin, Sally Floyd, John Ioannidis, Vern Paxson, and Scott Shenker, "Controlling High Bandwidth Aggregates in the Network", ACM Computer Communications Review, Vol. 32, No. 3, July 2002. URL "http://www.icir.org/pushback/".
[MBFIPS01]Ratul Mahajan、Steven M.Bellovin、Sally Floyd、John Ioannidis、Vern Paxson和Scott Shenker,“控制网络中的高带宽聚合”,ACM计算机通信评论,第32卷,第3期,2002年7月。URL“http://www.icir.org/pushback/".
[MBKQ96] M. McKusick, K. Bostic, M. Karels, and J. Quarterman, "Design and Implementation of the 4.4 BSD Operating System", Addison-Wesley, Reading, MA, 1996.
[MBKQ96]M.McKusick、K.Bostic、M.Karels和J.Quartman,“4.4 BSD操作系统的设计和实现”,Addison Wesley,雷丁,马萨诸塞州,1996年。
[MGVK02] Z. Mao, R. Govindan, G. Varghese, & R. Katz, "Route Flap Dampening Exacerbates Internet Routing Convergence", Proceedings of ACM SIGCOMM 2002, ACM, Pittsburgh, PA, USA, August 2002.
[MGVK02]Z.Mao,R.Govindan,G.Varghese和R.Katz,“路由抑制加剧了互联网路由收敛”,ACM SIGCOMM 2002年会议记录,ACM,匹兹堡,宾夕法尼亚州,美国,2002年8月。
[NV02] NetVision 2012 Committee,"DARPA's Ten-Year Strategic Plan for Networking Research", (U.S.) Defense Advanced Research Projects Agency, October 2002. Citation for acknowledgement purposes only.
[NV02]NetVision 2012委员会,“DARPA网络研究十年战略计划”,(美国)国防高级研究计划局,2002年10月。引文仅供确认之用。
[NSF02] NSF Workshop on Network Research Testbeds, National Science Foundation, Directorate for Computer and Information Science & Engineering, Advanced Networking Infrastructure & Research Division, Arlington, VA, USA, October 2002. URL "http://www-net.cs.umass.edu/testbed_workshop/".
[ NSF02 ] NSF网络研究试验台研讨会,国家科学基金会,计算机与信息科学与工程系,高级网络基础设施和研究部,阿灵顿,VA,美国,2002年10月。URL“http://www-net.cs.umass.edu/testbed_workshop/".
[NSF03] NSF ANIR Principal Investigator meeting, National Science Foundation, Arlington, VA, USA. January 9-10, 2003, URL "http://www.ncne.org/training/nsf-pi/2003/nsfpimain.html".
[NSF03] NSF ANIR首席调查员会议,国家科学基金会,阿灵顿,VA,USA.一月9-10,2003,URLhttp://www.ncne.org/training/nsf-pi/2003/nsfpimain.html".
[NSF03a] D. E. Atkins, et al., "Revolutionizing Science and Engineering Through Cyberinfrastructure", Report of NSF Advisory Panel on Cyberinfrastructure, January 2003. URL "http://www.cise.nsf.gov/evnt/reports/ atkins_annc_020303.htm".
[NSF03a]D.E.Atkins等人,“通过网络基础设施革命科学和工程”,NSF网络基础设施咨询小组报告,2003年1月。URL“http://www.cise.nsf.gov/evnt/reports/ atkins_annc_020303.htm”。
[NSF03b] Report of the National Science Foundation Workshop on Fundamental Research in Networking. April 24-25, 2003. URL "http://www.cs.virginia.edu/~jorg/workshop1/NSF-NetWorkshop-2003.pdf".
[NSF03B]国家科学基金会网络基础研究讲习班报告。二○○三年四月二十四日至二十五日。URL“http://www.cs.virginia.edu/~jorg/workshop1/NSF-NetWorkshop-2003.pdf”。
[Floyd] S. Floyd, "Papers about Research Questions for the Internet", web page, ICSI Center for Internet Research (ICIR), Berkeley, CA, 2003 URL "http://www.icir.org/floyd/research_questions.html".
[Floyd]S.Floyd,“关于互联网研究问题的论文”,网页,ICSI互联网研究中心(ICIR),加州伯克利,2003年URL“http://www.icir.org/floyd/research_questions.html".
[RFC-1510] Kohl, J. and C. Neuman, "The Kerberos Network Authentication Service (V5)", RFC 1510, September 1993.
[RFC-1510]Kohl,J.和C.Neuman,“Kerberos网络身份验证服务(V5)”,RFC 1510,1993年9月。
[RFC-1633] Braden, R., Clark, D., and S. Shenker, "Integrated Services in the Internet Architecture: an Overview", RFC 1633, June 1994.
[RFC-1633]Braden,R.,Clark,D.,和S.Shenker,“互联网体系结构中的综合服务:概述”,RFC 1633,1994年6月。
[RFC-2082] Baker, F. and R. Atkinson, "RIP-2 MD5 Authentication", RFC 2082, January 1997.
[RFC-2082]贝克,F.和R.阿特金森,“RIP-2 MD5认证”,RFC 2082,1997年1月。
[RFC-2210] Wroclawski, J., "The Use of RSVP with IETF Integrated Services", RFC 2210, September 1997.
[RFC-2210]Wroclawski,J.,“RSVP与IETF综合服务的使用”,RFC 2210,1997年9月。
[RFC-2154] Murphy, S., Badger, M., and B. Wellington, "OSPF with Digital Signatures", RFC 2154, June 1997.
[RFC-2154]Murphy,S.,Badger,M.,和B.Wellington,“具有数字签名的OSPF”,RFC 2154,1997年6月。
[RFC-2385] Heffernan, A., "Protection of BGP Sessions via the TCP MD5 Signature Option", RFC 2385, August 1998.
[RFC-2385]Heffernan,A.,“通过TCP MD5签名选项保护BGP会话”,RFC 2385,1998年8月。
[RFC-2407] Piper, D., "The Internet IP Security Domain of Interpretation for ISAKMP", RFC 2407, November 1998.
[RFC-2407]Piper,D.,“ISAKMP解释的互联网IP安全域”,RFC 2407,1998年11月。
[RFC-2501] Corson, S. and J. Macker, "Mobile Ad hoc Networking (MANET): Routing Protocol Performance Issues and Evaluation Considerations", RFC 2501, January 1999.
[RFC-2501]Corson,S.和J.Macker,“移动自组网(MANET):路由协议性能问题和评估考虑”,RFC 2501,1999年1月。
[RFC-2990] Huston, G., "Next Steps for the IP QoS Architecture", RFC 2990, November 2000.
[RFC-2990]Huston,G.,“IP QoS架构的下一步”,RFC 2990,2000年11月。
[RFC-3221] Huston, G., "Commentary on Inter-Domain Routing in the Internet", RFC 3221, December 2001.
[RFC-3221]Huston,G.“互联网域间路由评论”,RFC 3221,2001年12月。
[RFC-3234] Carpenter, B. and S. Brim, "Middleboxes: Taxonomy and Issues", RFC 3234, February 2002.
[RFC-3234]Carpenter,B.和S.Brim,“中间盒:分类和问题”,RFC 3234,2002年2月。
[RFC-3424] Daigle, L. and IAB, "IAB Considerations for UNilateral Self-Address Fixing (UNSAF) Across Network Address Translation", RFC 3424, November 2002.
[RFC-3424]Daigle,L.和IAB,“网络地址转换中单边自地址固定(UNSAF)的IAB考虑”,RFC 34242002年11月。
[RFC-3467] Klensin, J., "Role of the Domain Name System (DNS)", RFC 3467, February 2003.
[RFC-3467]Klensin,J.,“域名系统(DNS)的作用”,RFC 3467,2003年2月。
[RFC-3535] Schoenwaelder, J., "Overview of the 2002 IAB Network Management Workshop", RFC 3535, May 2003.
[RFC-3535]Schoenwaeld,J.,“2002年IAB网络管理研讨会概述”,RFC 3535,2003年5月。
[RFC-3387] Eder, M., Chaskar, H., and S. Nag, "Considerations from the Service Management Research Group (SMRG) on Quality of Service (QoS) in the IP Network", RFC 3387, September 2002.
[RFC-3387]Eder,M.,Chaskar,H.,和S.Nag,“服务管理研究小组(SMRG)对IP网络服务质量(QoS)的考虑”,RFC 3387,2002年9月。
[RIPE] RIPE (Reseaux IP Europeens), Amsterdam, NL. URL "http://www.ripe.net/ripe/".
[熟透]熟透(欧洲研究所),荷兰阿姆斯特丹。URL“http://www.ripe.net/ripe/".
[Savage00] Savage, S., Wetherall, D., Karlink, A. R., and Anderson, T., "Practical Network Support for IP Traceback", Proceedings of 2000 ACM SIGCOMM Conference, ACM SIGCOMM, Stockholm, SE, pp. 295-306. August 2000.
[Savage,S.,Wetheral,D.,Karlink,A.R.,和Anderson,T.,“IP回溯的实际网络支持”,2000年ACM SIGCOMM会议记录,ACM SIGCOMM,斯德哥尔摩,东南部,第295-306页。2000年8月。
[Schiller03] J. I. Schiller, "Interception Technology: The Good, The Bad, and The Ugly!", Presentation at 28th NANOG Meeting, North American Network Operators Group (NANOG), Ann Arbor, MI, USA, June 2003. URL "http://www.nanog.org/mtg-0306/schiller.html".
[Schiller03]J.I.Schiller,“拦截技术:好、坏、丑!”,在北美网络运营商集团(NANOG)第28届NANOG会议上的演讲,美国密歇根州安娜堡,2003年6月。URL“http://www.nanog.org/mtg-0306/schiller.html".
[SM03] P. Sharma and R. Malpani, "IP Multicast Operational Network Management: Design, Challenges, and Experiences", IEEE Network, Vol. 17, No. 2, March 2003.
[SM03]P.Sharma和R.Malpani,“IP多播运营网络管理:设计、挑战和经验”,IEEE网络,第17卷,第2期,2003年3月。
[SMA03] N. Spring, R. Mahajan, & T. Anderson, "Quantifying the Causes of Path Inflation", Proceedings of ACM SIGCOMM 2003, ACM, Karlsruhe, Germany, August 2003.
[SMA03]N.Spring,R.Mahajan和T.Anderson,“量化路径通货膨胀的原因”,ACM SIGCOMM 2003年会议记录,ACM,德国卡尔斯鲁厄,2003年8月。
[WD02] Walter Willinger and John Doyle, "Robustness and the Internet: Design and Evolution", Unpublished/Preprint, 1 March 2002, URL "http://netlab.caltech.edu/internet/".
[WD02]Walter Willinger和John Doyle,“稳健性与互联网:设计与进化”,未出版/预印本,2002年3月1日,URL“http://netlab.caltech.edu/internet/".
[WIDE] WIDE Project, Japan. URL "http://www.wide.ad.jp/".
[广角]广角项目,日本。URL“http://www.wide.ad.jp/".
Internet Architecture Board EMail: iab@iab.org
互联网架构委员会电子邮件:iab@iab.org
Internet Architecture Board Members at the time this document was published were:
本文件发布时,互联网体系结构委员会成员为:
Bernard Aboba Harald Alvestrand (IETF chair) Rob Austein Leslie Daigle (IAB chair) Patrik Faltstrom Sally Floyd Mark Handley Bob Hinden Geoff Huston (IAB Executive Director) Jun-ichiro Itojun Hagino Eric Rescorla Pete Resnick Jonathan Rosenberg
Bernard Aboba Harald Alvestrand(IETF主席)Rob Austein Leslie Daigle(IAB主席)Patrik Faltstrom Sally Floyd Mark Handley Bob Hinden Geoff Huston(IAB执行董事)Jun ichiro Itojun Hagino Eric Rescorla Pete Resnick Jonathan Rosenberg
We note that Ran Atkinson, one of the editors of the document, was an IAB member at the time that this document was first created, in November 2002, and that Vern Paxson, the IRTF chair, is an ex-officio member of the IAB.
我们注意到,该文件的编辑之一Ran Atkinson在2002年11月首次创建该文件时是IAB成员,IRTF主席Vern Paxson是IAB的当然成员。
Full Copyright Statement
完整版权声明
Copyright (C) The Internet Society (2004). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.
版权所有(C)互联网协会(2004年)。本文件受BCP 78中包含的权利、许可和限制的约束,除其中规定外,作者保留其所有权利。
This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/S HE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
本文件及其包含的信息是按“原样”提供的,贡献者、其代表或赞助的组织(如有)、互联网协会和互联网工程任务组不承担任何明示或暗示的担保,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。
Intellectual Property
知识产权
The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the IETF's procedures with respect to rights in IETF Documents can be found in BCP 78 and BCP 79.
IETF对可能声称与本文件所述技术的实施或使用有关的任何知识产权或其他权利的有效性或范围,或此类权利下的任何许可可能或可能不可用的程度,不采取任何立场;它也不表示它已作出任何独立努力来确定任何此类权利。有关IETF文件中权利的IETF程序信息,请参见BCP 78和BCP 79。
Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr.
向IETF秘书处披露的知识产权副本和任何许可证保证,或本规范实施者或用户试图获得使用此类专有权利的一般许可证或许可的结果,可从IETF在线知识产权存储库获取,网址为http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org.
IETF邀请任何相关方提请其注意任何版权、专利或专利申请,或其他可能涵盖实施本标准所需技术的专有权利。请将信息发送至IETF的IETF-ipr@ietf.org.
Acknowledgement
确认
Funding for the RFC Editor function is currently provided by the Internet Society.
RFC编辑功能的资金目前由互联网协会提供。