This web page is available via http://www.goland.geek. IANA's incompetence and bad faith has reached legendary status in the Internet community and we desperately need an alternative. I don't claim that OpenNic has the solution but we have to do something. I now point my PC's DNS resolution to Yes, this has obvious privacy ramifications but I'm willing to live with it. Thanks to Simkin for hosting my .geek DNS record.

Why TLS doesn't replace VPN for Enterprise customers

If you can establish a TLS connection to your enterprise remotely. then why do you need VPN/IPSEC? Given that any TCP based protocol can be run over TLS it would seem that the ubiquitous support for TLS has solved our remote access end-to-end security problems.

Continue reading Why TLS doesn't replace VPN for Enterprise customers

Limitations of IP Multicasting

For a long time there has been the distant promise that someday we would all just use IP multicasting for distributing content through the Internet. The idea that one could send a packet to one address and have it magically appear at multiple destinations was a compelling one. However IP Multicast has never taken off outside of Intranets. I believe that the fundamental reason for IP Multicast's failure to reach its promised potential is that IP Multicast does not scale very well. Specifically, each router on the distribution path of an IP Multicast must allocate memory to remember that multicast for the length of the multicast session. This means that as the number of multicast sessions that cross that router grow so will the amount of memory the router has to allocate. While the rate of increase of multicast sessions is exponential the rate of increase of memory required is linear.

Continue reading Limitations of IP Multicasting