This document discusses the history and evolution of the internet, including its initial growth factors like layering and trust-based models, weaknesses like incorrect security assumptions and lack of accounting/identification. It covers milestones like encryption use, mobile adoption, and cloud computing. The document advocates for securing key internet protocols to build a more robust network, and outlines Cloudflare's efforts in areas like DNS security, timestamps, and privacy tools. It promotes making emerging technologies more accessible and secure.
1. // HELPING TO BUILD A BETTER
INTERNET
John Graham-Cumming
CTO, Cloudflare
2. Things that made the Internet grow fast
// Layering
// Wrong Security Model
// Trust-based
// Cryptography was for governments and IBM
// No Accounting
// No one saw mobile coming
31. Cloudflare Confidential Information
Case was twenty-four. At twenty-two, he'd been a
cowboy, a rustler, one of the best in the Sprawl. He'd
been trained by the best, by McCoy Pauley and Bobby
Quine, legends in the biz. He'd operated on an almost
permanent adrenaline high, a byproduct of youth and
proficiency, jacked into a custom cyberspace deck that
projected his disembodied consciousness into the
consensual hallucination that was the matrix.
32. Timeline
1976 Bell/LaPadula multilevel security
1981 IPv4
1981 TCP
1983 DNS
1989 HTTP
1991 BGP
PGP
First GSM Network
1995 Clipper Chip
SSL 2.0
1996 Executive Order 13026
Wrong Security Model
Hard to access encryption
First Crypto War
43. Secure the protocols
DNS
● DNSSEC
● DNS over HTTPS / DNS over TLS
HTTP
● HTTPS / HTTP/2
● TLS 1.3 / ESNI
BGP
● RPKI
Cloudflare Confidential Information
44. HTTP/2: 3 Steps Forward, 1 Step Back
Cloudflare Confidential Information
HTTP 1.1
HTTP/2
Multiplexing
Server
Server
jquery.js
example.css
image.png
jquery.js
example.css
image.png
jquery.js
example.css
image.png
jquery.js
example.css
image.png
3 TCP connections
1 TCP connections
45. QUIC
HTTP Request over QUIC
● Layering breaks down
● HTTP/2 particularly bad in
mobile networks
Cloudflare Confidential Information
71. What: Simplify, speed up, and secure read-
only access to files stored on the
InterPlanetary File System (IPFS), a peer-to-
peer protocol for storing content. Bring-your-
own-domain with SSL-for-SaaS.
Why: Part of Cloudflare’s initiative to make
emerging and innovative technologies more
accessible, secure, and performant.