|
This reminds me of a very tangible shortcoming in the OSI model that <https://en.wikipedia.org/wiki/Host_Identity_Protocol> is trying to address and which is, in my opinion, far more important that exchanging value. It is the fact that we always talk of machine addresses, and never of machine identities (except through DNS, but DNS is also about giving human-readable identifiers, so it cannot be decentralized <https://en.wikipedia.org/wiki/Zooko%27s_triangle>). However, now that everyone is using public-key crypto, we should understand that a machine can be referenced by a public key, and that it can prove ownership of it to anyone who asks. (This can also be used to encrypt traffic, but this is not what I am thinking of.) Hence, why do we connect to IP addresses, rather than connecting to public key hashes? Granted, public key hashes are not routable, but there could be a service to provide the mapping from hashes to addresses -- not DNS, because it doesn't have to give human-readable names (so doesn't have to be centralized), and because there is little penalty for receiving a wrong answer (as long as you always check the identity of who you are talking to. I think that, had asymetric crypto been in widespread use before the OSI model came about, this would have been the natural way to do things. Now the problem is unsatisfactorily solved both in DNS (which is not the right solution, as I already explained), and in an ad-hoc way with TLS, in SSH, etc.; but this is still too high in the hierarchy, machines should be addressed with public key fingerprints unless we are concerned about actual routing. |
However, the IP based protocols didn't implement that piece, but let the protocols (TCP/UDP etc.) just use the layer 3 addresses instead of having their own layer 4 addresses.
I'll try to find some references, but back when TCP was conceived, the idea was to have layer 4 addresses too, but this was dismissed for simplicity.