VeriSign CTO Looks at the Future of the Internet
Where does the Internet go from here?
Sitting at the core of the Internet are the root zone DNS servers managed by VeriSign. That positioning gives VeriSign a unique view into the operation of the Internet and where it's likely to go next.
Helping VeriSign to see the future of the Internet is their new CTO Burt Kaliski. Kaliski told InternetNews.com that he is responsible for the long term technology direction at VeriSign and is tasked with understanding how the Internet will change in the years ahead.
"In terms of a technology direction one of the significant questions I'm looking into is the question of Internet resilience," Kaliski said. "
He noted that VeriSign has been operating the DNS registries for .com and .net as well as other top level domains with a record of flawless resolution for 12 years. If the Internet was only the top level registries and the root DNS that VeriSign manages, Kaliski stated that the Internet would be completely resilient.
"But we play one part in the larger ecosystem as we make the connection between names and addresses," Kaliski said.
As a long term technical direction, Kaliski said that he wants to understand what the opportunities are for VeriSign, to help with larger issues of making the full connection from a person or application beyond just names and addresses. He added that VeriSign is already in the process of taking technologies that have been optimized in the naming business, to make them available for enterprises. One example is VeriSign's capabilities for mitigating Denial of Service (DoS) attacks that are now available for enterprise customers.
With the exhaustion of IPv4 address space, a key area for the future of Internet resiliency revolves around IPv6. According to Kaliski, IPv6 provides more addresses for resources on the Internet, which makes it possible to apply policy more precisely.
"When you re-use an address you need other context to be able to determine the characteristics of a device that holds a given address," Kaliski said. "If it's possible to have unique addresses for every device and resource, then the other elements in the system can apply better policy and that will contribute to better resilience."
That said, Kaliski noted that any time there is a major transition in technology there can be a bumpy road. As such, the dual-stack approach for IPv4 and IPv6 is important both from an access and from a security perspective.
Address space isn't the only thing that needs to scale to provide the resilience that the future Internet will require, bandwidth and systems also need to scale.
"As we prepare for the next five to ten years of Internet growth, we're looking at whether specific regions or even organizations within the Internet will be at large enough scale that they will start to fragment and operate semi-independently of the rest of the Internet," Kaliski said. "The principal of the Internet being universal might operate differently in the coming years and we will have to think differently about the protocols and policies that will be applied."
From a VeriSign infrastructure perspective, the company has been involved in a $300 million effort known as Project Apollo to help prepare the Internet for the future. Looking beyond Apollo, Kaliski noted that he's asking his team to look at other areas where they can contribute value to the overall Internet.
VeriSign has already been helping to add value by helping to implement DNSSEC security for DNS infrastructure. The .com domain was root zone of the Internet was signed for DNSSEC in July of 2010.
Kaliski stressed that security is a multi-faceted issue and needs to be looked at holistically. DNSSEC is one part of the equation and help to security the integrity of the DNS information.
"DNSSEC is one of the mechanisms that can be used in order to ensure the integrity of DNS information," Kaliski said. "There are other techniques we use to ensure the integrity of information including authentication and access controls on the originator of the updates to the information."
For Kaliski, there are multiple challenges ahead in his role as CTO at VeriSign. One of the challenges is the fact that in his view there are many opportunities for improvement.It's his task to help successfully identify where VeriSign can make the best contributions. "IT is a transformative factor in the global economy and the measure of success is how much better we've made the overall economy and society better by enabling a connected world," Kaliski said. "At the end of the day, I'll look at what new industries, what better efficiencies and what improvements we've made that are possible by the further development of the Internet, that VeriSign and its partners were able to make possible."