Disruptive Telephony

At eComm 2011 this year, I spoke on "How IPv6 Will Kill Telecom - And What We Need To Do About It". I enjoyed giving the talk and have received great feedback about the session (including being asked to give a similar session at other conferences). Organizer Lee Dryburgh has now posted the video:

If you are interested in learning more about IPv6, I put together an IPv6 Resource Page over on Voxeo's Speaking of Standards blog. Enjoy!

P.S. And yes, those of you who have seen previous videos of my presentations will note that my running has paid off... :-)

---

If you found this post interesting or useful, please consider either:

• following me on Twitter;
• adding me to a circle on Google+;
• subscribing to my email newsletter; or
• subscribing to the RSS feed

---

As I posted over on the Voxeo Talks blog recently, über-geek Chris Pirillo recently interviewed VoIP industry veteran Jeff Pulver and Voxeo CEO Jonathan Taylor on the topic of the future of real-time communications. It was a wide ranging interview talking about the history of communication apps, how VoIP has evolved, the role of standards, issues around bandwidth caps, the role of individuals and so much more. Chris explained a bit more on his site.. The video is now available on YouTube:

As a producer of video interviews, I was personally intrigued by Chris' use of a Google+ "Hangout" to conduct the interview. I'm going to have to try it at some point.

Enjoy the video!

---

If you found this post interesting or useful, please consider either:

• following me on Twitter;
• adding me to a circle on Google+;
• subscribing to my email newsletter; or
• subscribing to the RSS feed

---

Today Alec Saunders posted a truly brilliant piece: Voice 3.0: The Emergence of the Voice Web. It's a much-needed update to his 2005 "Voice 2.0 Manifesto" and very nicely brings together much of the thinking about telecom today. (And yes, I had a chance to review it and provided feedback before it went live.)

It's brilliant. It's long. You really need to go and read it. It includes many of the themes we'll be talking about next week at eComm. It's right about so many things.

IT'S ALSO VERY WRONG.

The document as written has two big, glaring omissions.

---

Voice Doesn't Matter... As Much

First off... the piece is all about voice. Which is great. But here's a reality check:

People do NOT want to communicate by ONLY voice.

I spend my day communicating with people all over the world... in pretty much constant "real-time" communication. But almost NONE of it is by voice.

Instead it is by IM... by Twitter... by Facebook... by SMS... even by email. All text-based mediums.

No voice.

Now occasionally I do actually speak with someone - and usually get startled when my phone or Skype actually rings. But the majority of my communication happens outside of voice.

I wrote about this evolution of communication four years ago ... and it has only continued to evolve to a situation where voice is only one of the available communication channels... and not even the primary communication channel.

I'd argue this trend is only going to continue. Voxeo commissioned some research by Opus Research a year ago where they surveyed consumer preference. The demographic shift is pretty clear in charts like this one:

Look at the purple bar for consumers aged 45-54 ... then look at the blue bar for consumers aged 18-24.

See the "wave"?

We live in a world of ubiquitous mobility ... a world where we use mobile devices accessing cloud-based services and interacting with social networks and other similar services.

Sometimes by voice.

So to Alec's three "Defining Themes", I would add a fourth theme of Voice 3.0, which is the rise of multi-channel communication and the evolution of voice to "just another channel".

In the new world of communication, it is about:

Enabling customers to connect with you in the channel of their choice.

All that Alec wrote about the other themes of Voice 3.0 will be true ... but merged into a broader context in which voice is simply one of the available communication channels. Alec writes:

The service package will include not just voice, but detailed statistics, group management controls, and more. And it will bristle with API’s that will enable an ecosystem of other players to be built around it.

I would argue that it is better stated:

The service package will include not just voice, but the ability to communicate across a wide variety of channels, supported by detailed statistics, group management controls, and more. And it will bristle with API’s that will enable an ecosystem of other players to be built around it.

Don't get me wrong... I'm not arguing that voice telephony will go away. It will be here with us probably forever. And there are certainly times when we need and want to use voice. But not always - and maybe not primarily.

"Voice 3.0" needs to recognize this evolution.

---

Voice 3.0 Must Be Open

The second omission I see is perhaps more of a philosophical and personal one. I firmly believe that for voice to continue to be relevant and in fact to potentially grow in usage, Voice 3.0 must be based on open standards and not locking people in to specific services or providers.

Alec nails it with regard to the success of the Web (my emphasis added):

The web went from being a hyperlinked text library, to the largest programmable application on the planet, fuelled by open standards, lightweight communications infrastructure, standards which allowed content to be separated from logic and presentation, and an explosion of end-user devices, including today’s mobile devices.

He goes on to say:

Voice is on the cusp of the same revolution – a revolution that will be defined by letting the customer define the business logic of the application, not the service provider.

But then he doesn't quite bring it home. He says later again a similar thread (my emphasis added):

Ultimately, we’ll build systems where communications result in artefacts that can be consumed by services that have not been pre-specified. Think, for example, of the role that RSS played in the syndication of content, and imagine a similar world for voice. Tool chains will be created that will allow people to participate in building these services, and an explosion of new applications to consume these voice artefacts will be built.

The key here is that RSS is an open standard..

Alec in fact concludes with this (again, my emphasis added):

Network effects in the Voice 3.0 world become even more important. Will an open standard emerge? Although many die-hard networking folks would prefer that scenario, it’s hard to say. We may find ourselves in a world where a dominant proprietary player like Skype controls the platform, as a result of winning the race to build thriving developer ecosystems, and the applications that customers use and want.

Perhaps I am just part of the "die-hard networking folks", but I do believe that for voice to truly be integrated with the rest of the Web... for the "Voice Web" to emerge that Alec writes of in his title... for all the amazing new opportunities to emerge and "explode onto the scene"... for all of that to occur, Voice 3.0 needs to be based on open standards.

In fact, I would re-write his "web" paragraph with a voice spin:

Voice went from being an obscure medium locked up in proprietary/legacy telco control, to the largest programmable application on the planet, fueled by open standards, lightweight communications infrastructure, standards which allowed content to be separated from logic and presentation, and an explosion of end-user devices, including today’s mobile devices.

That is Voice 3.0.

And that is the fifth defining theme, being based on open standards that move control to the users and developers instead of the providers.

---

Again, you NEED to read Alec's full Voice 3.0 piece. It's an outstanding piece that is very well done.

Despite what I've written here, I do believe Alec's piece gets it right... subject to my modifications. :-)

And then please add your view on this. Do you agree with me about these additions? Do you think I'm wrong? Please leave comments here - or write your own piece and leave a link here in the comments. Comment on Alec's piece... comment on Twitter or Facebook... talk to us at eComm next week...

Where do you see "Voice 3.0" going?

---

If you found this post interesting or useful, please consider either:

• following me on Twitter;
• subscribing to my email newsletter; or
• subscribing to the RSS feed

---

How does IPv6 impact telecommunications networks? How will IPv6 affect the SIP protocol? If you work in telecom, what should you be aware of with regard to IPv6? With World IPv6 Day only a week away, if you have been wondering about these kind of questions, please feel free to join me live in a free session hosted by the US Telecommunications Association:

IPv6 and Telecom Networks
Thursday, June 2, 2011
1:00pm US Eastern

Registration is free and if you are unable to attend it will be recorded for later viewing. (And if you register now, you'll be notified when the archive is available for viewing.) The description of the session is:

The networks that make up the Internet and IP communications are in the middle of a sea-change with the transition to IPv6. What impact will IPv6 have on telecom and communications networks?

Join USTelecom and Voxeo for a look at the various challenges that telecom and broadband services providers face in keeping their communication services working while transitioning to IPv6.

I'll be explaining briefly why there is all the attention on IPv6 then getting into the basics of IPv6 addressing. After a brief overview, I'll then dive into how IPv6 affects the Session Initiation Protocol (SIP) and get into some technical detail. I'll then wrap up with some resources about how to learn more and get started with IPv6 and finish with a Q&A session.

If you attended the Voxeo Developer Jam Session I presented back in May on IPv6, I'm going to be covering basically the same material although with a vendor-neutral perspective (i.e. I won't be explaining and demonstrating how Voxeo Prophecy and PRISM now natively support IPv6). Obviously the live Q&A session will be new, too, and I find the questions around IPv6 always quite fun to discuss.

Please feel free to join us at 1pm US Eastern tomorrow. Registration is free - and if you can't join live the session will be archived and available for viewing on US Telecom's website for 90 days. With World IPv6 Day coming up on June 8th, it's a great time to learn about what is going on with IPv6!

P.S. If you are interested in IPv6 in general, you may be interested in the IPv6 Resource Page I put together for Voxeo at:

http://bit.ly/voxeoipv6

Lots of good links to tutorials, VoIP resources and more...

---

If you found this post interesting or useful, please consider either:

• following me on Twitter;
• subscribing to my email newsletter; or
• subscribing to the RSS feed

---

UPDATE: When I stayed at this same hotel in August 2010, I no longer had the issue with Skype being blocked. Presumably they got a smarter network monitoring system. While this specific hotel now works with Skype, the same issue will undoubtedly be out there for many other hotels and locations.

---

Summary: Hotels restricting the number of simultaneous network connections per user may wind up blocking legitimate usage of Skype. Skype's peer-to-peer network model uses a high number of network connections to synchronize multi-party group chats.

Read on for the full story, network diagrams, etc....

---

Two weeks ago on a visit to Voxeo's corporate headquarters in Orlando, FL, I stayed at the Grand Bohemian Hotel, conveniently located only a block or so away. Arriving in the early evening, I checked in, got to my room and immediately plugged my laptop into the Ethernet port to catch up on what had happened while I'd been offline traveling. As is the case in many hotels, I was asked to login and pay through a system from "Nomadix". I did so... and very quickly started to see Skype coming online, my other IM client (Adium) coming online, email starting to flow in and a website coming up.

Then it all stopped.

No Internet connection. Offline. I did all the standard things... disconnect and reconnect the cable. Stop/start the network interface. Nada. Nothing. Dead.

I'd only been on a minute or two but it had seemed to be fine, so I naturally called the front desk who put me through to the tech support team which turned out to be an external company. (Note: Nomadix makes the gateway that is used by this external company to operate the hotel's network. The network is not operated by Nomadix.) They, too, ran through the typical checks, found nothing, and then checked the list of blocked IP addresses - there I was.

The technician unblocked my IP address... I saw that I was online again... and then after a minute or so I wasn't. I called back in, spoke with a different technician, had the same experience and stayed on the phone for a good bit investigating the matter.

It turns out that:

they automatically block IP addresses that generate over 200 simultaneous network connections.

And here is my dilemma:

I am a heavy user of Skype, particularly Skype's persistent group chats.

Every time I connected, Skype was initiating hundreds of network connections to update all of the group chats that I had open. This, of course, was triggering the rules in the Internet gateway and landing me on the blocked list. If the technician unblocked me (or later testing seemed to show that every 15 minutes or so the block was released), I would then wind up blocked again after only a minute or so.

The support technicians were all very pleasant and explained that unfortunately the 200-connection-limit was hard-coded into the gateway system and there was nothing they could do (at their level, anyway) to change or set aside that limit.

As a security guy, I do understand some of what the company is trying to do here with the limit. They do have to treat the hotel network as "hostile" to a certain degree. Someone with malicious intent might connect to the network and try to execute a Denial-of-Service attack or send out spam. Or someone might unwittingly be infected with a bot that is commanded to execute some attack. They also want to prevent someone from sucking up all the network bandwidth so that other hotel users receive poor service. Limiting the network connections is one way to potentially try to deal with these type of attacks. Unfortunately, the limits also restrict the legitimate usage of Skype.

To explain how Skype plays a role here, let's dig a bit more into the way in which Skype's P2P architecture works...

---

THE BASICS OF PEER-TO-PEER (P2P) ARCHITECTURE

In any given peer-to-peer service (Skype or otherwise), there is a fundamental design difference from "typical" services:

there are NO centralized servers.

If you look at a "standard" instant messaging (IM) service, all of the IM clients connect in to a central server (or group of servers). From a network point of view, it looks like what you see in this image:

This could be for AOL/AIM, MSN/WLM, Yahoo!Messenger, Jabber, IRC or pretty much any of the other IM services out there outside of Skype.

ALL traffic goes through the central server. If you want to send an IM message to the person sitting next to you, your IM messages are still going through a central server somewhere.

From a network traffic point-of-view, each IM client is opening up a small number of connections to the central IM service. It might only be a single connection, or it might be a couple... but it's only a few. All traffic, both control messages and the messages themselves, travel across those few connections - and all through those central servers.

Over in peer-to-peer land, though, where there are no central servers all of the communication occurs through what is typically referred to as an "overlay network" (or "P2P overlay network" or "P2P overlay"). The overlay network is essentially a "virtual network" between all the nodes in a network. From an architecture perspective, it looks like this:

It's a "mesh" network where all of the service clients are interconnected with all the other clients. (In fact, the term "peer" is typically used instead of "client".) Typically in a P2P network this "overlay network" may be a "distributed hash table" (DHT) using a protocol like Chord or Bittorrent. It sits on top of a systems existing IP connection to the Internet - hence the term "overlay". So this is a P2P network sitting on top of the regular IP network.

---

SKYPE'S P2P - AND PERSISTENT GROUP CHATS

---

Caveat: I am not an employee of Skype and have no real connection with Skype other than having been an user for something like 5 years now. The material below is based on educated guesses - and could be entirely wrong. (And I'd love it if someone from Skype would confirm or deny any of the info here...)

---

Skype uses some type of P2P network for communication between Skype clients. When your Skype client comes online, it connects to the Skype P2P overlay network. I don't know personally what protocol Skype uses for its overlay network, but odds are that it is some kind of DHT or similar system. Now, Skype's network is not entirely a P2P network in that there are some centralized services that do, for instance, authentication (which were part of the outage back in August 2007), but for the most part it's a big P2P cloud.

Now let's talk about Skype's "persistent group chats". The strength of Skype's multi-person group chats is that you can shut down your computer, travel somewhere, open your computer back up, have Skype reconnect..

and receive ALL communication that occurred in the group chat while you were offline.

This is a huge benefit to an IM-centric organization. If you shut your computer down at the end of the day, or if you are traveling, you simply reconnect and have the complete history of all communication that occurred while you were offline. It works fantastically well for globally distributed teams. I use it heavily within Voxeo and for external teams as well.

The question naturally is... when you are offline, and if there are no central servers...

where are the chat messages stored that you get when you come back online?

The answer, of course, is:

the messages are stored in Skype's P2P overlay network.

(Do you see yet where this is going and the problem it's going to create?)

So if I am in a Skype group chat with five other people, all the text we type is stored in the Skype overlay network and specifically in a mini-network or "ring" between our 6 nodes. Now... we don't know Skype's P2P protocol to know precisely how it is stored across the nodes... but some parts of the text are probably found in all the members of our little ring.

When you have been offline and come back online, your Skype client has to connect out to the others in your mini-network to update your local client with all the messages that occurred when you were offline. Because your Skype client may not know if the 5 other clients were all online during the entire time you were off, your client seems to need to check with all of the other nodes in your mini-network. So it looks something like this:

Now, if you look at it from a network traffic point-of-view, 1 Skype groupchat generated 5 network connections. (And that assumes only a single connection is made per Skype node.) From various discussions and research over the years, the rule seems to be:

Each Skype groupchat is going to generate a number of network connections equal to the number of participants in the groupchat, up to a limit of 15 per chat.

If you have an open chat to one other person, when your Skype client comes online it generates 1 network connection to that person. If you have an open chat to 2 other people, Skype opens 2 network connections. For 5 others in a chat, that's five connections. Ten others in a chat, 10 connections... and so on.

This obviously doesn't scale when you get into very large group chats - I'm in one public chat that has been around for years and has 200+ participants. In those cases, a Skype developer a few years back said in a public chat that in group chats larger than 15 people, your Skype client would connect out to 15 other nodes in the chat to get updates. I don't know if that is still true today, but it seems a logical way to address the scaling issue. Odds are that if you connect out to 15 other nodes, some number of those are going to be online and have enough of the chat history to get your client up-to-date.

For the purpose of this post, let's assume that is still accurate... and so any chat with more than 15 users generates 15 network connections when your Skype client comes online.

---

THE CHALLENGE OF THE HEAVY SKYPE CHAT USER

So here's the problem that I believe nailed me at the hotel. If I look at my Skype client right this moment, I have 56 chats open in one window and 20 chats open in another - total of 76. That's actually down a bit because I went through and closed a bunch recently. In scanning through the list, probably 15 of them are 1-to-1 chats that I either keep open because they are people I frequently communicate with or are new chats that I haven't closed - and keeping the chats open lets me very easily see their presence. The rest are multi-person group chats that range from 3-5 people up to 150 or in one case 200 people. Most of them seem to be in the 10-20 person range. Some are long-term chats that I keep open because there is frequent traffic in them, others are short-term chats that have been set up for specific projects or events and will then be closed when the project or event is over.

Without actually going through and calculating the precise number, I'm going to guess that the average number of participants across the 61 group chats is probably around 10-20.

For the sake of keeping the math simple, let's just assume the average number is 10 users. Multiple that by 61 and then add in the 15 one-to-one chats and you have:

625 network connections

Oops.

If the hotel blocks a user at 200 connections, I'm obviously triggering limits. Even if my average is off, or if Skype does something to space out connections over time (which it doesn't seem to do) or to otherwise make connections between users more efficient, I am still probably going to run over that 200 connection limit. My network traffic profile at a high level is going to look like a spammer or DoS attack.

Keep in mind that these are short, quick connections just to sync with the other nodes in the ring created for each chat and get any messages - so we are not necessarily looking at a large amount of bandwidth, but we are looking at a large quantity of connections.

[NOTE: The next step someone needs to do is to take some wireshark captures and generate some pretty graphs of network connections.]

---

WHAT TO DO?

So now what? What should I as a user do?

1. DON'T USE SKYPE - I'm sure someone will suggest this. However, Skype estimates that over 30% of their traffic is business usage. Outside of my own usage, I know many people who use Skype as a significant part of their business communication. Not using Skype obviously is a solution, but not the desired outcome.

   This isn't only about "skype". While Skype is the issue in this post, this is a general concern with P2P architectures in general. As an open standards supporter, I'd love to see someone come along with a solution based on P2PSIP that provides similar features - but guess what, it's going to run into similar issues. It's an architecture issue - the idea of blocking on some number of connections is based on the old-fashioned client/server model where local clients make only a small number of connections out to dedicated servers. For that model, it may work... but that doesn't reflect evolving usage of P2P networks that are a mesh between nodes.

   Today the issue hits Skype... tomorrow it may hit some other cool application that uses P2P for communication.

2. HAVE FEWER OPEN GROUP CHATS - It's not clear to me how quickly Skype checks the status of "closed" group chats, i.e. ones that you are still a member of but are not currently displaying. It has to check at some point in case someone typed messages there, but does it do it on initial connection or launch? (I don't know.)
   
   
3. REDUCE THE NUMBER OF GROUP CHATS - Obviously this can help address the issue... simply "leave" (versus "close") many of the chats you are in. However, the persistent group chats are one of Skype's great features and enable very powerful collaboration between globally distributed teams. Not really an option.
   
   
4. CHANGE HOTELS - Of course we as users have the option to find other hotels that don't place the same restrictions... but sometimes we don't have that option.

What can hotels do?

1. RAISE THE CONNECTION LIMIT - An obvious solution is raise the number of simultaneous allowed connections... to what number, I don't know... there are trade-offs in trying to block the illegitimate traffic that may be on the network.
   
   
2. PERFORM MORE INTELLIGENT LIMITING - Applying a hard limit on the raw number of network connections is a rather brute-force approach. Instead the software should look at the quality of the network traffic. Are there are large number of high-bandwidth connections? Perhaps someone is downloading software or movies via some P2P network... in that case maybe they need to be throttled back or limited. Are they smaller connections that may be okay? Can they identify the actual Skype traffic and allow it but block other traffic?
   
   
3. THROTTLE/LIMIT VERSUS BLOCK - The rules I ran afoul of block your entire Internet access. Too many connections and your link goes dead. Why not truly limit or throttle back the connection instead of terminate it entirely? There's technology out there that can do this type of thing. (Consider, for instance, the idea behind good old ICMP source quench.)
   
   
4. ALLOW TECHNICIAN OVERRIDES - When I spoke with the technicians and explained what I was doing, the technicians had no options other than to momentarily unblock my IP address. Why not allow them to have a "white list" to which they could add the addresses of certain guests who request special access? It doesn't solve the issue, but it at least would keep certain guests happy.
   
   
5. GET A NEW SOFTWARE SOLUTION - Obviously to do these steps the hotel may need to look at new software... or a new Internet provider.
   
   
6. _____________ - What else do you suggest they do?

It's 2010 - the reality is that Skype isn't going away... and P2P architectures are continuing to evolve and provide interesting ways to solve communication challenges. The fully-meshed P2P overlay network will continue to be a feature of proprietary networks like Skype as well as standards-based solutions. Travelers want to use communications solutions like Skype... and hotels and their Internet providers need to figure out how to allow the legitimate usage of these tools and services while still keeping their controls in place to block malicious network usage.

What do you suggest? What would you do as a user or as a hotel?

P.S. This issue has been around for quite some time... I wrote about another hotel blocking Skype back in 2007. Same issue... blocking on *quantity* of connections versus actual network impact.

---

If you found this post interesting or useful, please consider either subscribing to the RSS feed or following me on Twitter or identi.ca.

---

Upon entering the Southwest Airlines plane this morning on my flight to Orlando to visit Voxeo's headquarters, I immediately noticed a "WiFi zone" sign on a column by the entry door. Naturally, I had to pull out my Macbook Pro and give it a whirl... and, given the issue of Skype-blocking last summer... try out Skype.

To my great surprise and pleasure, it worked great. (For a little while - see below.) Here's Bruce Lowekamp:

As you may or may not be able to see in the graphic, our call had been up for 3 minutes and 33 seconds when I snapped the picture.

Unfortunately, I didn't have easy access to my headset, so I couldn't really have a great conversation. The ambient background noise in the plane was really too much for my voice to be heard unless I bent down toward the microphone... and likewise even with the MacBook Pro volume up all the way it was a bit hard to hear Bruce unless I bent down toward the laptop.

And, of course, I didn't really want to annoy my fellow passengers. :-)

You can see on the right the technical stats for the call. Packet loss was surprisingly low. At the time I captured this window, I had a 3% receiving packet loss... but through much of our call that was hovering down around 0%. A roundtrip of 789ms is, of course, rather entertaining.

Sadly, though, the connectivity didn't last forever. After about maybe 30 minutes of trying this out and making video calls to different people, my Skype account went offline.

COMPLETELY offline.

No instant messaging/chat, either. Which is exceedingly annoying.

Out in Twitter-land, Fred Posner asked Southwest if they were blocking VoIP, to which Southwest replied:

@fredposner yep...we do.

Bummer.

Actually, what annoys me more is Southwest blocking Skype IM. Other than the novelty today, I don't know that I really want to be making calls from the plane... although I could see the usefulness from time to time.

What I do want is the Skype IM... since I use Skype IM heavily for communication with people including my team. It seems, though, that my Skype connection is completely blocked. Which is unfortunate, given that all my other IM services seem to be working fine.

Southwest, can you please figure out how to block the Skype voice and video, but still leave us the chat?

Despite the VoIP-blocking, though, it was seriously great to be able to use my laptop and work online during the flight. Even better, on this flight the Southwest WiFi was free while they are apparently testing it out. I did a couple of speed tests from DSL Reports, naturally, and seemed to be getting around 3Mbps down and around 200-250 Kbps up. Here's one of the results:

What a crazy world we're now in... 3 Mbps downlink... on a plane!

P.S. And of course I had to snap a picture like this:

---

If you found this post interesting or useful, please consider either subscribing to the RSS feed or following me on Twitter or identi.ca.

---

Technorati Tags: internet, connectivity, southwest, wifi, travel, voip, skype, airtravel, airplane

Is the new ".tel" domain launching today more than just a pretty web interface to DNS? Is it something really unique? Is it a new service that couldn't be easily replicated elsewhere?

In case you haven't been following the subject, a company called Telnic has launched a new top-level DNS domain ".tel" today. Today, December 3rd, is the launch of the "Sunrise" period where companies can (for a high price) obtain the ".tel" domain associated with their trademark.

The point of ".tel", though, is to not just be "yet-another-top-level-domain" but rather to be a global directory of information - with users/companies having control of their own information.

With the first part of the launch happening today there has been predictably been a good bit of coverage in the blogosphere. Danielle Belopotosky had a great piece up on the NY Times Bits blog, Techmeme has a flow of links to stories and I am sure more will be appearing.

I would, though, suggest people wanting to understand the goals of the service go back and listen to our Squawk Box conversation on September 9th with Telnic's Justin Hayward (www.justin.tel). The part about .tel starts at about the 17:50 minute mark of the podcast and literally did go on for about forty minutes. We put poor Justin through a bit of a wringer as he may not have realized he was walking into a conference call that included a bunch of DNS geeks. He presented his vision of how .tel would work and answered the many questions we threw at him. You can also watch the video of Telnic's DEMO Presentation where Justin is obviously pitching the .tel domain to the DEMO audience. (And yes, the Justin in the video is the same one who was on Squawk Box.)

While my friend Jonathan Jensen is quite enthusiastic about the .tel domain, I remain a bit troubled by a few aspects of it. First, though, let's talk about how it works...

---

HOW .TEL WORKS

One of the admittedly cool aspects of the ".tel" domain is it uses the Domain Name System (DNS) to store all of your contact information. I've been working with DNS for probably 15+ years now and have always viewed it as a rather remarkable creation. Ultimately, DNS is simply a massively distributed database system that allows for the easy querying of information on a global scale. I could go on at length about it and always enjoyed the DNS sections of the TCP/IP classes I used to teach because there is so much that you can do with tools like "dig" (or the previous "nslookup" tool) that are interesting (and fun).

But anyway... the reality is that today in general we pretty much only use DNS as a storage mechanism for mapping hostnames to IP addresses. When you entered "www.disruptivetelephony.com" in your browser window or clicked on a link to a URL that had that hostname in it, your local DNS resolver went off and queried DNS servers to find out the IP address for the web server hosting this site. Your browser then sent a HTTP request to that IP address asking for the appropriate page. That's what we primarily use DNS for.

But why not stick other information in the DNS database?

That's the central premise of ".tel". Why not put contact information, favorite URLs, etc. in there?

Now you have always been able to do this (a point I made in the Squawk Box call). There are "TXT" records that you can insert related to your domain. There are "NAPTR" records that are used in ENUM systems to do lookups on phone numbers (they have other uses as well). On one level, there is nothing the Telnic folks are doing that you cannot do already for your own domain (as long as you can edit the DNS records).

Except that Telnic has put up a pretty web interface that lets you easily edit all of these records. No special knowledge required.

I joined Telnic's "beta" program and you can see in the image to the right what my danyork.vip.tel page looks like from the public point-of-view. You can see that I have a telephone number, email addresses, Skype address, and other pieces of information. There's really no limit to the type of information I can put in here. All just various types of numbers, URLs, keywords and other pointers.

Now let's take a look at how this looks in DNS. Here is part of the output of the 'dig' command run against 'danyork.vip.tel':

dyork$ dig @a.dns.vip.tel danyork.vip.tel any
;; ANSWER SECTION:
danyork.vip.tel.        86400   IN      A       195.253.3.235
danyork.vip.tel.        60      IN      TXT     ".tkw" "1" "pa" "" "a1" "52 Probate Street" "tc" "Keene" "sp" "NH" "pc" "03431" "c" "USA"
danyork.vip.tel.        60      IN      TXT     ".tsm" "1" "pddx" "1"
danyork.vip.tel.        60      IN      TXT     "Dan York,  "
danyork.vip.tel.        60      IN      TXT     ".tkw" "1" "bi" "" "o" "Voxeo" "d" "Office of the CTO" "jt" "Director of Emerging Communication Technology"
danyork.vip.tel.        60      IN      LOC     51 31 12.000 N 0 7 48.000 W 0.00m 10m 2m 2m
danyork.vip.tel.        60      IN      NAPTR   100 103 "u" "E2U+x-voice:skype" "!^.*$!skype:danyork!" .
danyork.vip.tel.        60      IN      NAPTR   100 104 "u" "E2U+web:http+x-lbl:Blog" "!^.*$!http://www.disruptivetelephony.com/!" .
danyork.vip.tel.        60      IN      NAPTR   100 105 "u" "E2U+web:http+x-lbl:Employer" "!^.*$!http://www.voxeo.com/!" .
danyork.vip.tel.        60      IN      NAPTR   100 106 "u" "E2U+web:http+x-lbl:Blogs" "!^.*$!http://blogs.voxeo.com/!" .
danyork.vip.tel.        60      IN      NAPTR   100 100 "u" "E2U+voice:tel+x-lbl:Mobile" "!^.*$!tel:+1-407-967-8424!" .
danyork.vip.tel.        60      IN      NAPTR   100 101 "u" "E2U+email:mailto" "!^.*$!mailto:[email protected]!" .
danyork.vip.tel.        60      IN      NAPTR   100 102 "u" "E2U+email:mailto" "!^.*$!mailto:[email protected]!" .
danyork.vip.tel.        3600    IN      NS      c.dns.vip.tel.
danyork.vip.tel.        3600    IN      NS      d.dns.vip.tel.
danyork.vip.tel.        3600    IN      NS      d.dns.vip.tel.
danyork.vip.tel.        3600    IN      NS      a.dns.vip.tel.
danyork.vip.tel.        3600    IN      NS      a.dns.vip.tel.
danyork.vip.tel.        3600    IN      NS      b.dns.vip.tel.
danyork.vip.tel.        3600    IN      NS      c.dns.vip.tel.
danyork.vip.tel.        3600    IN      NS      b.dns.vip.tel.
danyork.vip.tel.        3600    IN      SOA     stealth.nic.tel. hostmaster.nic.tel. 14 10800 3600 2592000 600

You can see in here various TXT records corresponding to information I entered, a LOC record corresponding to where I was listed as being and NAPTR records pointing to various URLs, email addresses and phone numbers.

Now here's a key point - I entered all this information and in theory I control who sees all that information.

All of this information is publicly available because I chose that it would be publicly available. As Justin stated in our Squawk Box episode, users will have the ability to make some information private and available only to "friends" in some sort of social networking way. I say "in theory" only because in the administrative interface they made available to beta participants, I see no way of actually restricting the visibility of the data. Perhaps I missed something, but I'll take them on their word that they will deliver this functionality.

[UPDATE: Telnic has a page on their developer site about privacy and their friending mechanism.]

The admin interface itself is pretty straightforward. You simply add different records for contact information. You can re-order the pieces of information if you want them to appear in a different order. You can enable/disable pieces of information... delete them, etc.

You can also create "folders", which are effectively DNS subdomains. This, to me, is perhaps one of the more intriguing aspects because now I can create domains like "blogs.danyork.vip.tel" and "podcasts.danyork.vip.tel" that show a subset of my overall contact data. I did have to enter it twice if I wanted it to appear in both places, but still... it's a nice feature to have.

All done very simply and easily through Telnic's web interface.

I would note, too, that because .tel is a "sponsored top-level-domain" (see Telnic's contract with ICANN), Telnic has more control over it than there is over a typical TLD. For instance, even though you purchase a .tel domain, you are NOT able to change the "A" record which points a domain to an IP address. What this means is that a ".tel" domain can never point to a website directly. It will always point to Telnic's web interface (where you could, if you wished, simply have one entry that pointed to your web interface). This type of restriction is not true of general TLDs.

---

THE ADVANTAGE OF USING DNS

The beautiful thing about using DNS is that it is fast and that it can be queried from basically any kind of client in any kind of programming language. DNS libraries exist out there for every language ever used in network-connected applications. In the video I referenced earlier, Justin shows an iPhone app that is able to get information from the DNS system far quicker than it probably ever would from standard web queries. This is what DNS was created for.

To help in that, the Telnic folks have created a Developer area and provided some sample applications (including the iPhone one).

---

BUT COULDN'T ANYONE ELSE DO THIS?

In a word...

Yes

There is absolutely nothing stopping me, you, or anyone else from creating a service based on one of our domains that provided a pretty web interface that allowed users to populate DNS with such contact information. I could set up "dir.disruptivetelephony.com", build a web UI, write some code to update DNS and start selling subdomains off of that domain. Justin could have "justin.dir.disruptivetelephony.com"... he could control it, update it, etc.

In fact, there are very few of the arguments I've heard from the Telnic folks that couldn't be equally addressed by someone else on their own domain. However, the Telnic folks do have a couple of advantages going for them:

SIMPLICITY - It's hard to argue with the simplicity of "yourname.tel". Easy to give out. Easy to type in. Easy to use. Beats by a mile the subdomain system I mentioned above.

EXISTING TLD INFRASTRUCTURE - Because they are a top-level-domain, they can make use of all the existing registrar infrastructure that exists to sell domain names. GoDaddy, DomainDirect, DomainPeople and every other domain registrar under the planet can sell these domain names. There's an existing and at this point very well understood process for registering names, paying for them, etc. If I were to set up my own directory system, I'd have to get people to sell the domains for me or sell them myself. I don't have an entire layer of domain sales companies ready to get out there and sell my domains.

THE SPONSORED-TLD RESTRICTIONS - As I mentioned earlier, by virtue of being a "sponsored TLD" the .tel domain has some additional restrictions set up by Telnic specifically around the inability of a domain owner to change the A record and redirect the .tel domain to a website. If you want a ".tel" domain, you have to agree to the terms of use - it's that simple. Proponents of any other TLD could enter into this directory game and aim to compete with Telnic, but they would have to deal with the fact that their TLDs are not locked into pointing to one location for the website.

So the answer is ultimately - anyone could really do this, but the Telnic folks have set themselves up nicely with some advantages.

---

MY PROBLEMS WITH .TEL

So what are my problems with the .tel domain? Well, I guess I have two more technical issues and then some more fundamental issues. First, the technical issues:

BEAUTIFUL TARGET FOR SPAMMERS - The wonderful advantage of DNS is that it is simple and easy for anyone to query. That includes, of course, spammers. So if .tel is successful and people load up the .tel DNS servers with tons of public contact information, what in the world will stop spammers from harvesting all that public information out of the DNS trees? You can see above that it was trivial for me to get all the information associated with "danyork.vip.tel" out of DNS. It's equally trivial for me to write a little script that iterates through potential .tel DNS names, grabs all the info, finds all records that include "mailto" and then emails those people. Or searches on "voice" and calls them....

Unfortunately there's nothing Telnic can really do about this.

Sure, they can throttle requests from certain sources when those sources launch a zillion requests... and then the spammers will just move to using distributed botnets. There's an inherent challenge in putting contact information out in publicly available systems like DNS - anyone can get it.

This is a large part of what has effectively killed any kind of public ENUM systems. ENUM had the same basic idea. Store phone numbers in DNS so that they and their corresponding SIP addresses could be retrieved. Wonderful way to map phone numbers to SIP addresses so that you can bypass the PSTN. However, spammers can do the same thing. One of the tools on the VOIPSA VoIP Security tools list (I forget which one) will do exactly this - issue ENUM queries into DNS and then make SIP calls to any SIP addresses found. Public ENUM is probably irrevocably dead because of this. (ENUM, however, is thriving inside of service provider/carrier networks, though.)

I've seen responses from folks at Telnic about the spam question (such as this one) focusing on the fact that you can choose who sees what and that the private information is protected by encryption. Which is great... but misses the point. The largest reason I can see to use a .tel domain is to get your information out publicly... so why would I then want to hide it?

SINGLE POINT OF FAILURE - The same strength that Telnic has in not being able to modify the DNS A record is also a weakness. Everything goes back to Telnic. I am sure they have spent a huge amount of time on making their system scalable, reliable, etc. But still... if someone out there mounts a large Distributed Denial-of-Service (DDoS) attack from some botnet... the site and service could be taken offline. Now this is true of most all other emerging services today, so Telnic is not alone in this. But it does cause me some concern. (I guess the one counter argument to this is that presumably local registrars would be able to provide authoritative DNS servers for a given .tel domain. In that case it is not all dependent upon Telnic's servers - although you still would be for authority for the root of the .tel domain.)

Those are my technical concerns.

On a more fundamental level, I have some other concerns:

DIRECTORY INFO IN THE HANDS OF A SINGLE COMPANY - It does admittedly bother me to have a single company behind this .tel domain. Yes, I know, everyone enters their own information and it's all stored in the distributed DNS database. I also realize that for someone to build out their website and infrastructure, etc., it takes money... and the expectation that there will be money coming in at the end... that there will be a return on investment.

Don't get me wrong... the folks at Telnic seem to be great and decent folks. They may be. But I just have fundamental issues when a service that would like to be part of our core Internet infrastructure (as our global directory) is owned by a single company.

Those of us who remember the early days of the Internet remember how much we all chafed against Network Solutions' monopoly on domain name registrations (and their ability to charge more and more). We remember the walled gardens of CompuServe, AOL, GENIE, Prodigy, etc. I am still concerned about the new walled gardens of Facebook, MySpace and even Twitter. I am concerned about Skype's walled garden as it becomes increasingly central.

I'm a security guy. I understand the value in distributed systems and diverse environments (while understanding there are also corresponding risks) in ensuring reliability and availability.

The folks at Telnic may be great people... today. But if the service takes off and then they are acquired by someone else who isn't so friendly... what then?

I guess I'd be far more excited and enthusiastic if the global ".tel directory" was being promoted by some nonprofit consortium or academic-led group... (But then again, would they have been as incented to create it in the first place?)

DID IT NEED TO BE SUCH A BLATANT MONEY-GRAB? - Maybe I am just a bit put off, too, by the rather blatant language the Telnic folks use around their launch information. Today is the "Sunrise" period (no real problem with that term) where trademark owners can apply for their name and pay a very high fee to do so. February 3 marks the "Landrush" period (yes, I don't like this one) when anyone can register a .tel domain for a "premium" price and then finally March 24, 2009, represents the general availability when anyone can register a domain at "regular" prices.

On the one hand, I applaud Telnic on their transparency - it undoubtedly will be a "landrush" on February 3 as everyone who doesn't have a trademark but wants in on a new TLD will rush to do so. And there will be X number of domain squatters who will be looking to register any and all domains that were not grabbed by their prominent owners in .com/.net/.org in an attempt to then try to get those folks to buy the domain names from the squatters. It probably will generate a good bit of revenue for the domain registrars... for Telnic... and for their investors. I just guess I wish it weren't so blatant - I guess the whole "landrush" thing bothers me most... just make the domain available at a price for all of us. Ah, well - I can see why they did it.

DO WE REALLY NEED ANOTHER DIRECTORY? - This is not so much of a problem as a general question... I think it's clear to me that we are still trying to sort out how people best find our contact information on the Internet. We've been trying this since we first started moving online and there have been any number of attempts before. (Recall that Yahoo got its start as a directory of web sites in the then very tiny World Wide Web.) We're still not there. Sites like Facebook would like to be that site for us. So would LinkedIn and Plaxo and a zillion others. Plus there's any number of other startups. Plus you can always take out your own domain name and set that up (as I have done). Will Telnic and the .tel folks succeed where others haven't? I don't know.

---

SO WILL I BUY ONE?

So at the end of the day, would I buy a ".tel" domain? I don't know. I think it's an interesting idea and the reality is that yes, I probably would buy "danyork.tel" if by some miracle it is actually available in March... mostly just because I own most of the other "danyork.*" domains already. There are, of course, many other "Dan York"s out there and so perhaps one of them will get this one. Or perhaps some domain squatter will buy that domain after reading of my interest here in the hopes that he/she could milk more money out of me. (Sorry, but NO!) I just don't see that the value shouts out to me enough that I might be willing to join into the "landrush" and pay a premium price.

But even if I bought it, would I use it? I don't know. The potential for spam still seems high to me. We'll have to see what they do to combat it.

---

THE THORNY PROBLEM

In the end, the problem of locating contact information out on the Internet remains a challenging issue... where do you find the best contact info for someone? a Google search? Facebook? LinkedIn? the person's web site? Some other social networking site? Skype's directory?

Telnic's launch of .tel throws another hat into the ring... why not store all that info in DNS? Will .tel be used? Will people accept a new TLD? (Or are they getting fatigued of new TLDs?) Can the Telnic folks address the spam-harvesting issues that have basically killed public ENUM? Or are those inherent problems of using a public system like DNS? Will enough people use it to make it be a valuable database?

I commend the folks at Telnic for stepping into the ring and offering a solution - and I'll certainly be joining in watching what happens.

What do you think? Would you buy one? Or do you think there are other/better solutions?

---

If you enjoyed this post, please consider either subscribing via RSS or following me on Twitter or identi.ca.

Technorati Tags: .tel, telnic, DNS, internet, domains, domainnames, icann