Stefan, This is a really interesting discussion, and probably worthwhile for our perception of where the Internet is headed. But, before we draw too many conclusions, may I ask what constitutes an end-to-end solution in this space, and what does not? I may be dense today, but it isn’t necessarily clear for me. Which ones of the following practices are not end-to-end: * a mirror * a server that implements some (possibly dynamic) rules on what connection attempts are honoured * collaboration between the routing system and servers on controlling dos attacks * a server that has login or captcha procedures, run on the server * a server that login or captcha procedures, but they are implemented on a different entity where traffic is redirected as needed * a server that is duplicated or copied in multiple instances * server(s) residing on an any cast address * arrangements where DNS or other mechanisms are used to distribute requests to the most suitable or geographically local point * a server whose function is distributed to a number of nodes (such as a load balancer in front) * arrangements where the server is run by a contracted party * the concept of a CDN (My quick reaction to all of the above is that these are still arrangements that are in the hands of the party that serves information; the emergence of these practices in the Internet is more about the scale of the services than about inserting NAT- or firewall like other parties on a path. But I could be wrong...) Jari
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail