<DOC>
[109th Congress House Hearings]
[From the U.S. Government Printing Office via GPO Access]
[DOCID: f:22510.wais]
TO LEAD OR TO FOLLOW: THE NEXT GENERATION INTERNET AND THE TRANSITION
TO IPv6
=======================================================================
HEARING
before the
COMMITTEE ON
GOVERNMENT REFORM
HOUSE OF REPRESENTATIVES
ONE HUNDRED NINTH CONGRESS
FIRST SESSION
__________
JUNE 29, 2005
__________
Serial No. 109-41
__________
Printed for the use of the Committee on Government Reform
Available via the World Wide Web: http://www.gpoaccess.gov/congress/
index.html
http://www.house.gov/reform
______
U.S. GOVERNMENT PRINTING OFFICE
22-510 WASHINGTON : 2005
_____________________________________________________________________________
For Sale by the Superintendent of Documents, U.S. Government Printing Office
Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; (202) 512ÿ091800
Fax: (202) 512ÿ092250 Mail: Stop SSOP, Washington, DC 20402ÿ090001
COMMITTEE ON GOVERNMENT REFORM
TOM DAVIS, Virginia, Chairman
CHRISTOPHER SHAYS, Connecticut HENRY A. WAXMAN, California
DAN BURTON, Indiana TOM LANTOS, California
ILEANA ROS-LEHTINEN, Florida MAJOR R. OWENS, New York
JOHN M. McHUGH, New York EDOLPHUS TOWNS, New York
JOHN L. MICA, Florida PAUL E. KANJORSKI, Pennsylvania
GIL GUTKNECHT, Minnesota CAROLYN B. MALONEY, New York
MARK E. SOUDER, Indiana ELIJAH E. CUMMINGS, Maryland
STEVEN C. LaTOURETTE, Ohio DENNIS J. KUCINICH, Ohio
TODD RUSSELL PLATTS, Pennsylvania DANNY K. DAVIS, Illinois
CHRIS CANNON, Utah WM. LACY CLAY, Missouri
JOHN J. DUNCAN, Jr., Tennessee DIANE E. WATSON, California
CANDICE S. MILLER, Michigan STEPHEN F. LYNCH, Massachusetts
MICHAEL R. TURNER, Ohio CHRIS VAN HOLLEN, Maryland
DARRELL E. ISSA, California LINDA T. SANCHEZ, California
GINNY BROWN-WAITE, Florida C.A. DUTCH RUPPERSBERGER, Maryland
JON C. PORTER, Nevada BRIAN HIGGINS, New York
KENNY MARCHANT, Texas ELEANOR HOLMES NORTON, District of
LYNN A. WESTMORELAND, Georgia Columbia
PATRICK T. McHENRY, North Carolina ------
CHARLES W. DENT, Pennsylvania BERNARD SANDERS, Vermont
VIRGINIA FOXX, North Carolina (Independent)
------ ------
Melissa Wojciak, Staff Director
David Marin, Deputy Staff Director/Communications Director
Rob Borden, Parliamentarian
Teresa Austin, Chief Clerk
Phil Barnett, Minority Chief of Staff/Chief Counsel
C O N T E N T S
----------
Page
Hearing held on June 29, 2005.................................... 1
Statement of:
Curran, John, chairman, American Registry for Internet
Numbers; Jawad Khaki, corporate vice president, Microsoft
Corp.; Stan Barber, vice president, Verio, Inc.; and Alex
Lightman, chief executive officer, Charmed Technologies,
Inc........................................................ 56
Barber, Stan............................................. 83
Curran, John............................................. 56
Khaki, Jawad............................................. 65
Lightman, Alex........................................... 91
Evans, Karen, Administrator, Electronic Government and
Information Technology, Office of Management and Budget;
David Powner, Director, Information Technology Management
Issues, Government Accountability Office; Keith Rhodes,
Chief Technologist and Director, Center for Technology and
Engineering, Government Accountability Office; George
Wauer, Director, Architecture and Interoperability, Office
of the Assistant Secretary of Defense for Networks and
Information Integration and Office of the Chief Information
Officer, U.S. Department of Defense, accompanied by Major
General Dennis Moran, Vice Director, Command, Control,
Communications and Computer Systems, Joint Chiefs of Staff,
U.S. Department of Defense................................. 11
Evans, Karen,............................................ 11
Powner, David............................................ 18
Rhodes, Keith............................................ 45
Wauer, George............................................ 45
Letters, statements, etc., submitted for the record by:
Barber, Stan, vice president, Verio, Inc., prepared statement
of......................................................... 86
Cummings, Hon. Elijah E., a Representative in Congress from
the State of Maryland, prepared statement of............... 109
Curran, John, chairman, American Registry for Internet
Numbers, prepared statement of............................. 59
Davis, Chairman Tom, a Representative in Congress from the
State of Virginia, prepared statement of................... 4
Evans, Karen, Administrator, Electronic Government and
Information Technology, Office of Management and Budget,
prepared statement of...................................... 14
Khaki, Jawad, corporate vice president, Microsoft Corp.,
prepared statement of...................................... 67
Lightman, Alex, chief executive officer, Charmed
Technologies, Inc., prepared statement of.................. 94
Porter, Hon. Jon C., a Representative in Congress from the
State of Nevada, prepared statement of..................... 108
Powner, David, Director, Information Technology Management
Issues, Government Accountability Office, prepared
statement of............................................... 19
Wauer, George, Director, Architecture and Interoperability,
Office of the Assistant Secretary of Defense for Networks
and Information Integration and Office of the Chief
Information Officer, U.S. Department of Defense, prepared
statement of............................................... 47
Waxman, Hon. Henry A., a Representative in Congress from the
State of California, prepared statement of................. 8
TO LEAD OR TO FOLLOW: THE NEXT GENERATION INTERNET AND THE TRANSITION
TO IPv6
----------
WEDNESDAY, JUNE 29, 2005,
House of Representatives,
Committee on Government Reform,
Washington, DC.
The committee met, pursuant to notice, at 2:15 p.m., in
room 2154, Rayburn House Office Building, Hon. Tom Davis
(chairman of the committee) presiding.
Present: Representatives Davis of Virginia, Gutknecht,
Dent, Waxman, Cummings, Kucinich, Higgins and Norton.
Staff present: Melissa Wojciak, staff director; David
Marin, deputy staff director/communications director; Chas
Phillips, policy counsel; Rob White, press secretary; Drew
Crockett, deputy director of communications; Victoria Proctor,
senior professional staff member; Teresa Austin, chief clerk;
Sarah D'Orsie, deputy clerk; Leneal Scott, computer systems
manager; Kristin Amerling, minority general counsel; Nancy
Scola, minority professional staff member; and Earley Green,
minority chief clerk.
Chairman Tom Davis. The committee will come to order.
I apologize for starting late, we were supposed to have a
vote on the floor. I was over there so I could leave at the
beginning of the vote and they ended up with just a voice vote.
Welcome to today's hearing on the Next Generation Internet
and the transition to Internet protocol version 6 [IPv6].
Nearly 30 years ago in a Department of Defense lab, the
Internet was born. Originally designed to facilitate
communications after a nuclear strike, as the protocols were
tested, refined and implemented, people began to recognize the
possibilities for far broader applications. Today, these
protocols underpin the Internet.
American ingenuity developed, fostered, and fielded these
simple open protocols to solve a narrow set of problems, but
this seemingly small network solution has sparked a global
revolution in communications. Over the past decade, cyberspace
has grown into a dynamic nervous system that controls our
Nation's critical cyber and physical infrastructures.
Within an hour's drive of Fairfax County, there are about
one quarter of all Internet Service Providers on the entire
planet. About a quarter of all the Internet packets in the
world are going through a hub in northern Virginia. If you
drive down the Dulles Access Road, you can see the physical
impact of the Internet on Virginia, but the current Internet,
and the protocols and networks that underpin it, may have
reached its limits.
Internet protocol version 6 [IPv6], offers benefits for
expanded addressing, greater security, and new products,
services, and missions for Next Generation Internet
applications. However, it presents several challenges
including: one, understanding the international implications;
two, preparing the Federal Government; and three, ensuring a
secure transition.
Not surprisingly, interest in IPv6 is gaining momentum
around the world, particularly areas that have limited IPv4
address space to meet their industry and consumer
communications needs. Regions that have limited IPv4 address
space such as Asia and Europe have undertaken aggressive
efforts to deploy IPv6. Asian countries have been aggressive in
adopting IPv6 technology, because Asia controls only about 9
percent of the allocated IPv4 addresses, and yet has more than
half of the world's population.
Asian governments have invested hundreds of millions of
dollars in IPv6 technology. China has been extremely aggressive
and Japan has set up an IPv6 Promotion Council, using tax
incentives to encourage research and adoption of IPv6 by its
private sector.
Europe currently has a task force that has the dual mandate
of initiating country and regional IPv6 task forces across
European states and seeking global cooperation around the
world, and Europe's Task Force and the Japanese IPv6 Promotion
Council forged an alliance to foster worldwide deployment.
Here at home, challenges such as procurement, information
technology management, and modernization are often addressed
deliberately by the Federal Government and change often takes
years to implement, but these are the challenges we take up on
this committee.
Federal Government IT expenditures are on track to surpass
$65 billion in fiscal year 2006, making the Federal Government
once again the largest purchaser of IT products and services in
the world. In addition, a recent report forecasts that IT
spending will continue to rise throughout the decade, reaching
over $90 billion in fiscal year 2010. With this buying power,
we need to make sure that the best and most secure technology
is a priority when the Government acquires IT goods and
services.
I believe that we all want the United States to have the
world's best information technology infrastructure, including
maintaining the world's best Internet industry. I believe we
all want U.S. defense capabilities to perform with maximum
effectiveness and efficiency, and to realize the full potential
of net-centric warfare.
I believe we all want the best Homeland Security systems,
including cameras, sensors, and first responder systems
intelligently integrated together. I believe we all want
fiscally responsible Federal spending, including spending on
information infrastructures that will deliver multiple returns
on investment and preserve taxpayer dollars.
Today, we will hear about Federal efforts to transition to
IPv6. Our purpose here is to learn from the public and private
sectors, to hear if IPv6 can help us achieve long-term
economic, defense, homeland security, and technological
leadership. If it can play a part in reaching those goals, then
I want to know what support the Government Reform Committee,
the Congress, and the U.S. Federal Government need to provide.
I also want to learn about the risks. Every day brings news
of another computer intrusion or data theft. I hope to hear
about the security risks that exist under the current protocol,
how IPv6 might address these risks, and whether the transition
presents its own risks.
Finally, I hope to learn if the United States is at
competitive risk with respect to the Next Generation Internet.
My committee held a hearing recently about the lengths to which
the Chinese government would go to make sure that only Chinese
software is purchased by Chinese government agencies. The
Chinese government not long ago announced that CERNET2, the
first network based on pure IPv6 technology, was going into
formal operation. An official from China's National Development
Reform Commission said China's Next Generation Internet will
bring huge benefits to their national economy and increase the
country's competitiveness in national defense, economy, science
and technology.
Last year, I asked GAO to look at IPv6 and its implications
for the Federal Government. Today, we are here, in part, to
review their report, which highlights the fundamental
challenges facing the Federal agencies, the White House, and
Congress.
However, to reap the benefits from IPv6 Federal agencies
must first begin to plan and develop requirements that will
take full advantage of what the new protocol offers. I hope
that the Office of Management and Budget will continue its
leadership role in information policy and begin to address some
essential issues, including how much IP address space the
Federal agencies may require, whether the Federal Government is
ready for the transition, and how much it will cost.
At this stage, I am gathering input on IPv6. I was pleased
to receive a copy of the Department of Defense IPv6 Transition
Plan recently. I am looking forward to receiving the Department
of Commerce's report as soon as possible, and see how IPv6 can
help America's economy and help America's exports.
The vast majority of the technology we know and use is
rooted in the United States. Many of these innovations were a
result of the ideas and hard work from individuals who came
from other countries to live, to work, or to be educated, some
of whom are here today.
America draws the best and the brightest from around the
globe, they produce their best work here, and then we share
those efforts with the rest of the world. I am confident that
we can meet the challenge of this transition.
I would now recognize the distinguished ranking member, Mr.
Waxman, for an opening statement.
[The prepared statement of Chairman Tom Davis follows:]
[GRAPHIC] [TIFF OMITTED] T2510.001
[GRAPHIC] [TIFF OMITTED] T2510.002
[GRAPHIC] [TIFF OMITTED] T2510.003
Mr. Waxman. Mr. Chairman, thank you for holding today's
hearing on Internet protocol version 6, what is often called
the ``Next Generation Internet.''
The architecture of the Internet was first developed more
than 30 years ago, but the Internet of today is far different
than it was then. Whereas the early Internet joined together a
small number of computers, the Internet today connects desktop
computers, laptop computers, network servers, handheld
Blackberries, cell phones and cars. Even dishwashers and
refrigerators are beginning to go online.
The Internet is not yet breaking down under the strain, but
there are limitations that need to be addressed. The current
system has the capacity to connect together 4 billion different
computers and devices at any one time. This may seem like a
lot, but consider the computers and cell phones one typical
family might own today, or all the desktops, laptops, and
Blackberries in use in the Federal Government.
Four billion seems even smaller in light of the growing
Internet use worldwide. In fact, it is only because of network
administrator ingenuity that the current protocol's
technological limitations are not paralyzing the Internet.
The Next Generation Internet eliminates major existing
technological limitations. This new system increases access to
the Internet exponentially while also offering the added
benefits of more sophisticated security and improved
connectivity.
Consumers will reap these benefits, but it is the Federal
Government that may well be the greatest beneficiary. A recent
GAO study found that Next Generation Internet could help DOD to
create more advanced weapons and information systems. Other
potential uses include wireless border security sensors and
interoperable networks for first-responders.
Unfortunately, the Government is not taking full advantage
of this opportunity. GAO found that few agencies beyond the
Defense Department have even begun to ready themselves for the
Next Generation Internet. Meantime, the rest of the world is
taking Next Generation Internet seriously. China is building a
nationwide network that will run on the new system. India's
private sector is actively moving to take advantage of these
new technologies.
The Next Generation Internet is coming. I look forward to
hearing from witnesses about what we can do to take the lead in
developing the Internet as we did 30 years ago or we can wait
for this evolution to pass us by and then play catch up.
Thank you, Mr. Chairman, for the opportunity to make an
opening statement. I look forward to the testimony of the
witnesses today.
[The prepared statement of Hon. Henry A. Waxman follows:]
[GRAPHIC] [TIFF OMITTED] T2510.004
[GRAPHIC] [TIFF OMITTED] T2510.005
[GRAPHIC] [TIFF OMITTED] T2510.006
Chairman Tom Davis. Mr. Waxman, thank you very much.
The Members will have 7 days to submit opening statements
for the record.
I will now recognize our first panel, a very distinguished
panel. We have: the Honorable Karen Evans, Administrator,
Electronic Government and Information Technology, Office of
Management and Budget; David Powner, Director, Information
Technology Management Issues, Government Accountability Office;
Keith Rhodes, Chief Technologist and Director, Center for
Technology and Engineering, Government Accountability Office;
George Wauer, Director, Architecture and Interoperability,
Office of the Assistant Secretary of Defense for Networks and
Information Integration and Office of the Chief Information
Officer, U.S. Department of Defense. Mr. Wauer is accompanied
by Major General Dennis Moran, Vice Director, Command, Control,
Communications and Computer Systems, Joint Chiefs of Staff,
U.S. Department of Defense. General Moran, thank you for being
with us today.
It is the policy of the committee to swear all witnesses
before you testify.
[Witnesses sworn.]
Chairman Tom Davis. We will start the testimony with Ms.
Evans. Karen, you know the rules. We try to keep it to 5
minutes. Your entire statement is in the record. Questions will
be based on your entire statement but you have 5 as a summary.
Karen, thanks a lot for being with us again.
STATEMENTS OF KAREN EVANS, ADMINISTRATOR, ELECTRONIC GOVERNMENT
AND INFORMATION TECHNOLOGY, OFFICE OF MANAGEMENT AND BUDGET;
DAVID POWNER, DIRECTOR, INFORMATION TECHNOLOGY MANAGEMENT
ISSUES, GOVERNMENT ACCOUNTABILITY OFFICE; KEITH RHODES, CHIEF
TECHNOLOGIST AND DIRECTOR, CENTER FOR TECHNOLOGY AND
ENGINEERING, GOVERNMENT ACCOUNTABILITY OFFICE; GEORGE WAUER,
DIRECTOR, ARCHITECTURE AND INTEROPERABILITY, OFFICE OF THE
ASSISTANT SECRETARY OF DEFENSE FOR NETWORKS AND INFORMATION
INTEGRATION AND OFFICE OF THE CHIEF INFORMATION OFFICER, U.S.
DEPARTMENT OF DEFENSE, ACCOMPANIED BY MAJOR GENERAL DENNIS
MORAN, VICE DIRECTOR, COMMAND, CONTROL, COMMUNICATIONS AND
COMPUTER SYSTEMS, JOINT CHIEFS OF STAFF, U.S. DEPARTMENT OF
DEFENSE
STATEMENT OF KAREN EVANS
Ms. Evans. Thank you for inviting me to speak about the
Federal Government's efforts in preparing for the transition to
Internet protocol version 6. This afternoon, I would like to
briefly identify the steps we are taking in preparation for
transition.
As I mentioned in my April 7, 2005 testimony before this
committee regarding our efforts to safeguard the Government's
information systems, late last fall OMB directed the agencies
to provide a preliminary report on their planning activities
for the transition to IPv6. Only the Department of Defense had
undertaken any significant effort in this area.
Given the lack of government-wide progress and our concern
regarding the complexities of transition, we recognize the need
to begin developing a comprehensive transition planning guide
and process.
We are about to take the first step and issue a policy
memorandum providing guidance to the agencies to ensure an
orderly and secure transition to IPv6. The purpose of the
guidance will be to ensure effective planning and to raise the
level of awareness and urgency of preparing for IPv6.
The overarching challenge facing us is ensuring continued,
uninterrupted functionality of Federal agencies during the
transition while providing continued and improved information
assurance. This will require major changes in the architecture
of many agency networks. Since there is a large embedded base
of IPv4-compatible equipment and applications, transitioning to
IPv6 will also require large capital investments and labor
resources. While the challenges are significant, they are not
insurmountable, especially if we approach them methodically and
in phases. The guidance will lay out five important actions the
agencies should take.
First, agencies will have to familiarize themselves to the
transitions issues by reviewing the GAO report, the Commerce
report, and particularly the Department of Homeland Security's
US-CERT advisory of security issues concerning IPv6. Since IPv6
is already present in many Federal agency networks, it is
important that agencies begin addressing the security risks
associated with IPv6 now.
Second, agencies will have to assign a specific individual
to lead and coordinate agency planning. This person will be
responsible for monitoring, enforcing, and reporting on the
transition and implementation of IPv6 within the agency.
Third, agencies will develop an inventory of existing IP
capable devices and technologies. To ensure an orderly
transition from IPv4 to IPv6, we must establish a baseline and
determine the size of the problem. While we know IPv6
technologies are deployed throughout the Government, but like
other organizations, we do not know specifically which ones,
how many there are, or precisely where they are located. We are
planning for each agency to file a report of their inventory of
IP capable devices and technologies to OMB in the first quarter
of fiscal year 2006.
Fourth, agencies will conduct an impact analysis to
determine fiscal and operational impacts and risks during the
transition to IPv6. We are planning for each agency to report
the results of this impact analysis to OMB in the first quarter
of fiscal year 2006, and it should include analysis on cost and
risk. For cost, the agencies must report on estimates for
planning, infrastructure acquisition, above and beyond normal
expenditures, training, and risk mitigation.
Fifth, the policy will direct the CIO Council to develop
before the end of the calendar year, more detailed IPv6
implementing guidance. It will include guidance for developing
detailed prioritized schedules and milestones, integrating IPv6
with the agency enterprise architecture, developing necessary
IPv6-related policies and compliance mechanisms, training
material, and test plans for IPv6 compatibility and
interoperability. To the extent the agencies are currently
capable of addressing the elements of the future CIO Council
guidance, they have been instructed to begin doing so now. We
will also use the OMB EA Assessment Framework to measure the
degree to which agencies are effectively performing this
planning element.
Our policy will also set June 2008 as the date by which all
agencies' infrastructure, network backbones, must be using IPv6
and agency networks must interface with this infrastructure.
Once the network backbones are ready, the applications and
other elements will follow. Setting this firm date is necessary
to maintain focus on this important issue. Overall the actions
set out in our policy will begin to address the many challenges
that come with IPv6 transition.
I would like to take one moment to discuss one aspect of
the implementation guidance. Later in this hearing, you may be
hearing testimony that says IPv6 poses a problem associated
with the capability called tunneling. In fact, tunneling is
extremely widely used throughout the Government and industry
and facilitates cost effective and safe communications.
During the question period, I would be happy to answer your
questions about the aspect of IPv6 tunneling and how it could
be controlled and any other questions you have.
Thank you for this opportunity to talk about the
administration's strategy.
[The prepared statement of Ms. Evans follows:]
[GRAPHIC] [TIFF OMITTED] T2510.007
[GRAPHIC] [TIFF OMITTED] T2510.008
[GRAPHIC] [TIFF OMITTED] T2510.009
[GRAPHIC] [TIFF OMITTED] T2510.010
Chairman Tom Davis. Thank you very much, Ms. Evans.
Mr. Powner.
STATEMENT OF DAVID POWNER
Mr. Powner. We appreciate the opportunity to testify on
Internet protocol version 6.
With me today is Keith Rhodes, GAO's Chief Technologist who
will discuss the security aspects of transitioning to this new
protocol.
The initial benefits of IPv6 is that it will immediately
remedy the shortage of worldwide Internet addresses and will
greatly increase the number of devices that can connect to the
Internet. IPv6 is clearly gaining momentum globally, especially
in regions such as Asia where address space is limited and
concerns exist about the U.S.'s adoption of the new protocol as
it pertains to global competitiveness.
This morning, I would like to leave you with three thoughts
before Mr. Rhodes discusses the need to mitigate security
transition risks.
First, there are many benefits to the new protocol; second,
Government transition has been slow; and third, key planning
efforts are essential. In addition to the increased address
space that will accommodate the growing number of users and
mobile devices, IPv6 will, among other things, allow for an
efficient and possibly faster routing, simplify network
administration and enhance IP security by improving
authentication and confidentiality of data sent over the
Internet.
The Department of Defense plans to utilize IPv6 features.
For example, it envisions our future soldiers equipped with
multiple IP addresses for communications and to monitor vital
signs. Other Federal agencies, for the most part, have not
initiated IPv6 planning efforts. Because of this, we
recommended to OMB that they instruct Federal agencies to begin
addressing key planning efforts. These include developing
inventories and assessing risks, creating business cases and
identifying timelines and methods for transition.
Mr. Chairman, we have been working with the Office of
Management and Budget and we recognize Ms. Evans' efforts that
earlier this year called for Federal agencies to update
strategic plans, enterprise architectures and acquisition
strategies to address IPv6 transition. Although Ms. Evans'
statement is encouraging, more effective leadership is needed.
In addition, we also recommended that Federal agencies take
immediate action to address near term security risks.
Ironically, this new protocol that in the long term will
improve network security creates several near term
vulnerabilities if not properly managed, as Mr. Rhodes will now
demonstrate.
Before turning it over, Mr. Chairman, I would like to thank
you for your leadership in this area and for jump starting the
Federal Government's transition to this new protocol.
[The prepared statement of Mr. Powner follows:]
[GRAPHIC] [TIFF OMITTED] T2510.011
[GRAPHIC] [TIFF OMITTED] T2510.012
[GRAPHIC] [TIFF OMITTED] T2510.013
[GRAPHIC] [TIFF OMITTED] T2510.014
[GRAPHIC] [TIFF OMITTED] T2510.015
[GRAPHIC] [TIFF OMITTED] T2510.016
[GRAPHIC] [TIFF OMITTED] T2510.017
[GRAPHIC] [TIFF OMITTED] T2510.018
[GRAPHIC] [TIFF OMITTED] T2510.019
[GRAPHIC] [TIFF OMITTED] T2510.020
[GRAPHIC] [TIFF OMITTED] T2510.021
[GRAPHIC] [TIFF OMITTED] T2510.022
[GRAPHIC] [TIFF OMITTED] T2510.023
[GRAPHIC] [TIFF OMITTED] T2510.024
[GRAPHIC] [TIFF OMITTED] T2510.025
[GRAPHIC] [TIFF OMITTED] T2510.026
[GRAPHIC] [TIFF OMITTED] T2510.027
[GRAPHIC] [TIFF OMITTED] T2510.028
[GRAPHIC] [TIFF OMITTED] T2510.029
[GRAPHIC] [TIFF OMITTED] T2510.030
[GRAPHIC] [TIFF OMITTED] T2510.031
[GRAPHIC] [TIFF OMITTED] T2510.032
[GRAPHIC] [TIFF OMITTED] T2510.033
[GRAPHIC] [TIFF OMITTED] T2510.034
[GRAPHIC] [TIFF OMITTED] T2510.035
[GRAPHIC] [TIFF OMITTED] T2510.036
STATEMENT OF KEITH RHODES
Mr. Rhodes. What I am going to explain to you is an exploit
that we have used when we are testing Federal departments and
agencies and one we have proven and documented in our own
laboratory.
The first slide is a typical IPv4 configuration. You see a
router, intrusion detection, a firewall, all working together
to protect a system that is connected to the Internet.
The intruder on the left sends the target agency on the
right a specially crafted e-mail. The targeted user opens the
e-mail thinking it is a normal e-mail. Let me note here this
attack does not require the user to double click on an
attachment as is common with most MOU ware. If the e-mail is
Web-based, that is, it is written in the language of the World
Wide Web, the hypertext mark up language, then even if the user
just previews it in the window in their mail system, the attack
will launch.
The e-mail looks normal to the target but deep inside the
computer, the IPv6 stack is turned on, given an address and a
mission. The mission is to send a shell back to the intruder
using IPv6 inside IPv4. This means that the shell request is
sent back to the intruder via tunnel which is carried by the
IPv4 packets. The shell request is totally invisible to the
firewall, the intrusion detection system and the Internet, just
some normal looking IPv4 packets.
Now there is a new network, a dedicated network between the
intruder and the target agency unseen by most current firewall
and IDS technologies.
As the intruder explores the target agency, the intruder's
software converts the PC to a router and many other computers
answer the IPv6 call. Now there is a covert IPv6 network
invisible to the target agency.
My final point is this could have been avoided using
available technology and best practices, for example, closing
Port 41 to outbound traffic on your firewall. The transition to
IPv6 can be done safely and securely with proper precautions.
Otherwise, the intruders are out there and they know how to do
this.
Thank you, Mr. Chairman, and I will accept any questions.
Chairman Tom Davis. Thank you very much.
Mr. Wauer.
STATEMENT OF GEORGE G. WAUER
Mr. Wauer. Good afternoon. Thank you for the invitation to
testify before the committee.
In the interest of time, I will submit my formal written
testimony for the record. I would, however, like to make the
following key points.
The Department of Defense views version 6 as a critical
enabler in achieving our vision of global net-centric
operations. Modifying version 4 to accomplish this version
would have been, at best, problematical. Version 6 provides
specific features that can make the net-centric vision a
reality.
In June 2003, the Department established the goal of
transitioning to version 6 by 2008. We are defining phase
timelines that include specific system implementations that
address increasingly complex end-to-end functionality. However,
due to the critical nature of the Department's mission, it is
imperative that this transition not imperil our current
operational capabilities.
Our strategy and the position of the Department is to
complete the transition with minimal additional costs by using
phase timelines and relying primarily on already-scheduled and
planned technology refreshments. In fact, since October 2003,
we have required version 6 capability on all new acquisitions
and procurements. This strategy allows the Department to
leverage ongoing commercial and industry version 6 efforts.
However, even with this transition strategy, there will be
some additional costs for this major technology insertion.
These additional costs are expected to be in the area of
planning, engineering, technical assessments and training.
Implementing version 6 across the Department is complex and
presents many challenges. Careful and early planning has been
necessary to ensure the transition to version 6 is accomplished
in an effective and controlled manner. Version 6 must not be
disruptive to the everyday, strategic tactical and business
operations of the Department.
DOD is firmly committed to the expeditious transition to
version 6 in a manner that is affordable and protects the
interoperability, security and performance of the existing
requirements we have on our plate.
Thank you and I appreciate the committee's interest in the
transition for the Department and I would be happy to answer
any questions.
[The prepared statement of Mr. Wauer follows:]
[GRAPHIC] [TIFF OMITTED] T2510.037
[GRAPHIC] [TIFF OMITTED] T2510.038
[GRAPHIC] [TIFF OMITTED] T2510.039
[GRAPHIC] [TIFF OMITTED] T2510.040
Chairman Tom Davis. Ms. Evans, let me start with you. IPv6
raises some very broad and very serious policy issues as you
addressed. Some of these issues are squarely within OMB. For
example, agencies are planning for IPv6 and securing their
current systems.
Other issues such as the international challenges, economic
competitiveness, lack of IPv6 firewalls for classified systems
go beyond the purview of OMB and the CIO Council. What is the
administration doing to organize and address this challenge?
Ms. Evans. First off, there are a couple things in there
but more importantly, everything we do within the
administration is coordinated within the Executive Office of
the President. As we move forward and take on these issues,
they are coordinated through the councils that exist within the
Executive Office of the President.
We have taken on this issue, my policy and how it impacts
the Federal agencies has also been looked at going forward, so
I can talk about what I am doing to affect the Federal agencies
overall. I would be happy to take back any other specific
questions that you have and get answers for the record.
Chairman Tom Davis. Do we have any ballpark estimate of the
cost and the labor requirements of the transition?
Ms. Evans. Right now, based on the analysis we did, it
could grow by an order of magnitude. This is the reason why we
are asking for the agencies to prepare these reports and these
documents so that we can get an estimate of what it is going to
cost.
For the most part, and I believe my colleagues from DOD
have already stressed this, a lot of the costs as far as
hardware, software or the products we buy, they are already
IPv6 capable and enabled and have that capability. The cost we
want to make sure we have a true handle on deal with the
applications that are currently in place. They may be using
something very specific to IPv4. That is why I agree with
everything that has been said so far. The planning efforts will
be very critical to get a good handle on the cost estimates.
Chairman Tom Davis. Given the expenditures by the Europeans
and the Asians on this, which far out-strip anything we have
done are we behind the eight ball at this point? How would you
describe where we stand?
Ms. Evans. As far as the implementation of IPv6, I think
everything you read in the GAO report shows that it is self
explanatory. We have a huge investment obviously in version 4
and the way to move forward is the administration, at least
from the Federal Government's standpoint and our investment is
we are going to take a market-based approach and view how the
market and the products conduct to go forward.
We are taken that first step by indicating that we want our
network backbones to be IPv6 enabled by 2008. We feel that is a
significant step for where we already are. When I say we are
behind the eight ball, it is relative depending on what
services, what activity, whether you are looking at it from the
consumer or the Federal Government standpoint of the
investment.
Chairman Tom Davis. Mr. Powner, to the extent that you are
able, can you kind of describe the projects you are undertaking
in IPv6?
Mr. Powner. The projects GAO is currently undertaking?
Chairman Tom Davis. I am sorry, I meant to ask this of Mr.
Wauer.
Mr. Wauer. Those are spread out over the whole Department
of Defense. We are looking at all of the new procurements going
on such as TSAT, the gig bandwidth expansion and several of the
other procurements that are going on, JTERS. All of those are
going to be IPv6 enabled.
Chairman Tom Davis. Are you in any position at this point
to talk about how long it would take to complete the transition
and what the cost would be?
Mr. Wauer. No, I am not.
Chairman Tom Davis. Ball park?
Mr. Wauer. Anything I would give you would be strictly off
the top of my head. The actual implementation plans from each
of the services and components are being generated. They have
gone through a first cut and until we see those and are able to
aggregate those, it would be very difficult to put a specific
timeframe on that.
Chairman Tom Davis. Mr. Powner, how do we measure the
success of the transition? Could GAO benchmark the United
States versus other nations? Would that be an appropriate
benchmark?
Mr. Powner. One of the things that we are currently in the
process of doing for you is looking at some of the early
adopters of IPv6. In fact, we will touch on some of that with
where some of the other countries are. Initially, some of the
data out there is a bit misleading. Clearly from a leadership
perspective, I agree with some of your comments earlier and
where your questions were going that we are behind the eight
ball from a leadership perspective clearly. From an actual
transition perspective, it is a little unclear where some of
the other countries are. There are councils in place and tax
incentives being thrown out there for corporations and
agencies.
Chairman Tom Davis. How much has been spent by other
countries roughly on the transition at this point?
Mr. Powner. No ballpark.
Chairman Tom Davis. Significantly more though than we have
spent, is that fair to say?
Mr. Powner. Likely, yes. That is a huge unknown here in the
States, how much we spend, especially from the Federal
perspective.
Chairman Tom Davis. You may actually have the incentive
because they are the ones that need the addresses and
everything else.
Mr. Powner. Absolutely and we don't have the pressing need
because we control more than 70 percent of those 4 billion
addresses to date.
Chairman Tom Davis. If the world stayed at IPv4 at this
point, we would not be disadvantaged competitively, it would be
the other countries and that is where the impetus is?
Mr. Powner. Correct, but I think if you look from a mission
perspective and why DOD has this very detailed effort in place
to transition from a mission perspective, we would like to stay
on the cutting edge. There are implications for homeland
security applications where we could really benefit from what
the new protocol could provide.
Chairman Tom Davis. Would you say this is not comparable to
Y2K because we are not dealing with a time certain at this
point? This continues to be a work in progress as it emerges.
As Ms. Evans said, market-based and we will see how quickly it
gets up to snuff?
Mr. Powner. It is clear we don't have a firm deadline like
Y2K but I think it is nice we have a target the administration
is now throwing out for 2008. Clearly it is similar to Y2K in
the sense that it affects a lot of equipment that is out there.
Our phones, our PCs, operating systems, network routers, it is
widespread in terms of what will need to eventually be swapped
out.
Chairman Tom Davis. Reading the papers today with constant
reports of intrusions and security breaches, it appears the
Internet is relatively insecure. With full implementation of
IPv6, do you think it would provide greater security
potentially?
Mr. Powner. Clearly with the new protocol, there is a
feature in it that allows for more robust authentication and
confidentiality of the day. In the long term, it is believed
that protocol will allow for greater security.
The issue where it is insecure as Mr. Rhodes demonstrated
is there is a lack of awareness that agencies currently have,
IPv6 in their networks today? If they knew that occurred, they
could effectively mitigate those risks.
Chairman Tom Davis. Let me ask the entire panel, should the
U.S. Government obtain its own block of IPv6 address space now?
Mr. Rhodes. I don't think it is actually necessary for the
United States to do that when you are talking about a huge
volume of addresses. Locking in your own set is not the same as
it was with IPv4. That is one of the great benefits of IPv6
that there is plenty for everyone. If you lock in your own,
that is fine because then you have contiguous sets of IP
addresses that you can work but it is not the same struggle
that we had with the current set of addresses that you need to
worry about in IPv6.
General Moran. The Department of Defense is in the process
of pulling together an area of how many we think we will need
and we are processing forward to establish that and get it
allocated to us.
Chairman Tom Davis. Do you think the transition to IPv6 is
an economic imperative and do you think the Federal Government
is losing its lead in technology by not moving more quickly?
Mr. Powner, do you have any thoughts on that?
Mr. Powner. Clearly, I think we are in a far better
position if we lead than lag. Being in a position where we can
take advantage of some of the applications that IPv6 could
provide would put us on sound footing, especially when you look
at some of the capabilities we need to secure, the Department
of Homeland Security.
Mr. Rhodes. Mr. Chairman, as a scientist and as an
engineer, I can only say if we allow other people to adapt
before us, they will be the ones who build the killer
applications and we won't because they will be able to work
with it everyday. The Chinese already have an IPv6 router that
they are just waiting for market share on. They have an IPv6
dedicated and enabled network.
If you look at the implementations in Japan and look at the
equipment being built in Japan, they are the ones working with
it on a regular basis in day-to-day operations. We would like
to have a voice over IP; they are already working on it because
they get the quality of service benefit from IPv6. Somebody is
going to be ahead of us if they are working with it every day.
If we relegate it to being networks sitting inside
universities, that is fine but that is research. As Ms. Evans
points out, that is not the market driving it.
General Moran. From the Department of Defense perspective,
it is an operational imperative that we move to IPv6 because if
you look at the future warfighting concepts, whether they be
land, air or sea, we must have an IPv6 environment in order to
move the information we are going to require to be successful
in the environment. Therefore, the DOD I think has moved out so
aggressively.
Chairman Tom Davis. Do you think IPv6 quality of service
standards meet the needs of DOD and will IPv6 give DOD less
quality of service than we have currently?
General Moran. I am not a technologist but I do believe in
order to get the quality of service capabilities that we
require across our global information grid which is going to be
our part of the network, we are going to need to have the IPv6
quality of service implementation.
We are involved through the department level to ensure that
the definitions of those standards meet our requirements.
Chairman Tom Davis. But basically what you have is Asia and
Europe moving ahead on their own. Whatever we do, we will have
to adjust to these standards. Either we will be left behind or
the more proactive we are, we will be able to continue a
leadership role.
General Moran. It is my personal belief that we need to be
in a leadership role so that we get the standards developed in
a way that from the Department's perspective, we get the
capabilities we require.
Chairman Tom Davis. I appreciate the leadership role DOD is
taking.
Mr. Gutknecht, any questions?
This is new stuff for a lot of members. A lot of us are
still trying to figure out how to plug in the computers but it
is critically important for us, not just for operation of
government but for global competitiveness.
From the GAO perspective, I appreciate your report. This
was very, very helpful to others in kind of laying this out.
This is the first congressional hearing on this but it is
something we will continue to try to ride herd on here.
Hopefully the interest will spread to other committees as we
understand the national security implications, the global
competitiveness, economic ramifications of this and this is a
big bite for you, Ms. Evans, as well. I hope you are getting
cooperation within the Government as you continue to take your
leadership role on this.
If there aren't other questions for this panel.
General Moran. I really want to make one statement about
one item you just mentioned and that was the question about
Y2K. I do believe the reason the Department has been so
successful is that our leadership is using the Y2K model to
manage this. That is what has forced the leadership to deal
with the realities of this change that is required. Even though
we don't have a day and time that we have to be on IPv6, the
management strategy the Department is using is exactly what we
used in Y2K. I would argue that is why we were so successful.
Mr. Wauer. If I can inject one other thing, one of the
things the Department has found is this is a highly complex
process. It is spread out over a myriad of different
applications. It is not a trivial thing, both from a technical
and management standpoint.
We actually stood up a transition office. This is not a
part-time job for a group of people. This is going to require
some dedicated staffing and some real emphasis being placed on
it to get this thing done right.
Chairman Tom Davis. Is there dedicated funding for this at
this point or are we kind of taking a little here and there?
Mr. Wauer. The first 2 years, there was some dedicated
funding for the transition office itself. We are now in the
roll. It is spread across because the way we manage true
programs, it is spread out across the programs.
Chairman Tom Davis. Explain to me what happens if we sit
back and do nothing. If we were to sit back at this point and
take a very relaxed point of view and let everyone else move
ahead, what are the ramifications of that? Ms. Evans.
Ms. Evans. I would like to venture an answer that we could.
As a Nation, we could sit back because we do own over 70
percent of the address in space. We could invest and make that
address in space continuously work for us and gain greater
efficiencies but I think as pointed out by several others here,
if you want to drive innovation, you have to create an
environment where people can think about what if. You saw that
as we were going through the big dot com boom. Everybody was in
the what if, the Internet presented so many different
opportunities.
This isn't a concept, a technical concept that sometimes is
a little hard to grasp but it provides the opportunity to
provide an environment out there that you can ask that question
again, what if. What if I want to do this for Homeland
Security, what if I want to do this for the Department of
Defense so that I can expand? Industry, I believe, would
respond because of the way that innovation has always been here
within the United States. So we could sit back and continue to
invest in the current technology that we have and make it more
efficient or we can invest in the possibilities of the future.
The administration acknowledges that with proper planning
and proper resources, IPv6 would allow the country to be able
to move forward to deal with all those issues.
Chairman Tom Davis. Mr. Rhodes.
Mr. Rhodes. Just wanted to give you one practical homeland
security application. We are very concerned about chemical,
biological, radiological and nuclear unconventional devices.
One of the solutions to that is to place sensors. Each one of
those sensors is going to be on a network, each one of those
sensors is going to require an IP address, they are going to
have to send their information back somehow.
If you want to really have ground truth either from the
standpoint of the soldiers, sailors, airmen and Marines or the
first responders, you are going to have to have this. Yes, we
could sit back but you just don't have enough Internet
available to you at this moment in its own configuration.
Chairman Tom Davis. Thank you very much.
We will take a 2-minute break and call our next panel.
[Recess.]
Chairman Tom Davis. Thank you all for being here.
You heard our first panel of witnesses and some of the
questions. Hopefully we can get into some other questions as we
move through this.
We have on this panel: John Curran, chairman, American
Registry for Internet Numbers; Jawad Khaki, corporate vice
president, Microsoft Corp.; Stan Barber, vice president, Verio,
Inc.; and Alex Lightman, chief executive officer, Charmed
Technologies, Inc.
[Witnesses sworn.]
Chairman Tom Davis. Mr. Curran, we will start with you and
move down the line. Try to keep it to 5 minutes but if you need
time, it looks like we have a small group of members, so we
will have some time if you need a couple extra minutes to make
your point.
STATEMENTS OF JOHN CURRAN, CHAIRMAN, AMERICAN REGISTRY FOR
INTERNET NUMBERS; JAWAD KHAKI, CORPORATE VICE PRESIDENT,
MICROSOFT CORP.; STAN BARBER, VICE PRESIDENT, VERIO, INC.; AND
ALEX LIGHTMAN, CHIEF EXECUTIVE OFFICER, CHARMED TECHNOLOGIES,
INC.
STATEMENT OF JOHN CURRAN
Mr. Curran. Good afternoon.
My comments are formally a part of the record, so I am not
going to read them but I will summarize them for the sake of
brevity.
I am John Curran. I was one of the founders of the American
Registry of Internet Numbers. I have been the chairman since
its inception in 1998.
I would like to say I welcome the chance to come here and
talk about U.S. leadership and the IPv6 arena. I think it is a
very important topic.
I want to say for background not everyone is aware of how
IP addresses are allocated. ARIN is one of the five regional
Internet registries that handle address management. We handle
it for North America which includes Canada, the United States,
much of the Caribbean. Our counterparts are AfriNIC, APNIC,
LACNIC and RIPE NCC which handles Europe. Combined, these
registries form a bottoms up policy formation process that all
Internet service providers worldwide participate in. This is a
very important concept to keep in mind as we talk about
Internet numbers and how they are allocated and the transition
to IPv6.
I have background in industry as well which is relevant to
this. I have been involved in three Internet companies as chief
technology officer including BBN which was the builders of the
IBERnet, the original IP network; XO Communications out in
Virginia; and most recently a company called ServerVault.
My involvement in the Internet actually goes back quite
some time. I was involved in the Internet Engineering Task
Force back when it was time to form the IP Next Generation
Directorate, the group that took on the problem of the IP
address depletion issue. I would like to review what happened
at that time because it is very important to this proceeding to
give context as to why we are talking about IPv6 now.
Back in 1993, the emerging research network and commercial
Internet was very successful. We had the regional networks
growing by leaps and bounds, we had the very start of the
commercial Internet providers. A group of people got together
and figured out that we were going to have an address depletion
problem. Back at that time, that problem looked like it could
occur as soon as 2005, potentially as late as 2010.
As a result, the IETF formed a group called the IP Next
Generation Directorate which was challenged with forming the
requirements for the next generation Internet protocol. The
result of that group and the follow on efforts in the IETF was
the IPv6 protocol. That protocol as we all know has a much
larger address space and has numerous technical enhancements.
This is all covered very well in the GAO report and I won't go
through it.
It was envisioned that larger address space was needed
because we were going to run out of address spaces again very
early in 2000. Luckily, there were some changes in address
allocation policy at the same time. These changes resulted in
the usage of IPv4 address space being reduced substantially,
the rate at which we were using them, and as a result, we have
no problem today. IPv4 address space is being used but there is
plenty available for organizations worldwide to connect.
The reality is that we do forecast this a bit. The
forecasts show 2018 being one of the earliest forecasts but it
is a moving target. You can have a few years of increased usage
that will cause that forecast to come in.
The important point here is that whether we are looking at
a number of 201, 2015, there is ample time for organizations to
transition to IPv6. There is not a crisis, per se. This is
important to remember because the transition to IPv6 is a very
challenging item. We had the prior panel discuss the planning,
the business case and the security issues associated with that.
I would like to highlight the fact that we have been
allocating IPv6 addresses to organizations since 1999. The
Internet community is standing by ready to transition. We have
the protocol done, we have the address allocation authorities
done, there are test networks for IPv6. So we are ready to go.
That is not a challenge.
The challenge is that you need to have a transition plan
and you need to have business cases. These are very complicated
for industry to form. One of the things that led in the United
States to a lot more analysis of transition issues was the
Department of Defense's adoption of a Statement of Migration to
IPv6. That caused not only within the Department of Defense
community but in the contractor community and in the vendor
community, a focus on all of the issues necessary to enable
this.
The reality is that is what we need, more industry
involvement. This industry involvement can be achieved by
involving more Federal agencies in the planning process. Per
se, industry will help facilitate the transition to IPv6, but
we don't need anything other than the impetus provided by more
Federal planning.
As some of the largest users of IT technology, it is
appropriate that Federal agencies are the ones that start the
planning process as early as possible because they have large
issues that are associated with their scale.
I just want to say that ARIN supports the increased
involvement of more Federal agencies in this planning process.
The Internet community is ready to transition to version 6.
There is time to get the job done and we look forward to this
committee's and the GAO's involvement in encouraging more
Federal agencies to move in this direction.
That concludes my comments. Thank you and I look forward to
questions.
[The prepared statement of Mr. Curran follows:]
[GRAPHIC] [TIFF OMITTED] T2510.041
[GRAPHIC] [TIFF OMITTED] T2510.042
[GRAPHIC] [TIFF OMITTED] T2510.043
[GRAPHIC] [TIFF OMITTED] T2510.044
[GRAPHIC] [TIFF OMITTED] T2510.045
[GRAPHIC] [TIFF OMITTED] T2510.046
Chairman Tom Davis. Thank you very much.
Mr. Khaki, thank you very much for being with us.
STATEMENT OF JAWAD KHAKI
Mr. Khaki. My name is Jawad Khaki. I am the corporate vice
president for Windows Networking and Device Technologies where
I have worked for 16 years.
I consider it a great honor to be with the committee today.
Beginning in July, I will serve on the Federal Communications
Commission's Technical Advisory Council which was designed to
provide the FCC with technical advice on emerging technologies.
In both this hearing today and as part of the FCC Council,
my goal is to help America maintain its tradition of
technological excellence and role as the global leader in
information technology.
The success of the Internet today is due in large part to
the efforts of the U.S. Government providing initial financial
incentives including supporting academic research and Microsoft
and other key industry partners providing Internet capable
devices and applications.
Broadband Internet access is now commonly available
worldwide and combined with the latest IP devices and services
such as mobile telephones, multi-player games, voice-over
Internet protocol, video conferencing, IP-based TVs are placing
increasing requirements on the Internet's infrastructure. IPv6
brings relief to this strained infrastructure.
International IPv6 efforts continue to pick up momentum, as
you noted most notably in Asia, specifically in Japan and
China. In September 2000, the Japanese Prime Minister, Mori
Yoshiro made IPv6 a Japanese national priority akin to the U.S.
Government's approach to the Internet 30 years ago.
We anticipate that Japan will roll out robust, commercial
IPv6 networks capable of supporting tens of millions of
broadband subscribers over the next few years. Chinese and
Japanese efforts are designed not only to deploy IPv6 Internet
technologies but also to promote domestic industry. Domestic
companies in China receive substantial government funding for
their efforts. We also see similar efforts in India, Europe and
other parts of the world. IPv6 adoption has proceeded slowly in
the United States but is likely to accelerate as IPv6 network
solutions and applications become more available, robust and
affordable.
The conversion from IPv4 to IPv6 is a large task that will
affect network architectures, applications, systems and
operational procedures but we believe the benefits would
outweigh the costs. It appears private industry efforts are
working well at this stage of IPv6 planning and deployment.
Companies continue to support IPv4, increasing providing IPv6
compatibility and many are preparing for an eventual transition
to an IPv6 network.
It is difficult to codify an exact cost amount of either an
organizational or national level IPv6 transition since the
costs will depend heavily on the way entities deploy IPv6.
Transition technologies provided as an inherent part of the
IPv6 protocol support are in the short term the most cost
effective, fastest and least disruptive way to introduce IPv6
connectivity into an existing IPv4 environment.
In the long term a full native IPv6 deployment can be
achieved gradually by adding IPv6 into the network through a
regular technology refreshed cycle. Microsoft understands the
importance of IPv6. Our research and development teams
participate in the IETF IPv6 Open Standard Activities and the
next version of the Windows operating system, code-named
Longhorn, will be fully IPv6 capable.
While we are working toward developing a comprehensive set
of IPv6 capable applications and services, we remain acutely
aware that any IPv6 deployment should be a phased transition
that results in minimal infrastructure upheaval. Ultimately,
Microsoft believes that marketplace dynamics with the
Government being an engaged customer, will gradually lead to
widespread use of IPv6 in the United States and around the
world.
As we look at the Government's role, we would not recommend
mandates or regulations to artificially force IPv6 deployment
but rather, active political support and efforts to strengthen
the domestic economy and stimulate commercial innovation.
On the academic front, U.S. Government funding of research
grants and programs that provide a guiding light on evolution
of the Internet should be continued. As Bill Gates stated at
the Library of Congress in May, ``Our universities and
laboratories must be invigorated with first class research
programs and thinkers to continue to blaze the technology
trail.''
We suggest that international efforts to stimulate adoption
of IPv6 be evaluated and that the U.S. Government learn from
and if appropriate, adopt some of these emerging practices.
Providing economic incentive programs typically show faster
results than policy recommendations alone.
U.S. Government procurement actions have a profound impact
on commercial product strategy and delivery plans. Strong IPv6
support from the U.S. Government such as current efforts by DOD
will only strengthen the perception that IPv6 is an important
technology for American business and the public sector.
In conclusion, Microsoft is excited about the IPv6
potential to enable pervasive collaborative computing. The U.S.
Government has a great opportunity to foster an environment in
which we have industry and academic IPv6 thought leadership. We
are eager to work with you to achieve this environment.
Thank you once again for the opportunity to speak before
the committee. I look forward to answering your questions.
[The prepared statement of Mr. Khaki follows:]
[GRAPHIC] [TIFF OMITTED] T2510.047
[GRAPHIC] [TIFF OMITTED] T2510.048
[GRAPHIC] [TIFF OMITTED] T2510.049
[GRAPHIC] [TIFF OMITTED] T2510.050
[GRAPHIC] [TIFF OMITTED] T2510.051
[GRAPHIC] [TIFF OMITTED] T2510.052
[GRAPHIC] [TIFF OMITTED] T2510.053
[GRAPHIC] [TIFF OMITTED] T2510.054
[GRAPHIC] [TIFF OMITTED] T2510.055
[GRAPHIC] [TIFF OMITTED] T2510.056
[GRAPHIC] [TIFF OMITTED] T2510.057
[GRAPHIC] [TIFF OMITTED] T2510.058
[GRAPHIC] [TIFF OMITTED] T2510.059
[GRAPHIC] [TIFF OMITTED] T2510.060
[GRAPHIC] [TIFF OMITTED] T2510.061
[GRAPHIC] [TIFF OMITTED] T2510.062
Chairman Tom Davis. Thank you very much.
Mr. Barber.
STATEMENT OF STAN BARBER
Mr. Barber. It is a distinct honor to speak to you today
about the next generation Internet and the transition to
Internet protocol version 6.
My name is Stan Barber, the vice president of engineering
operations at Verio, Inc. Verio is one of the world's leading
Internet service providers and one of several so-called Tier 1
Internet backbone providers, the networks with sufficient
reach, scale and traffic to afford their customers and
customers of other interconnecting networks, including U.S.
Government users, global connectivity. Verio is based in
Englewood, CO, and is a subsidiary of NTT Communications Corp.
and an affiliate of NTT America, Inc.
The committee is to be congratulated for its focus on the
next generation of Internet services. We all recognize that the
Internet has become in a few short years a fundamental aspect
of our economy and essential to the productivity of business
and delivery of government services. To some, the term ``next
generation'' suggests speculation about future technological
developments, and wide expanses of time and opportunities to
identify and address issues. However, we live on Internet time,
and, ``next generation'' in that context means ``now.''
Indeed, the next generation of the Internet, IPv6, was
defined as an open source, non-proprietary protocol in the
1990's and has already found its place extensively in major
computer operating systems such as Windows XP and Linux and in
many public and private networks around the world. I believe
that my company, Verio, is the world's most experienced
commercial IPv6 service provider and operates the most
extensive commercial IPv6 network.
Most networks today still operate in the older IP version 4
protocol, but the transition to the later technology is
essential and inevitable because of the inherent advantages
built into IPv6. IPv4 does not today provide for sufficient
addresses to accommodate efficiently connectivity to all
potential users worldwide. IPv6, on the other hand, increases
the number of directly addressable nodes exponentially. While
security for IPv4 is provided where practical as a ``patch,''
using overlay systems, IPv6 builds in high level security
protections, such as secure remote node authentication and
encryption, directly into the network layer, assuring more
reliable and ubiquitous protection.
IPv6 generally increases flexibility and functionality with
additional benefits, such as more efficient routing of traffic
and more effective usage with wireless devices. The result is
lower costs and improved services, like end-to-end
communications and communications with devices other than PCS,
something we call m2m-x communications. That is why Internet
equipment manufacturers and the leading software providers,
service providers and private network operators have started to
transition from v4 to v6, and those that have not as yet, will
inevitably find that flexibility, efficiency and security
requires the conversion.
Other countries are ahead of the United States in this
transition. This does not reflect any genuine technological
advantage over the United States. Indeed, it may be said that
the United States continues to lead the rest of the world in
Internet and related technology. Other countries have advanced
to IPv6 primarily because of an initial lag in Internet
development. Consequently, they have been more keenly focused
on the need to address the shortage of Internet addresses and
less extensive legacy networks in need of transition.
For example, the European Commission created a task force
to design a plan of action for development, testing and
deployment of IPv6 in 2001. The task force is coordinating
efforts in individual member counties and regions and seeking
cooperation with other countries.
The Chinese government has established an IPv6 network
linking major universities. The government is also funding a
plan to develop a more extensive IPv6 infrastructure.
Taiwan is also developing a national information
infrastructure built on IPv6.
India has established the IPv6 Forum to coordinate
development and implementation of IPv6.
In Japan, the home of our parent company, the government's
e-Japan Strategy has been promoting the transition to IPv6
Internet. In addition, an e-Government Creation Plan
facilitates the procurement of IPv6-capable devices. In the
commercial sector, the IPv6 Promotion Council helps address
issues related to the transition.
I have described these initiatives in other countries not
to advocate any U.S. Government mandate or funding of
transition to IPv6 in the private sector, but to note the clear
recognition by policymakers abroad of the potential of IPv6.
This committee is showing its characteristic leadership in
bringing to the attention of the public the need for an
effective transition from legacy Internet technologies in
government and more generally.
The report of the Government Accountability Office
requested by this committee demonstrates a deep understanding
of the issues raised by this technological transition. The GAO
offers solid recommendations to save government money and to
protect against security threats.
In addition to GAO's comments, it is also useful to
recognize that the transition to IPv6 need not be disruptive or
costly. Verio and NTF Communications employ the so-called
``dual stack'' transition strategy globally in which we run
simultaneous IPv4 and IPv6 systems. Use of the IPv6 system is
selected where a peer has that capability; the legacy protocol
is employed where the peer cannot be reached in IPv6. Thus, the
transition is transparent to users and existing software and
equipment.
Software and equipment that does not accommodate IPv6 can
be updated in conjunction with normal upgrades or as specially
designated by management. The key point is that, as recognized
by the GAO report, government and private sector management
should at least be surveying their essential IT operations to
accommodate the inevitable transition. In this regard, the GAO
and this committee are also to be congratulated for
highlighting an extremely important issue of security related
to on-going employment of legacy IPv4 networks in the
transition to IPv6.
As I have indicated, some operating systems, including such
ubiquitous systems as Windows XP, Apple's OS X, Linux and Unix-
based systems, already accommodate IPv6, although they are used
primarily in this country in conjunction with the legacy
network protocol.
Similarly, many software applications today accommodate
IPv6. Not all IT managers are aware of the potential of a grave
security threat to their systems by allowing unauthorized
parties access to software using ``ghost'' IPv6 addresses
unrecognized by their systems because they are buried within
IPv4 addressed packets. Or, if they are aware of the threat,
they do not have the budgets and other resources to address the
problem.
Even as government agencies and the private sector
transition, as they must, from the legacy platform to IPv6,
they must be vigilant in adapting firewalls and other equipment
and software to prevent unauthorized parties from using IPv6
capabilities accessed covertly over existing IPv4 networks.
Mr. Chairman, I thank you again for the opportunity to
address this committee about these critical issues of
technological development and implementation, and for your
leadership in identifying and making the public aware of these
important matters. Verio stands ready to continue to assist the
committee further in any way we can.
[The prepared statement of Mr. Barber follows:]
[GRAPHIC] [TIFF OMITTED] T2510.063
[GRAPHIC] [TIFF OMITTED] T2510.064
[GRAPHIC] [TIFF OMITTED] T2510.065
[GRAPHIC] [TIFF OMITTED] T2510.066
[GRAPHIC] [TIFF OMITTED] T2510.067
Chairman Tom Davis. Thank you very much.
Mr. Lightman.
STATEMENT OF ALEX LIGHTMAN
Mr. Lightman. Thank you for allowing me to share my
observations on the possibilities, opportunities and challenges
presented to the U.S. Federal Government by the looming and
inevitable transition to Internet protocol version 6.
As the name of this hearing, ``To Lead or Follow,''
implies, this is an urgent time for Internet leadership. The
Federal Government invested the first $50 million in the first
Internet, and as a result, the United States led the world in
that technology.
The United States has 50 percent of the Internet service
business, and the Internet has impacted thousands of
industries, creating an estimated $500 billion a year in extra
Federal revenues, and adding over $1 trillion in wealth via
companies like Google, Yahoo!, Amazon, eBay, and hundreds of
other public companies.
Similarly, the new Internet has the potential to create 10
million new American jobs and trillions of dollars in revenue
for the United States, but leadership is slipping away to other
countries, and it will soon be difficult, if not impossible, to
recover. One company, Japan's NTT, has more IPv6 customers than
all American companies combined. In fact, over 99 percent of
IPv6 traffic is occurring outside of the United States. In the
first Internet, we had 99 percent of all Internet traffic in
the early stages. To answer your question from earlier, we are
way, way, way behind the eight ball.
Japan, China, Korea, and Europe have invested over $800
million in the new Internet compared to about $8 million for
the U.S. Federal Government, and are now changing the new
Internet to reflect their political priorities, which are very,
very different from America's political priorities, and even
American laws.
I got a 300 page document from a friend of mine in Spain
where they are basically trying to make IPv6 anonymous so that
you can't see who is using it and doing what. In China, they
have 70,000 people, 50,000 now and 20,000 about to be hired
whose whole job is to scour the Internet finding people doing
things they don't like and then grabbing them. These are two
opposite extremes from the way America would like to do it. We
would like to have peaceful, non-terrorist uses of the Internet
be private but we want to be able to reach out and protect the
country when we have to.
With Federal leadership in the new Internet, the U.S.
Federal Government will create a service export boom, with
millions of innovative new jobs, increased competitiveness for
hundreds of industries, and thousands of new startups,
potentially creating a booming economy. American leadership in
the new Internet will also add thousands of new products vital
to our military and homeland defense, better security, and
underpin sustainable technological leadership for the United
States.
The promise of the products and services enabled by the new
Internet is huge, an affordable way to show high quality
television over the Internet, a possible way to deal with spam
and attacks on networks, and hundreds of applications to make
American lives easier and safer.
Over $9 trillion of America's nearly $13 trillion economy
relates to services, subscriptions, and transactions, and we
kind of take it for granted people can't come in and grab those
away from us. IPv6 will help keep the trust and keep hundreds
of millions of customers loyal to American companies. If we
don't show leadership in the new Internet, we get a loss of
millions of jobs and market shares across thousands of
companies.
This is my big concern. A loss of public trust and
reputations in transactions over U.S. networks using the
existing, highly vulnerable IPv4 protocol, coupled with an
increase in trust of IPv6 networks in Japan, Korea, China, and
the 25 nations of the European Union, could have a devastating
impact on America's service economy. Internet Service
Providers, telecommunications giants, banks, brokers and even
our defense contractors will lose business.
Where the U.S. Government showed leadership, as we did with
the post office, the interstate highway system, airplanes,
lasers, radar, computer chips, and satellites, none of which
would have happened if we had left it to the market, we are
world leaders even decades later.
Where our Government did not show leadership, where there
wasn't a Congressman Davis to hold hearings and get involved
with it, including color televisions, big screens and high
definition television, digital cameras, and DVDs, America plays
almost no role in these and related areas, except as a consumer
and our trade deficits reflect that, almost $700 billion this
year, importers of food, importers of goods. God help us if we
become importers of services, subscriptions and transactions.
We are a follower, not a leader, in these fields. If we do not
show leadership in the new Internet, this same thing will
happen to us, but on a much broader basis, it will be in
everything the new Internet touches, which is almost
everything.
Mr. Chairman, the opportunity exists for the American
Government to show leadership in the new Internet, to make a
real difference for our national security and our industries
and workers. By supporting the transition of the Government
agencies to the new Internet standard, as the Defense
Department has already started to do, we will not only support
a more efficient and effective government, that is, help
facilitate fundamental government reform, but will send a
signal to the world that America is still a technology leader
in the 21st century. And for anything as important as a new
Internet standard, it will not be left behind, but will march
in front, and our Coalition Partner governments will join with
us and rally to our standards banner. I confirmed this at the
Coalition Summit which you honored us by being the opening
keynote speaker.
Mr. Chairman, there are many specific actions that your
committee could take to support the promotion of the new
Internet in our Government, and to support the government
reform that will be possible when all of government talks with
the same technical language, so to speak, with this new
standard. Here are three: one, mandate IPv6 for the entire
Federal Government by 2010; two, choose a leader who has the
authority, responsibility, and accountability as well as the
creativity, passion, and integrity, to galvanize thousands of
other leaders to get excited and committed to making the
transition to IPv6 on schedule.
I point to the case of the Coalition Summit where 30
different Coalition partners, people who fight and die beside
us in Iraq, said who is your IPv6 leader. We have our person in
Sweden, the same person who managed the transition for the
government from IPv4. Japan has their leader who reports
directly to the Prime Minister in monthly meetings about this.
China has its leader, Korea has its leader. Everyone has a
leader but us.
Finally, enable this leader to create a Federal IPv6
Transition Office to serve as the central engine for the
Federal IPv6 transition, overseeing a budget which I put this
number out there 6 months ago and nobody has even taken a shot
at it, of $10 billion, with the budget of FITO itself of about
$50 million a year.
This office will assist in managing the complexity of an
Internet transition, something we did before, in the early
eighties when the Internet was only one-millionth as large as
it is today. It is worth pointing out there was a protocol
before IPv4 called NCP. Ten years after TCIP was introduced,
the Federal Government said, we are going to get rid of this
less useful protocol and we shut it off for 1 day. People
howled and we shut it off for 2 days. Then we shut it off
entirely.
Because of this hearing and what is set in motion, there
will come a point at which we realize there is no sense having
IPv4 and we will shut it off like we shut off NCP. Let us have
America be the ones to determine when that shut off is rather
than other countries that might stop routing our packets.
If I had to summarize what the Federal Government should
know about IPv6 it would be: the transition to IPv6 has costs
and benefits. The benefits far outweigh the costs. Failure to
transition to IPv6 for the whole economy by 2012 will cause a
loss of Federal revenues that is roughly comparable to a tax
cut, with these funds flowing to Europe and Asia rather than to
American taxpayers.
Thank you, Mr. Chairman and members of this committee, for
your time and attention, and for the proud leadership role in
technology and innovation for America that you represent.
[The prepared statement of Mr. Lightman follows:]
[GRAPHIC] [TIFF OMITTED] T2510.068
[GRAPHIC] [TIFF OMITTED] T2510.069
[GRAPHIC] [TIFF OMITTED] T2510.070
[GRAPHIC] [TIFF OMITTED] T2510.071
[GRAPHIC] [TIFF OMITTED] T2510.072
Chairman Tom Davis. Thank you very much.
I want to thank all of you. Internet and related areas is
one of the few areas where we are generating a trade surplus.
From almost unanimous testimony, it appears if nothing
else, the transition to IPv6 is going to give more innovation,
that is where the innovation is coming from. What are they
rolling out in Japan right now in products from using IPv6 that
we don't see over here? Does anybody have an answer to that?
Mr. Lightman. What they found is that first of all with
building controls, they have loan way and other companies which
they found they can save 29 percent of building operating
costs, enough to pay for an entire building within 20 years by
having each room have up to 250 controls all managed
automatically by IPv6.
They installed voice over IPv6 in college dorm rooms and
were giving students free calls all over the country. They have
had over 800 taxicabs in Goya, Japan using IPv6 to decide where
taxis should go to more efficiently pick up people. So it is
involved in services, it is in cars, it is in elevators, it is
in trains and there are 370 companies doing projects on IPv6.
All I am talking about is the academic projects of two
universities.
Chairman Tom Davis. Does anyone else want to add to that?
Mr. Khaki. I would characterize the Japanese deployment to
be in its early stages and the examples that Mr. Lightman gave
are accurate. I think what is impressive is the investments
they are making for the long term infrastructure for their
country in partnership with telecommunications operators.
As I commented earlier, they are building the next
generation communications infrastructure. They will deliver
security services for IT as well as content services for the
home. It is a longer term investment that I think is more
impressive than what we are seeing in terms of early adoptions.
Almost every company in Japan that creates consumer electronics
devices or network infrastructure has a strong IPv6 plan and
those products may position Japanese industry in much more
competitive position than they would have been with IPv4.
Chairman Tom Davis. Mr. Barber.
Mr. Barber. There are also a number of groups that are
formed in Japan to foster the use of IPv6 in non-traditional
devices as I mentioned in my testimony, non-PC communications.
Those range not only from things like cell phones which already
have Internet today in many parts of the United States, but to
more atypical devices like you mentioned in your opening
comments, refrigerators, security systems in the home.
There was a discussion about taxicabs that was mentioned
earlier but they are also using it to provide real time
information in the car so when you are driving from point to
point, you can pick up information on the current traffic
patterns or perhaps weather in the area you are about to enter,
things like that. The capabilities they are exploring in Japan
are extensive and they are possible because of IPv6.
Chairman Tom Davis. Mr. Lightman talked about the United
States would be wise to mandate any transition by a certain
date, 2010, and if we didn't do it by 2012, you talked about
perhaps some fairly serious economic ramifications. How do the
rest of you feel about that?
Mr. Curran.
Mr. Curran. I think it is important to have a transition
plan for every Federal agency. This is something that is
necessary, a transition is inevitable and the activity of going
through and building the plan to do transition on an agency by
agency basis is necessary. Just going through and having that
plan as we have seen the activity that has followed the DOD
commitment to a migration plan and a commitment to move to IPv6
will cause industry activity within the United States.
I believe a specific date may not be required but the fact
of having a plan which calls for transition and having that
plan submitted by a date is a very wise idea.
Chairman Tom Davis. Do you think we are behind the eight
ball at this point or do you think we are OK?
Mr. Curran. You have to recognize that my view on this is
somewhat skewed because of my experience with the Internet over
the last 15 years in the addressing field. I believe that it is
not a question of whether or not we have to move quickly to
catch up. Earlier you asked the members from Government whether
or not it was important for the Government, for example, to go
get its own block of IPv6 address space. That is not necessary.
The address space will be there. IPv6 provides an ample address
space so it will be there when agencies go to get it.
I think the more important question is that it is important
to raise the awareness of IPv6 within the United States, it is
important to get all of the people involved in technology,
manufacture, the vendors to produce IPv6 capable products and
not just know it is a switch they have to turn on but someone
is going to actually turn that switch and use it.
The act of the DOD committing to version 6 caused to work
out interoperability problems that would not have otherwise
been found. The commitment of agencies to do the same will
cause the U.S. industry to catch up on version 6.
Chairman Tom Davis. Does everyone who requests a block of
addresses receive it?
Mr. Curran. The regional registries all have allocation
policies that they follow for issuing those address blocks.
These are set on a region by region basis. The challenge is if
you meet the guidelines, you get your address space. There are
applications in every region of the globe that don't meet that
region's addressing policy and get turned down.
Chairman Tom Davis. Is that a business case you have to
make to get that address?
Mr. Curran. It is simply showing that you have valid uses
for the address space. One of the challenges we face as the
stewards of the address space is ensuring that people indeed
have equipment to use the addresses on. We don't want a
hoarding situation.
Chairman Tom Davis. That is the next question. If I'm a
large consumer products manufacturer and I would put IPv4 in
every product I make, say $20-40 million, can I get that block?
Mr. Curran. That question actually came up a number of
times 2 and 3 years ago. We were approached, for example, by
the cellular industry. The cellular industry was directed that
wide scale deployment of devices with embedded addresses should
look in the direction of version 6.
We are trying to make sure that the future is looking to
version 6 particularly for these embedded applications.
Chairman Tom Davis. Mr. Higgins.
Mr. Higgins. Thank you, Mr. Chairman, for your leadership
on this very important issue.
The United States represents about 5 percent of the world's
population and about 50 percent of its economic strength, and
about 40 percent of its technological output. The U.S.
leadership position is eroding as evidenced by the pervasive
and growing trade deficit which is about $600 billion today,
meaning that Americans who used to make things and sell them to
the rest of the world are now a consumer nation. We consume
about 6 percent more than we produce. This indicates there are
economic troubles currently and on the horizon. It is a much
different world than we dealt with ever before.
Tom Friedman, the New York Times columnist and author just
wrote a book called, ``The World is Flat'' and in it he argues
that the old vertical model, the old economic model of knowing
who is on top and knowing who is on the bottom is gone, the
world is flat, it is horizontal. Knowing who is up, who is down
and who is emerging is much more difficult.
He argues that this is a consequence of the convergence of
information technology which now makes the tools of innovation
and collaboration available to all. Depending on the motivation
that you bring to these tools, positive or negative outcomes
are determined.
The one interesting parallel he outlines in his book in the
final chapter in particular is, he says in February 1999 two
airlines were started. One was started by a bright American
entrepreneur by the name of David Kneitelman of Salt Lake City,
UT. He financed through American banks the purchase of a whole
new fleet of jets. He outsourced the pilot training to a flight
school throughout the United States and he outsourced the
reservation system to retirees and housewives in Salt Lake
City. When you call Jet Blue, which is his airline, and make
your reservation, you are talking to someone who is in their
living room in Salt Lake City. He built in Jet Blue one of the
most successful and financially strong airlines in the entire
world.
The other airline was started in Afghanistan by Osama Bin
Laden. He financed a purchase of jets through various
financiers in the Middle East; he outsourced the pilot training
to a flight school in Miami; and outsourced the training or
planning to Ali Sheik Muhammed.
Both airlines were designed to fly into New York City, Jet
Blue into LaGuardia and JFK and of course Al Queda into lower
Manhattan.
The thesis of his book is a very urgent reminder of what
Americans have to do in order to not only regain their economic
superiority but to also stay competitive in the world so as to
ensure that our national security is strong and secure as well.
I don't know if you have read the book or read his column, I am
curious as to what the panelists think about the thesis that
Friedman outlines.
Mr. Lightman. I read the book and I think he missed trust
in a big way. Recently there was a story publicized all across
England. I spent the last 2 weeks in England raising money for
an IPv6 fund. People said, oh, the Indians let out the bank
data; well, I am never going to outsource anything to them
again. So with all the stories of all the people doing things,
if people can't trust your networks, and all it takes is one
release of critical data, then it can cause devastation.
Millions of Indians will lose their jobs or will not gain them
because of the loss of trust.
As far as outsourcing, if China succeeds in putting in its
own IP Sec and its own complete transparency and can track
every person and everything they are doing, and you are a
government that is a dictatorship, say you are one of the 100
countries in the world that doesn't have a democratically
elected government, whose Internet are you going to buy? Are
you going to buy it from China which has said look, we have
proven we can take care of our dissidents or are you going to
buy the American one which is designed that way? There are a
thousand political decisions to be made and the problem for
IPv6 that there has been no elected official, somebody who
basically has the legitimacy as an elected official to do this.
What makes the transitions in Korea and Japan so powerful
is that the people in charge of them are elected officials and
they are unique in the world. That is why these hearings are so
important. Outsourcing will ground to a halt if people can't
believe they will be treated as honestly in India or China or
anywhere else as they would be treated at home. If we lose that
trust, it is worth trillions of dollars a year in our GDP.
I want to mention one other thing. We have been a Net high
tech importer for the last 2 years according to Business Week,
so we are not an exporter, we are an importer of high
technology. This year we have become an importer of food. What
is left is services, subscriptions, transactions and media.
That is it. IPv6 touches all of them right at the very guts.
Chairman Tom Davis. We talked about mandating a transition
by a certain date. Mr. Curran, you answered. I didn't to Mr.
Khaki and Mr. Barber. I would also ask should the United States
fund those transition efforts like other nations have done?
Mr. Khaki. Our viewpoint is that the natural market forces
would be the right kind of forces to work out the transition
issues. There has to be careful thinking of the business case
and the scenario planning along with all the transitional
issues. So we strongly believe that the market forces will
eventually lead the transition of things.
There is a role the Government has to play in terms of
encouragement which I alluded to earlier in my testimony with
regards to supporting the research and education sectors
through procurement policies of the Government. I think those
can be a good catalyst. So we believe the transition will take
place left to the market forces.
Chairman Tom Davis. Mr. Lightman has argued for elected
officials in government to take a lead.
Mr. Lightman. I explained it in an article I wrote recently
which I will send you a copy, which says ``Twenty Myths and
Truths about the IPv6 transition.'' I leave two points to let
the market decide. The Department of Commerce went out and got
requests for comment which said let the market handle it and
they are so embarrassed about it that they won't release the
report because the position is insupportable.
I will give you three examples. One, there is one man who
is the primary examiner in the U.S. Patent and Trademark Office
who has 150,000 patent applications as of a month ago. It is
probably 160,000 today where people and companies like
Microsoft, like AT&T, like many people are trying to say, I
have a patent, I want exclusive use on that so no one else can
use it without my permission for 20 years.
The reason the Internet works at all is because the Federal
Government paid for it, didn't try to get a patent and gave it
to the world. How well do we think it is going to work if we
leave it to the market but leave it to 10,000 different
patents, say you use this security protocol for this kind of
packet, so therefore you are infringing on my patent. It is not
going to work.
Chairman Tom Davis. I didn't want to start an argument, but
I hear you.
Mr. Barber. I believe that the transition needs to have two
components to it in the United States. The Government needs to
transition its own operations to support its own mission. So if
the Department of Defense believes they need IPv6 by such and
such a date, they should absolutely do that by whatever date
that is that meets their mission objectives.
The fact there are many agencies that don't have their
planning far enough along to even project dates is of concern.
So it is my belief that they should all establish some very
firm transition plans that include some sort of a date by which
they will at least have their transition far enough along to
have IPv6 operational in their networks.
Notice I didn't talk about turn off IPv4, I only talked
about turning on IPv6. When you turn off IPv4, I think is a
different question and has a different set of characteristics
associated with that and that will be driven by really
attrition, in my opinion. When do you turn IPv4 off should be
an attrition driven question, not one driven by some sort of
deadline.
From a market perspective, I agree there should also be
market forces at work that encourage industry to deploy IPv6 as
it is to their advantage. Certainly the Government will
influence that by having each agency have a mission specific
transition plan but I don't think we need to have some big date
out there in the future where everyone has to be on version 6
everywhere in every office in the United States.
Chairman Tom Davis. Mr. Khaki, how are you using IPv6 in
your products and services?
Mr. Khaki. We are a Windows operating system platform
provider. It was very important for us to provide platforms
that would enable software innovation for scenarios that are
yet to be imagined. We have had a strong commitment in IPv6. We
include IPv6 support in the Windows XP operating system. Our
primary focus was to enable developers to develop new kinds of
scenarios and those operating systems are being used worldwide
today.
For your information, we have a global IPv6 network that
integrates all our development centers spread across the world.
We are using the transition technologies that I mentioned
earlier in achieving this connectivity. The biggest
applications we see are the ones that require pervasive
collaborative communications because today's limitations of
added space prevent data being transmitted and created undue
burden on the network.
I would like to respond to a point made earlier on
intellectual property. The 30 years of leadership the U.S.
Government has shown in IPv4 was important to the academic work
that was done. There is a similar role the Government has to
play to make sure that academic research continues so that we
have good prior art, that we remain competitive, that we do
encourage industry to innovate. There are incentives,
commercial incentives, tax incentives, government matched
funding to enable these commercial forces to work.
I think the biggest thing we will see is the Government
procurement itself be a key driver. As I have been active in
the IPv6 efforts since 2001 visiting Japan and China and other
places, clearly the announcement by the Department of Defense
in 2003 was a major event that actually made a lot of companies
in the United States more aware and brought more urgency to the
issue.
Chairman Tom Davis. What fields do you think will most
directly benefit from the exploitation of IPv6?
Mr. Khaki. If I can give you an example, you can think of
the IPv4 address limitation today in some ways similar to the
memory limitations in the early days of the PC. In the early
days of the PC, there was a 640K memory limit. A lot of
developer creativity, a lot of IT creativity enabling new
capability was being used to overcome the limitation that was
there using things like LEM M, EMM and High MEM. The IPv4
address space limitation is similar to that limitation that was
there.
A lot of energy is being spent in drawing on new
capability, IT departments and developers are working around
limitations, so we are not really moving ahead, we are kind of
making what we have work slowly. That would be a key benefit.
Another important one is security. IP SEC is an important
addition to the IPv6 protocol, it is better integrated. Those
capabilities will help us build a much more secure
communications infrastructure.
Besides IP SEC there is also other lower layer technologies
that are in IPv6 that help IPv6 networks to be more secure than
IPv4. It is important that we look at that. Things like
wireless networks, LANS were not really around when the
original IPv4 was invented. So there are limitations on those
protocols and IPv6 addresses that.
Chairman Tom Davis. Let me ask this to each of you. Mr.
Curran made his comment. Do you think there is no short term
shortage of IP addresses in the United States?
Mr. Lightman. As Mr. Curran admitted, they don't give them
to you if they don't feel they like your business plan, so it
is not a market based decision. For instance, if I wanted to
have 50 million addresses, say I work for General Motors, I am
consultant and I want to get a block of addresses, they can
say, well, we don't really like the idea of IPv4 addresses in
cars, so here is the basic point. If you don't give away the
addresses, you never have a problem with them.
In any case, you can always come back and blame the United
States for hoarding them because the U.S. DOD has a very large
block and we could give it back, then there would be no
shortage. It is not a commercial thing, it is not a market
based solution. On the one hand, people say, leave it to the
market but on the other hand, the market is not working in the
way addresses are allocated today.
Chairman Tom Davis. Anyone else?
Mr. Barber. I think for the future of the Internet
application, for ubiquitous connectivity to everything, we will
run into a limitation at some point. If we make the investment
in trying to make this work for IPv4, we are investing in a lot
of patchwork to get the same kind of innovation that we would
have with IPv6 because of its native architectural features. I
believe the innovation future as someone in the previous panel
said from OMB, the innovation future is with IPv6, not with
IPv4, regardless of the number of addresses available.
Mr. Khaki. The way I feel about the current situation is we
are making do with the limitations we have and in the process,
we are slowing things down. The IPv6 address space will relieve
concerns that are there and the way I think about this is
restoring the hygiene, the end to end computing model on which
the Internet was founded. Today the hygiene of the network is
not there because you end up with these devices that prevent
communications taking place end to end and a lot of breakage is
an extra cost.
Chairman Tom Davis. Do you think the United States has the
necessary infrastructure, wireless and broadband, to exploit
any of the key features of IPv6 on a national level today?
Mr. Khaki. I believe we have a good infrastructure in this
country and more is being done each day. I think the work the
Government did with regards to unregulated wireless spectrum
was excellent. It actually has helped us deploy new
capabilities with YFI. I think those are great things. There is
a lot of movement in the industry around wireless technologies.
That is healthy. Broadband deployment is increasing by the day.
So those are good things.
I do believe that the existing version 4 Internet
infrastructure is suitable also for migrating us to version 6.
The way we think about this is to separate out the
infrastructure migration and the application migration because
oftentimes they can be thought of as a chicken and egg. Is it
the chicken or the egg? By using appropriate transition
technologies and using appropriate conversion tools, you can
migrate either the infrastructure or the application.
Chairman Tom Davis. Anyone else?
Mr. Curran. I would like to respond to something said
earlier.
To the extent an organization doesn't get an IP address
space, it is because the ISPs in that region have formed
policies and those policies for that region simply state these
are the valid purposes for assigning them. There is no question
or judgment of business plan. If a business in the Far East got
turned down for address space, it is because the ISPs that make
up that region came up with allocation policies to balance
availability and stewardship. So there isn't per se a shortage,
we are simply enforcing the policies that the Internet
providers worldwide have adopted.
Chairman Tom Davis. But you would agree that there comes a
time when you do end up with a shortage?
Mr. Curran. Absolutely. In fact, as we go forward, it only
makes sense to make sure the policies for allocation of address
space get increasingly frugal to ensure that people know yes,
you need to balance the business case between transition versus
going forward on version 4.
Chairman Tom Davis. I get it.
Mr. Lightman. I would like to make one comment on
infrastructure. The Soviet Union is still alive and well,
living in American networks. There was a Russian invention
which was made for people living in apartment buildings where
they had one phone number for the apartment building and a
phone on all ten of the floors where it would ring on every
floor. The person living with that system made up something
called NAT, Network Address Translation, so people say, you
have Network Address Translation, good Russian technology and
it enables you to take one IP address and have 100 different
people use it or even go to 100 NATs and go on and on and on.
So you can have a NAT behind a NAT.
Basically if you buy into that flawed argument, you don't
need any IP addresses but the refutation to that is the
telephone that you have. You have a number and you can see what
it is. That is end to end. It is not going to an operator. The
whole invention of the switch was because the guy who had a
funeral home thought he was missing calls from the operator who
was switching his calls.
Why are we stuck with this Soviet technology in America's
networks instead of having end to end and having everyone be
identified? I would love to know that everybody who went into
the Internet was part of what Microsoft brilliantly calls a
trusted bubble. I want for the U.S. Federal Government and all
of its commercial providers of services to be inside the
trusted bubble and leave the people who don't watch their
hackers and want anonymity to be in the untrusted bubble.
Chairman Tom Davis. Plus, the rest of the world is
innovating off an IPv6 model. They are getting new products off
that and we are still sitting here with the Russian telephone.
Is that your point?
Mr. Lightman. Yes. Also, it is important to say IPv6 is
only about 20 percent finished. There are hundreds of what are
called RFCs which still have to be decided on and the U.S.
Government has made no more than five comments in the last
decade of what it wants and doesn't want. We have checked out
and gone brain dead about participating in those standards
efforts.
There was one in particular the gentleman before mentioned
which is the sensor nets for doing nuclear hazardous materials.
That is what they are discussing right now, how do you do ultra
low power, ultra low bandwidth sensors because you don't want
to put a lot of power into billions of sensors. There is no
government participation. There is not even any government
contractor. We have just abandoned this which leaves it other
governments to go and monkey with it.
Chairman Tom Davis. Thank you all very much. This has been
a great hearing. I think other committees will be looking at
this as well but we have the responsibility for
intragovernment, within the Government itself as we move
forward. This has been very, very helpful.
Thank you very much and the hearing is adjourned.
[Whereupon, at 12:40 p.m., the committee was adjourned.]
[The prepared statements of Hon. Jon C. Porter and Elijah
E. Cummings and additional information submitted for the
hearing record follow:]
[GRAPHIC] [TIFF OMITTED] T2510.076
[GRAPHIC] [TIFF OMITTED] T2510.073
[GRAPHIC] [TIFF OMITTED] T2510.074
[GRAPHIC] [TIFF OMITTED] T2510.075
[GRAPHIC] [TIFF OMITTED] T2510.077
[GRAPHIC] [TIFF OMITTED] T2510.078
<all>
�