The following text is copyright 1998 by Network World, permission is hearby given for reproduction, as long as attribution is given and this notice is included.
When is the Internet not
By Scott Bradner
According to the published schedule, the ANX is about to get real.
For the past few years, the Automotive Network Exchange
(www.aiag.org/anx) has been preparing to change the way the
automotive industry does business in North America. The next big
step should come at any time. That step is the publication of a list of
certified service providers (ANX CSP). ANX CSPs are ISPs that
have demonstrated compliance with ANX-specified requirements for
network service features, interoperability, performance, reliability,
business continuity, disaster recovery, security, customer care and
trouble handling. ANX CSPs have also connected to one or more
ANX certified exchange points.
The basic idea behind ANX is to move most of the electronic
interaction among the thousands of trading partners that make up the
automotive business away from private networks and to the public
data network infrastructure - that is, move the communications to the
'Net. Except the ANX folks take care to say the ANX system is not
the Internet even though they do mention it is part of the Internet. The
difference, they say, is in the guarantees provided by requiring the
trading partners to use ANX CSPs rather than just any ISP.
Of the dozen or so network service features that the ANX requires an
ANX CSP to offer, the most important involves security. All ANX
CSPs must be part of a public-key certificate hierarchy with its top
run by the ANX. This certificate hierarchy is used to enable the
ANX-wide use of the IETF's IP Security set of functions to protect
and authenticate transactions between trading partners.
Since each ANX CSP must have an approved public-key certificate,
which is used in real time to authenticate the CSP, this hierarchy also
provides a way for the ANX to decertify CSPs that fail to maintain the
required level of quality. The ANX certification authority just revokes
the CSP's certificate, and the trading partners that might be customers
of that CSP can no longer operate. (According to the
ANXdocuments, some warning will be given in this case.)
I expect that as soon as the list of CSPs is released it will become the
approved ISP list for many organizations that have nothing to do with
the automotive industry. I also think we will quickly see other industry groups adopting the same approach to trading partner interactions. But I expect that this will be a short-lived phenomenon, and that industry-specific certification will be quickly replaced by Consumer Reports-style ratings, once there is a better understanding of what to rate.
It should be quite amusing to watch the reactions of ISPs that fail to get certified. Resorting to bluster and threats of legal action, instead of fixing the deficiencies, will tell me all I need to know about some ISPs.
Disclaimer: We don't do bluster at Harvard, or at least we do not call it that - the above anticipatory amusement is my own.