The coming Internet identity problem

July 5, 2009

Right now, there are a fair number of websites that assume that everyone can have their own IP address and thus, if there are two connections from the same IP address that they should be considered to be the same person for things like load limiting, anti-cheating systems, and so on. This assumption is already false in the corporate world and has been for some time, but it has survived reasonably well for 'consumer'-oriented stuff, because it has tended to be true of general user ISPs.

(At least it has been true of general user ISPs in North America; I understand that it's not always true elsewhere, which periodically causes people problems.)

Enter the much-heralded coming scarcity of IPv4 addresses. If you can't get enough addresses to cover all of your customers, you are going to have to NAT them somehow, and this necessarily destroys the 'one person per IP address' assumption that these websites have been relying on. This leaves these websites with an Internet identity problem. Unfortunately, it's not an easy one.

The obvious (but not entirely sufficient) approach is to use payment details; one credit card means one person. Apart from the other problems, this doesn't work for free sites, and many of the places using this identity assumption are free (at least initially, to build interest). And there's nothing else you can use that the user can't easily have more than one of at once.

The other aspect of this problem is that it isn't going to happen all at once, and it isn't necessarily going to be obvious to you. It's not as if all ISPs are going to move towards NATs at the same time, or as if each will only use a single IP address for their NAT'ing (and even then, you will only notice the problem if you have two customers there, or even two customers that are active at the same time). So if ISP NAT'ing does happen, you can expect a period of time when each website's service gets worse and more annoying for you until they realize what's happening and work out a solution.

(And for the obvious reasons, this problem affects small websites more than it affects big websites. To paraphrase an old aphorism about banks, if an ISP breaks a small website, it's the website's problem, but if an ISP breaks a big Internet application (consider World of Warcraft for example) it's the ISP's problem.)

Written on 05 July 2009.
« A side note on the cost of operations
How you could do a shared root directory with NFS »

Page tools: View Source, Add Comment.
Login: Password:
Atom Syndication: Recent Comments.

Last modified: Sun Jul 5 01:15:27 2009
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.