> 1) In normal IP, the source does not know the route to the destination. You can try to guess with traceroute, but that's not authoritative. And the route out may not be the same as the route back. There may not even be a single well defined route.
This isn't normal IP, it's new IP. Moreover, using a relay would be optional (just encrypting the source address would give 90% of the benefit) and the worst case for having chosen one that isn't a router on the preferred route is that the packet would take a mildly suboptimal path to the destination.
> 2) This has the same pattern as the various reflection/amplification attacks and facilitates DDOS. I think that what "network management" means; if you provide means for people to flood the network with bad traffic then it becomes unusable for everyone, or at least it becomes possible to silence a site or endpoint on an ongoing basis.
I don't see amplification. You send one packet, each router forwards it once. I suppose the attacker could have a packet go back and forth between the same routers multiple times but that is already possible in existing IP using source routing and is trivially mitigated by adding a hop count / TTL field.
Amplification means you can send a small amount of data and cause someone else to send a large amount of data to the target. For example, if you send an EDNS query to a DNS server with many records for a particular name, the query is very small and the response could be very large. I don't see that here.
Reflection is much more benign. It doesn't allow an attacker with 100Mbps of bandwidth to convert it into 10000Mbps of bandwidth, it only allows an attacker who doesn't care about receiving a response to remain anonymous. So your complaint about a technical measure designed to allow people to remain anonymous is that it would allow people to remain anonymous. Feature not bug.
> 3) You've assumed that there's no legal responsibility attached to re-emitting these packets.
The existing routers on the existing internet are already re-emitting all the packets. That's what routers are for.
Obviously Congress could pass whatever law making it legal or illegal after the fact, but that's orthogonal to the technical issue of how it can be done whatsoever.
> This isn't normal IP, it's new IP. Moreover, using a relay would be optional (just encrypting the source address would give 90% of the benefit) and the worst case for having chosen one that isn't a router on the preferred route is that the packet would take a mildly suboptimal path to the destination.
"Mildly suboptimal" is the difference between playable latency in online gaming and unplayable. It's the difference between VOIP and video calling working and not working.
Your sweeping those issues away under the guise of "probably not so bad" yet we've had decades of experience finding out that, yeah, they are that bad which is why the modern internet has ended up the way it is.
Your argument is that we can't have an optional feature that provides stronger anonymity because when you use it there could be a few ms of latency that would be intolerable to some applications that aren't required to use it?
This isn't normal IP, it's new IP. Moreover, using a relay would be optional (just encrypting the source address would give 90% of the benefit) and the worst case for having chosen one that isn't a router on the preferred route is that the packet would take a mildly suboptimal path to the destination.
> 2) This has the same pattern as the various reflection/amplification attacks and facilitates DDOS. I think that what "network management" means; if you provide means for people to flood the network with bad traffic then it becomes unusable for everyone, or at least it becomes possible to silence a site or endpoint on an ongoing basis.
I don't see amplification. You send one packet, each router forwards it once. I suppose the attacker could have a packet go back and forth between the same routers multiple times but that is already possible in existing IP using source routing and is trivially mitigated by adding a hop count / TTL field.
Amplification means you can send a small amount of data and cause someone else to send a large amount of data to the target. For example, if you send an EDNS query to a DNS server with many records for a particular name, the query is very small and the response could be very large. I don't see that here.
Reflection is much more benign. It doesn't allow an attacker with 100Mbps of bandwidth to convert it into 10000Mbps of bandwidth, it only allows an attacker who doesn't care about receiving a response to remain anonymous. So your complaint about a technical measure designed to allow people to remain anonymous is that it would allow people to remain anonymous. Feature not bug.
> 3) You've assumed that there's no legal responsibility attached to re-emitting these packets.
The existing routers on the existing internet are already re-emitting all the packets. That's what routers are for.
Obviously Congress could pass whatever law making it legal or illegal after the fact, but that's orthogonal to the technical issue of how it can be done whatsoever.