Michael, Since you have "mostly ignored 5G", here are some real money making business enabled by 5G.
https://www.youtube.com/watch?v=herCDIhWUnM https://youtu.be/Gtu11EuCSXw https://www.youtube.com/watch?v=ZNQ4c4xeKEg The business model is no longer the traditional monthly subscribers, but more of the Services oriented business model, enabled by dedicated closed-looped or Non-Public Networks (called by 3GPP). Those Closed-Looped networks or Non-Public Networks, where APN is more likely to be valuable, have different security concern than the public Internet. It is not Netflix sending traffic across the public Internet and requiring subscribers to pay a premium, which has net neutrality and privacy issues. In the Closed Looped Service Network, there is always a Service controller dictating various policies. There are many things that the Network needs to interact with the Service Controller, which is out of the scope of IETF APN. From IETF APN perspective, it needs to achieve optimized forwarding based on the Application characteristics managed by the Application/Service Controller. My two cents. Linda Dunbar -----Original Message----- From: rtgwg <[email protected]> On Behalf Of Michael Richardson Sent: Thursday, May 27, 2021 11:34 AM To: [email protected] Subject: Re: Application-Aware Networking (APN) focused interim On 2021-05-06 6:37 p.m., Jeff Tantsura wrote: > Dear RTGWG, > > We have scheduled Application-Aware Networking (APN) focused interim > (agenda to be published), June 3rd, 2021, 7:00AM PST Hi, I'm glad that we are having this meeting. I saw the APN presentations (in recording) at the SECDISPATCH and SAAG, I think it was. I've been through the documents, and I think that they get lost in the weeds. What is confusing people, particularly security people, is that we simply don't have a model as to how any of this is supposed to work. As someone who has mostly ignored "5G", but who survived the "revolution" that was ATM, then diffserv/diffedge, then the MPLS revolution, I feel justified in ignoring the huge oversell that is 5G. Let me explain why all these things failed to increase operator incomes. (Did they reduce complexity for some entities? Sure. Did it offer new ways of provisioning networks that weren't available before? Sometimes) Lack of financial model. Inherit with this is a TRUST MODEL that includes senders, receivers, requestors and responders. (Senders transmit data. Requestors ask for data to be sent) In my relationship with, for instance, Netflix, I'm: a) the receiver of the data b) the requestor of the data Netflix is: c) the sender of the data d) the responder to my request For the operator to get more revenue from me, I have to have a way to give them more money, or a way for me to indicate to the sender of the data that I requested, a way to give the operator money for new services. (Netflix never pays for the traffic in the end, because I pay them. This is far more obvious if this is e2e game traffic, or webrtc pandemic conference traffic) Most of the security questions about whether the *application* or the *kernel* (of the smartphone), or the Home/LTE/5G router or the 5G tower, etc. is doing some signaling into some 5G thingy... (I'll call it a "VC" in ATM speak, because really, it shows why this is a 25+ year failure) It has all failed due to layer-9 issues. I still can't ask, (during pandemic) for my carrier or ISP to prioritize traffic that *I* care about for an extra fee. Anything that involves the ISP or carrier "guessing" is a fail thanks to 1) invasion or privacy 2) Net Neutrality 3) QUIC <-- largely a response to failures of (1) and (2) Diffserv's "diffedge" (never published as an RFC, alas) got closest to being real. Windows2000 had an API apparently. Specifically, it had a way for an application to ask the kernel for additional services. That failed in the market, because really it had no place to connect to an "operator" ... Fundamentally, this goes back to the fact that we continue to design networks which are either anonymous or stateful. The end-to-end principal says keep the state out of the core, and this keeps winning each time we add a zero to core network speed (now with Gbps at the end). Meanwhile, the telco/mobile space keeps adding more and more state that has to be connected to some identity. (IMEI/SIM/etc.) We need a situation in the middle where the network actually says who it is to the end-systems, and indicates, via authenticated communication between "middle box"en and end system that the middle box exists, and what services it can offer... "for you my friend? special deal!" Said middle boxes are in quote, because they aren't NATs, and they don't throttle or firewall traffic, but they can be taught to remark in various directions. diffedge did this with RSVP, but back in 1998, the secure communication on top of that that is required to establish trust sufficient to enable exchange of currency was just too much for people. I'm writing this now, a week ahead of the virtual interim in the hope that the proponents will go back to their slides and refocus their effort into explaining to the security and routing people what your goals are. _______________________________________________ rtgwg mailing list [email protected] https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Frtgwg&data=04%7C01%7Cldunbar%40futurewei.com%7C80f90ca33f094b190fcd08d921423eab%7C0fee8ff2a3b240189c753a1d5591fedc%7C1%7C1%7C637577390709048952%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=ubk4NU1tIe%2BxtfGh43V3RJ3iYOfKuRmYtoWCuOoHc78%3D&reserved=0 _______________________________________________ rtgwg mailing list [email protected] https://www.ietf.org/mailman/listinfo/rtgwg
