Net Neutrality and A Proposal for a new Web Protocol

Matthew
HackerNoon.com
2 min readJul 13, 2017

--

Net neutrality is big news again along with fear of things like internet fast lanes or premium service for popular websites. Instead of continuously fighting these laws when they pop up, the web community should move forward and prevent this from being possible. Developing a new web protocol is how this can be accomplished.

This idea isn’t perfect but I think will take care of the main problem, selective throttling.

As far as I know, throttling is done by inspecting packets. The relevant parts of a typical web request take place tcp/ip layers and application layers. An unencrypted HTTP request can be inspected. This is pretty easy to get around with HTTPS. The application layer concern isn’t to interesting. The next thing to throttle is at the IP layer. A packet contains a source and destination IP address for it’s existence. An IP address can be correlated with a popular website fairly easily.

I think the first solution to jump to is use a vpn and tunnel. The vpn still needs to exit and the source and destination are visible again to ISPs in the middle of the vpn and website.

I think a new protocol would be on top of UDP and fully encrypted. Google has done something similar already successfully with QUIC. UDP is fire and forget, so there is no relevant source IP and no session to track. For a typical client on the web most traffic is down so someone inspecting your packet would have no idea what it is if the source IP was spoofed. A GET request is only one packet up to the popular site. Throttling would be ineffective there.

A client would initialize the HTTP connection similar to https today. The new protocol would contain the clients source IP and port encrypted in the UDP packet body once an encryption handshake is complete. The rest of the session would continue that way.

I don’t think it’s a perfect idea but it’s a start and a lot of the pieces are already there. Hopefully the web community can come up with something that works!

The TL;DR would be reimplement tcp on top of udp and encrypt everything except a packets destination.

--

--