Ask HN: You have one shot to redesign the Internet – what do you change?

172 points by lowercasename ↗ HN
This was just an idle conversation we were having at work. Imagine that one day you wake up and you've been sent back in time, where you are now a researcher at DARPA in the early 1960s. You've got the influence to effect fundamental changes in the next sixty years of the Internet's history, and can make your changes any time in the next sixty years - but you know that as soon as you change one thing in history, you'll be sent back to 2021, to continue living in the world you have wrought.

How are you going to make the Internet better?

321 comments

[ 2.8 ms ] story [ 286 ms ] thread
3 things: Security, Security and Security. BGP security, DNSSEC, TLS by default, etc.
Imagine if 1980s security (single DES, no public key crypto) was baked into IP though.
None of those things secure the nodes of the internet, if the nodes aren't secure, nothing is.
The most basic problems seem to be:

1. Everything being 'free' by default drives us to ad-supported centralized services. Economics aren't a separable concern.

2. Too few IP addresses. (At least one of the pioneers, I forget which, said he pushed for longer addresses but was overruled. So the technical constraints probably did not force this.)

I'm not sure how to fix #1, but here's an approach from the 90s: https://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.16....

IPv4 adresses fit in a standard 4byte integer, that might be a reason.

Quite frankly, if they didn't allocate full /24 to single entities (including localhost...), we might still have enough addresses left.

Isnt it "127.0.0.1/8" which is allocated, not "127.0.0.1/24"?
yes, according to wikipedia[1]

IPv4 is just inefficiently allocated in general. Why does the world need 10.0.0.0/8 in addition to 192.168.0.0/16? Isn't 65k addresses enough? Is there a private organization in need of 16 million addresses?

Not to mention AMPRNet (amateur radio) owned the entire 44.0.0.0/8 up until 2019 (a portion was sold off to Amazon). That may have seemed reasonable in 1980 but now it's just plain crazy.

[1] https://en.wikipedia.org/wiki/Reserved_IP_addresses

> Is there a private organization in need of 16 million addresses?

Plenty of mobile phone networks have well over 16 million subscribers, and they typically don't have enough public IPv4 addresses for everyone. This has led to really hacky stuff, like using DOD IP ranges as psuedo-private space, or re-using private IP addresses in different regions (which can't be fun to maintain.)

Some networks have fixed the problem by using NAT64 - forgoing IPv4 altogether internally, and translating to public v4 at the edge. (Works surprisingly well, T-Mobile US has been doing it for the better part of a decade.)

It's not about number of addresses available, it's about reflection of organization hierarchy in the octets. The 10.0.0.0/8 range is useful for breaking a distributed company's network up so each major office gets a 10.x.0.0/16, and each department a 10.x.y.0/24.

This is why 192.168.0.0/16 is often used for services like libvirtd, kubernetes and docker. And the use of the range by those services makes it even more unwieldy to try and put some other LAN in there.

You can work around these considerations if you want, but many people won't. When you're the network engineer responsible for designing a company's networks, you'll be wanting to keep things simple and robust. When you're called in at 3am on a Sunday because the network is down, you better hope your ability to recover doesn't require making a bunch of subnet calculations because you decided to try and use the pool of available IP addresses efficiently.

>we might still have enough addresses left.

For how long?

(comment deleted)
Nah, if you sort by date here you can see how quickly IANA was doling out /8's to the RIRs up until they ran out: https://www.iana.org/assignments/ipv4-address-space/ipv4-add...

Even if we hadn't wasted /8s on huge allocations to single companies, and things like 240.0.0.0/4, we'd still be basically where we are today, with v4 address space being scarce and traded as a commodity.

What's wrong with it being traded as a commodity?
I think this is a problem with the World Wide Web, not the Internet. At the network level, per-user cost accounting and quality of service is implemented quite well, to the point of being able to pay per byte if you really want to. And access to any network beyond your own LAN is not free.

The problem of how to fund actual web application development is not much different from the problem of how to fund media development in general. Newspapers, television, and magazines alike long ago settled on some mix of premium-tier subscription services augmenting a more open, ad-funded free tier.

This is so much more of an issue today than 30 years ago not because of anything specifically about ads to fund media, but because ad profitably has been driven sky-high by individual consumer profiling that relies upon privacy invasion and surveillance of your customers. Ads back in the day would improve via voluntary focus groups and that was fine. Today, they improve by tracking every digital action a person ever takes in order to more accurately correlate interacting with an ad with making a future purchase. Volunteers for focus groups are pretty much okay with giving their opinions in return for cash. Every person on the planet is not nearly as okay with having every digital action they ever take recorded and analyzed.

In the alternate history I'm imagining, with network-layer accounting and payments from the beginning, flooding and spam were never much of a problem -- they were at most a "nice problem to have". Endpoint security became a priority from the beginning, because failures that cost money (even if not much per computer) get treated that way. Participating in the network as a full peer, e.g. running the equivalent of a webserver on your home PC, was considerably more practical and normalized. (The bigger address space of course went into this too.) And this history made other peer-to-peer software easier to develop and more practical and economically sustainable, in a virtuous cycle.

This doesn't mean it'd kill advertising. It wouldn't even kill all of the forces encouraging me to put my 'content' on centralized services even though I'm nothing like a media corp. But I suspect the right changes could've helped a lot towards a healthier computational ecosystem now.

This early architectural decision that costs are out of band didn't fundamentally make anything impossible. But when you see a lower-level problem addressed by higher-level workarounds, and you're getting to redesign the system, isn't that exactly what constitutes an opportunity?

I might have read somewhere that the original design of HTTP allowed for transactions to occur. This free point is a big one. Once Apple set the price of 0.99 for an app it really dropped the market price for software. It's funny that there is so little different between enterprise software and consumer apps except for a monstrous difference in price point. Funny thing is, consumer apps are sometimes better.
The 402 HTTP status code is "Payment Required". At one time people envisioned micropayments etc but it never went anywhere.
Transaction fees are what kill this. That and moral police / "fraud" charge-backs caused by insufficient user authentication.

I also don't want to be nickle and dimed to death, given the transaction fees there's a huge push to subscriptions and other models. Where if I could instead just pay exactly what a generic ad I'd _never_ click on anyway pays to get placed (like 0.00001 dollars for all the ads on a webpage stuffed with them) I might actually pay instead of using adblock for all of the security, usability, and bandwidth saving reasons.

There have been many micropayments schemes over the years. IIRC, there was a decent one slightly cleverly called "Millicent" developed by DEC and pushed in the early Internet days... (Then there were the various pre-bitcoin internet banks/e-cash outfits - First Virtual, eGold, etc....)
> 1. Everything being 'free' by default drives us to ad-supported centralized services. Economics aren't a separable concern.

I hate this argument. I've been online for a long time and the internet existed just fine without, for example, facebook. We don't have to accept ads but we do have to be willing to not use certain things out there.

Indeed, on the surface the argument is sound, but when you look back into past, it's clear it is not how things have to work. Web can exist even without pervasive surveillance. It would be different, no huge ad companies growing like cancer, but that would probably be good for information quality/communication freedom on the web.
Blockchains right now mostly are trying to do exactly this - bring economics into computation and network space. This is of course a higher level solution, but the one that is quite achievable now. Protocols like NEAR and Internet Computer can be good examples of this.

I know this is a holywar topic and many would disagree simply by seeing `blockchain` word used here. But to my mind this exactly the place where this technology is beneficial. We need automated algorithm controlled currency to have this type of smart internet subscription.

Yes, I only left this out because it was over the horizon at the time. I did find these papers inspiring in the 90s, and as with the Digital Silk Road paper I linked above, the ideas could have been thought of earlier (e.g. capability security goes back to the 60s): http://www.erights.org/talks/agoric/index.html
This is a really great question! I can't help but think that for some small multiple of the cost of the International Space Station or Large Hadron Collider or any other large government science experiment, the nations of the earth could have gotten together early on and funded a free satellite internet project. It would have been limited bandwidth, high latency and error-ridden but it would have been ubiquitous in coverage, much like the GPS system. And would have accelerated adoption of many of the digital cash and e-banking innovations we are seeing today. As well as gotten a jump start on the physical layer of space based internet ;)
I think it's too soon, but security security security.

I'm push as many examples of capability based security into the academic world as I possibly could, in the 1970s.

Alternatively, push a version of Pascal with a standard library, and drown the insane practice of ending strings with a null instead of knowing their lengths.

I don’t know how it would be implemented but I always thought it would have been better if there was more meaningful separation of domains, and that you need a different browser to connect to a different domain. That way the net could be divided. There could be a domain for only verified information. A domain for public use. A domain for only educational content, etc. I have no idea how it would be moderated though
Such a categorisation already existsed in the form of the original top-level domain names, but it was never enforced. .gov for government, .mil for military, .com for commercial, .edu for educational facilities, etc.

For good reason, though. Who says what information is "verified", the government, the news media, the publishers? And what governments, media, and publishers get a say?

Perhaps it'd be nice for browsers to show a little indicator to confirm that a website is hosted by a government (although .gov and .mil are only valid for American governments, government could use a given domain as their government basis). There's a big difference between what's right ("climate change is real") and what the government is saying ("who knows, maybe drinking bleach is a good idea?").

Dividing the net goes straight against the idea of the internet. I don't think using a special browser for special domains is very tempting. We'd probably end up with the alt-net version of onion.to to proxy all different kinds of sites to a single application.

(comment deleted)
You're conflating authenticity with authority. It would be nice to quickly and reliably tell whether something is a government source, or a educational institution, or what have you. Whether the information is then correct, that's another matter.
Oh, something minor. I’d make both domains and paths go from least significant to most significant, so com.google.mail/u/0/html
I didn’t realise how much I wanted this until now.
One of my only two attempts of an Ask HN was this specifically [0] and I've wondered this still. With subdomains, top level domains being at the top and being able to drill down into subdomains and then folders feels a lot more intuitive. Could a browser add-on be made to experiment this?

[0] https://news.ycombinator.com/item?id=24438978

Security should have been been a top priority right from the start. It is very strange that ARPA, a DOD agency that sponsored most of the Internet technology, cared so little about security.
A gun doesn't have built-in security either. But there's generally people with guns standing in front of the armory. I'd say they probably expected people with guns standing in front of the computers too.
Require emails to be signed by the sender cryptographically.
We have DKIM and you can safely drop non-DKIM mail. This tells you the MTA is actually sending the mail.

The problem is that these MTAs get hacked or people just hijack domains.

Heck, the barrier to buying a domain is so low that this is a legit way of spamming too.

> the barrier to buying a domain is so low

This suggests that one way of making spam unprofitable would be to require any domain which sends email to put up a bond of $100 which is forfeited if any of the big four email providers decide that the domain is sending spam.

To make this acceptable to public opinion, the forfeited bonds would to go directly to popular charities, and all existing domains would be automatically grandfathered in, so there would be no extra cost for any current business or user.

> safely drop non-DKIM mail

Yes, but the customer will blame you when e-mail from a misconfigured MTA doesn't arrive (from my experience running one).

If only we'd had DKIM from the start, preventing thousands of broken servers from being set up in the last twenty five years...

It's the 1960's. There's no RSA or AES or even DES.
Sure but it's a small community that hung out in person a lot. Tokens, pass phrases or one-time-pads could have been physically swapped.

There's really just a difference in thinking, "private by default for email" vs "public by default." Or "untrusted network" vs "trusted network." However you want to think about it.

ARPANET had a link between Stanford and UCLA in the 1960's. That's a five hour drive. One time pads can only be used one time. Otherwise XOR is a pretty bad cipher.
PGP with good UX could've been great. Too bad it missed the mark.

S/MIME seems to work pretty well, but the paid certificates pretty much doomed its uptake. I think I still have a Startcom certificate from back in the day that has long since expired.

I'd advocate to build DARPANET for an untrusted environment with the expectation that DARPANET would be unleashed on the masses at some later point.
This. I think there are so many changes that I'd like to make, but a lot of them stem from switching from everything being public and out there to being private and with restricted access. I would only hope that assuming things would be untrusted from the beginning would lead to a more securely designed web from day one. I'm sure that's wishful thinking, but still.
Better child protections. Not sure what the implementation would be though.
Ban children from Internet. Solves even more problems.
And possibly creates new ones
It's not entirely fair, because in the 60s basically all modern crypto primitives were missing. If I had those:

1. Encrypted onion routing on layers that betray source/dest IP. 2. eSNI on all TLS connections. 3. Privacy-focused DNS.

The most toxic part of the Internet today is identity. Some of the IP address space should have worked like mobile phone numbers - paid for by subscribers and representing single identities. Even better, after the invention of RSA, the government should have backed ISPs or states issuing signing identities for a protocol level identity standard - sort of like SIM cards that would “represent” you on a single, authoritative device without the possibility of delegation.
My guess is that most people who use the internet by 2050 will be strongly authenticated, whereas the current anonymous internet will remain as a relic of barbaric times for most, but still in use.
I expect we'll have one or more protocols enforcing end-to-end route verification at the packet level on most Internet routers by 2050, so I'm not sure how anonymous any Internet served over that infrastructure will be. I expect bans will be much more effective, international traffic will have much more advanced filtering and blocking, and that proxying will basically be illegal without some kind of business arrangement and being subject to surveillance & ban-supporting laws (and anyway, proxying weird traffic will get you banninated by the entire "legitimate" Internet, much faster than it does now).
I'd go so far to say that by 2030, at least one OECD country will have a law requiring ISPs to enforce remote-attestation of the Secure Boot of every device accessing the internet.

Such a government could then require app stores to remove "dangerous" technologies like Tor and messaging apps that support end-to-end encryption.

Perhaps ISPs would be allowed to support "legacy" devices and OSes, but with a special "Evil Bit" set on packets, so that websites could (and in some cases would be required to) refuse access.

What you're suggesting is a dystopia.
I think they were being sarcastic, given that they're writing it under a pseudonym.
Are cellphone numbers a dystopia?
Yeah, I keep getting solicitors and I can't easily change my number to something only my friends know. I also can't easily separate my business number from my personal number without paying for a second phone subscription, even though it wouldn't cost the phone company anything more.
Completely not that important, but I did this a year or so ago, committed 'the number' to google voice, and handed out my new one to close contacts. It took a bit for people to filter their calls correctly, and I could always answer the 'business line' regardless, but I have zero regrets about it now.
Unfortunately, using Google Voice in that manner is USA-only, and much (most?) of the rest of the world has no comparable alternative.
Almost all of us are writing under pseudonyms.
Just as an alternative to a different dystopia though.
I agree on the general problem of identity. Implementation-wise one could also think of some kind of digital numberplate, which can change, so that people can't follow you around on the net, but is still unmistakenly linked to you or your device.
I agree that there needs to be some way for identity to be strongly represented on the internet but there should be a way or places where it isn't required. This could be something that perhaps allows indemnity for user generated content as long as the content is attributed to a person otherwise the site is responsible. This would allow the small time cars forum to (with identity) operate safely as they do today, but would also allow 4chan to (anonymously) operate as long as they ensue the content wont get the website operator in trouble.

The other problem you run into is ease of use. Most users of the internet can't understand PKI based certificates so I don't know how an interface could look that would provide a strong guarantee of identity but also allows my mom to use it and not get phished.

What a great question. One of two things:

A) Establish the expectation that websites "close" in the middle of the night for ~5-6 hours, local time / for each timezone. I don't know if would best be done via cultural influence -- giving talks, writing essays, personal communication, testifying / making inroads with politicians -- or via creating some sort of protocol. The idea is to prevent the unhealthier aspects of internet binging and screen addiction.

B) Establish the expectation that internet comments are transcriptions of voice recordings. I.e. to leave a comment, you have to call a phone number and leave a message which then gets transcribed as "the comment." In order to respond or reply to a post or a thread, you have to listen to the message and tone of voice of the person you are replying to. I don't think this would solve every internet dialogue, but it'd promote healthier interactions and less division.

In my book, the largest problems with the internet are techno-cultural, not technological.

Regarding A, for which timezones? Any attempt to narrow browsing time would ultimately fail as soon as the web goes global.
Good question. Ideally, each user's timezone would be required information. The server would check to see if the requesting user's local time meant that the website should be "open" for them.
A minute of silence for those with unusual circadian rythms.
Honestly this would probably just make VPN services more widely used to workaround shutdowns.
True, unless the timezone was tied to each user's accounts. The website doesn't have to "not work" it just has to return a page that says something to the effect of "we are closed for business."
So a user couldn't just change their timezone? What if they moved?

Also who is this to protect? The user? What if they work midnights or their days are backwards?

There are cases where the business shouldn't promote the use of its website at odd hours (child protection, gambling addiction and other similar things).
Lurker here. These ideas, especially #2, sound interesting for a discord-style (when they did embedded comments only) startup.
Regarding the second point, it would probably just make people say things like "you sound fat". It's still anonymous enough. In fact, people say mean things in public all the time. It seems some people are just inherently mean.
I don't disagree. The main problem I'm attempting to solve is the non-anonymous case. Even discussions on social media, where people are either "friends" or have the same shared interest, still devolve into discourse where few come away satisfied. Instead, many people feel either negatively critiqued or that other posters "just don't get it." Every time this happens, the sense of group cohesion frays a little.

I see this is as a problem of the medium of discussion more than anything else.

(comment deleted)
Brendan Eich gets to actually use Scheme for Netscape. It never takes off, because everyone hates Lisps, instead VBScript becomes standardized through IE, which is then phased out in favor of a C#-based script in the early 2000s, and we have a massively better web development enviroment.
TL;DR: Constants shouldn't be hard coded in the software, they should always be in a separate config

The problem is that it's the 60s. My first thought was "security", but unless you an also teach them about elliptic curves, they're going to use the security of the 1960s, which as we now know isn't very secure.

Maybe at least having security baked in would help make it easier to switch to better security later, like how ssh can use different protocols as old ones are broken. But you'd have to make sure that you were very clever about how it was implemented so that it could be switched without major changes.

Another thought is "more IP addresses", but again you are in the 60s. The computers don't have enough memory to deal with IPv6 length addresses. So again the best you can do is try to set them up with easy upgrades.

Which makes me think the best suggestion would be to teach them about Moore's Law, which of course would have a different name, and try to push for every protocol being extensible as technology grows -- make sure that more octets can be added to IP addresses without them breaking, that security is baked into everything but everything has a way of negating a protocol so that they can be upgraded, that there are no hard upper limits that are assumed and can always be changed.

Basically, teach them what we now know are software best practices -- constants shouldn't be hard coded in the software, they should always be in a separate config.

I really don't understand what stopped ipv4 from being extended like this: w.x.y.z == 0.0.0.0.w.x.y.z

In fact, you can even ping any 32 bit unsigned integer and it will turn it into an ipv4. Try it: `ping 134744072` will ping `8.8.8.8`

So why not 64 bit? 32 bits fit in 64.

Instead we now have 2 concurrent protocols.

ps. 8*256^3 + 8*256^2 + 8*256 + 8 = 134744072

Because all the existing routers would break on all the new addresses. A new protocol was created specifically so that legacy equipment would never get the request.

For example, if an old router got a packet for 1.2.3.4.5.6.7.8, where would it send it, if it didn't crash just trying to read that address?

Yes, let's design the internet around keeping 90s routers running as long as possible. Excellent. Let's also design highways with a max speed of 20 MPH so we can accommodate Model T's
There's no way we could ever stop the world and get everybody to use a new protocol overnight.

Attempting to change the format of an existing protocol in-place in a way that existing hardware and software cannot handle, would be an effort that's dead on arrival.

The global transition to ipv6 is already hard enough, and that's with it designed as a separate protocol so that existing equipment that doesn't understand it can at least gracefully discard it instead of mishandling it.

Funny you should mention the Model T. We did the exact same thing with roads as we did with IPv6. We created a new type of road (highways) that the Model T could not go on. But the new cars can still use the old roads, albeit slower than their max speed. This is the same as IPv6 going through carrier grade NAT.

Slowly over time the roads were upgraded, so now you can use mostly high speed roads to get between places and you don't really see Model Ts anymore because it's not convenient to avoid all the high speed roads.

The issue is replacement cost and feasibility. As roads got better pavement (or were more reliably paved) speed limits could increase. I still have some 20-30mph dirt roads near my home here (actually quite a few), but highways were specifically made to support higher speeds (longer straight sections, in sane places smoother curves). Notably, improving road quality did not obsolete the Model T (though it did become obsolete) on its own. It just made them particularly outdated when other, faster, options were now viable.

Nothing has stopped making faster cars just as nothing (fundamentally) has stopped us from making a "better" Internet (supporting more addresses and other features). What hasn't been done is to say, "Ok, so we already have this massive hardware rollout but we're going to literally obsolete 99.99% of it overnight and cost everyone, home users, small businesses, governments, megacorps, billions or trillions to replace their hardware."

Why didn't that happen? Because it would've been stupid. Instead we ended up with what's amounted to two Internets with bridges between them. The transition hasn't been smooth, but it has been happening.

A better analogy might be something like upgrading roads with the newly liberated fourth dimension; so mere three dimensional Model Ts - that people will try to use no matter your protest - are very unlikely to end up in the right place. (And not just Model Ts, but the entire twentieth century and a bit's worth of vehicles.)
Roads? Where we're going we don't need roads.
An IPv4 address isn't A.B.C.D though. That's just a shorthand way for us write it down because those chunks are easier for us to deal with. An IPv4 address is an unsigned 32 bit integer.

The address is not the real issue. An IPv4 header contains 32 bits for the source address and 32 bits for the destination address. That's what needed to be extended. IPv4 implementations expect the destination address to be 32 bits after the source address.

Any fix you can think of to extend the address fields in the header will fall into the situation of having an additional protocol. Because changing the v4 header and calling it a v4 header would probably get your packet dropped as bad. Or have it being sent to somewhere else. Or some other undefined behavior.

So your best option is to have it identify as a new version. Yes, v4 implementations will reject your packet, but that's what you want in this case.

Because "just add 4 more bytes of address space" wouldn't be backwards-compatible with the world's worth of hardware and software built around IPv4 anyways. There just isn't anywhere in an ipv4 packet that you could put those extra bytes that wouldn't break existing systems.

So the only real option is creating a new protocol with a new protocol ID in the header. And if we're making a new protocol anyways, we might as well design it to fix more problems than just address space exhaustion.

And that's what IPv6 is. The Wikipedia article has a lot of details on the kinds of changes it makes and why: https://en.wikipedia.org/wiki/IPv6#Comparison_with_IPv4

So you're essentially pushing against specialized IP-oriented VLSI chips in everything from NICs to switches to routers... instead they should all have been reconfigurable general computing devices?

Don't you think that would have slowed down the growth quite a bit?

Maybe. I'm just saying that we should teach people in the 60s to design for the future and make things extensible. Maybe we'd still have custom silicon, but they would be designed with an external bus to a second chip that can be easily switched out or upgraded or something as a way of dealing with future growth of address space.

Obviously it wouldn't apply to everything, but back in the 60s future growth was clearly not thought about the same way as today.

They could have had a design rule that all network endpoints must work with 32/64/128 bit IPs.

This could perhaps have been implemented in VLSI back in the 80s in such a manner that 32-bit IPs ran at full speed, 64-bit at half speed and 128-bit at quarter speed.

Yeah, perfect. If the standard had said IPs could have any bit length they would have designed accordingly.
Honestly most of it is pretty great. Folks who want to give it better, more reliable performance end up reinventing circuit switching, and anything involving security is difficult to solve at the IP layer.

The last big things to secure are DNS (can be done with DNSSEC), and possibly somehow mandate TLS for connections (although you definitely don't want that all the time).

One big glaring problem is BGP, which we don't really have an answer for. Whereas "just use DNSSEC" pretty much solve the last big security hole above, BGP is still difficult because you have to basically have a system to attest the path for each BGP node. AS1 can't say "I have a path of length 5 through AS2 AS3 AS4 AS5 AS6 to AS6" unless that message can be attested to by each node, but then this comes into a bootstrapping problem (e.g. how do you reach those ASes to get some sort of key without going through AS2 first?) or trusting some authority as we do for ssl certs. God knows the first thing I do on any fresh install is uninstall those root certs from any sketchy government I don't trust.

Having worked on SDN in its heyday for some of the big players in the space, there are definitely good ideas in the space, but getting to adoption is damn difficult, bordering on impossible. I don't know what it will take to oust BGP, so we're kinda stuck with it for the foreseeable future.

There are only about 100k ASNs. It would be fairly easy to solve the bootstrapping problem by just preloading all the keys.
Yes that isn't too many, but right now any device can just hop on a network and start communicating (after DHCP). Not only that, but they can start communicating with any public IP address.

If people decided to take this away by adding some security directly into the IP layer (i.e. such that communicating without it is impossible, such as mandatory IPsec), I don't think the tradeoff would be worth it. Now you would have to manage all the normal stuff that comes with keys (e.g. expiration and renewal), and you may find your device gets wedged if you don't do the delicate key expiry dance correctly (i.e. you can't even connect to the site to get updated keys).

It's very easy to say "those DARPA morons not designing security was a big mistake!", but I am not convinced that the tradeoffs of solving it at the internet level (i.e. L4 and down) are worth the bootstrapping / flexibility hits.

> One big glaring problem is BGP,

I see what you did there :D

Push for content-addressing over URLs. To be honest, I don’t know if this would hamper the development of the internet or be a good thing at all, but I would love to see what people would come up with and how it would change the web.
The Web Packaging specifications[1] are surprisingly close to turning URLs into a content-addressed system. Content-addressed networking is all about names for content, after all, which philosophically is a close match for what a URL is, it just so happens that HTTP uses urls to resolve servers that serve the content. But with Web Package, content is signed by the origin, and can be distributed via other means.

One of the primary uses cases for Web Package is to let two users exchange content while offline, perhaps via a usb stick or what not. This isn't part of the specification, but we could begin to imagine sites that have a list of the web packages they have available for download. And we could imagine aggregating those content indexes, and preferring to download from these mirrors over downloads from the origin's servers.

I'm hoping eventually we get a fairly content-addressed network, via urls.

[1] https://github.com/WICG/webpackage

backlinks.

(see http://www.youtube.com/watch?v=bpdDtK5bVKk&feature=youtu.be&... by Jaron Lanier, also see Ted Nelson)

Going a bit more philosophical, I found myself thinking about the lack of backlinks and people like René Descartes (via https://en.wikipedia.org/wiki/René_Descartes) :

" Refusing to accept the authority of previous philosophers, Descartes frequently set his views apart from the philosophers who preceded him. In the opening section of the Passions of the Soul, an early modern treatise on emotions, Descartes goes so far as to assert that he will write on this topic "as if no one had written on these matters before." "

replace https:// with https: (I believe that was TBL's biggest regret too) :).
Cancel the project, Terminator 2 style
Find a way to better decentralize it, so that it doesn't rely on single hosts(and later sites) as the source of truth for any particular function.

The original idea was that protocols would allow any one to participate by simply making their own webpage. But dynamic IP addresses, the DNS system, and even just HTML design were out of reach for most people so that got lost and monsterous websites under centralized control became the mediators for most people.

So if we could find a way to bake that decentralization into the protocols even more strongly while making them accessible to non-technical people, that's the change I would make.

The aim is to create a world where central platforms are not dominant, but any user can easily participate in the communication protocols with out there being a central point to collect all the data or force changes from.

...of course, I have no idea how one would go about doing that, and there in lies the rub.

You seem to be talking about WWW and not the Internet. The Internet itself was designed to be decentralized, in fact that was a major motivator (distributed command & control in the case of a major war cutting off large chunks of the C&C groups from each other or eliminating them entirely).

Now, it could've been done in a better fashion, more deliberately, or more broadly, but there are at least two notable early protocols with decentralization/distribution in mind: email (consisting of several protocols) and nntp. Now an individual may still access a, to them, centralized authority for sending/receiving content, but the protocols themselves were meant to support a distributed architecture.

While yes, "the internet" and "www" are different systems, the latter built on top of the former, in practice "the internet" and "www" are one in the same. When we're talking - culturally - about problems with the internet, we mean the problems with "www".
In practice they are not the same thing. And the original prompt poses sending you back to the 1960s, about 30 years before the WWW came into existence.
If we’re starting from the 60s, there’s no guarantee that by now the two would be practically the same (which isn’t a given, even now).
> So if we could find a way to bake that decentralization into the protocols even more strongly while making them accessible to non-technical people, that's the change I would make.

Have you heard of Holochain?

"Holochain is an open source framework for building fully distributed, peer-to-peer applications.

Holochain is BitTorrent + Git + Cryptographic Signatures + Peer Validation + Gossip (data propagation).

Holochain apps are versatile, resilient, scalable, and thousands of times more efficient than blockchain (no token or mining required). The purpose of Holochain is to enable humans to interact with each other by mutual-consent to a shared set of rules, without relying on any authority to dictate or unilaterally change those rules. Peer-to-peer interaction means you own and control your data, with no intermediary (e.g., Google, Facebook, Uber) collecting, selling, or losing it."

> The aim is to create a world where central platforms are not dominant

Centralization has been greatly enabled by it being legal to hoover up all kinds of user data and monetize it by selling ads or using it for ML training. Huge moats, unassailable by anyone trying to charge money directly and discouraging interest and participation even in free, volunteer efforts (since the commercial ones are already no-charge...) while encouraging players to jealously keep their users captive, avoiding open protocols and certainly not developing new ones (notice how application-level network protocol development and support started to dry up fast as FB and Google's money-printing machines really started to get going?).

I'd say the shortest path to fixing the Internet is making that illegal, especially since that activity is also horrible and dangerous for other reasons. Ideally, the same law would hamstring the credit reporting agencies and also keep banks and other financial institutions from using/selling your data.

Tor's hidden services and the Yggdrasil network are examples of decentralized alternatives to the DNS system.
i would remove javascript.
I think there would always be something invented to take its place. It addresses a real need that lots of people have. If you want to remove it, you have to replace it with something else...