Latest Posts:

Karl CV/Bio - Long Form

· by Karl Auerbach · Read in about 20 min · (4230 Words)

(For the most recent version of this page, go to

Karl Auerbach has been creating and extending Internet and operating system technology since the early 1970s. He has worked at all levels, from hardware to protocols to applications to legal policy.

In addition to his technical work, Mr. Auerbach has been an attorney in California since 1978. He is a member of the Intellectual Property Section of he California State Bar.

Mr. Auerbach is the Chief Technology Officer at InterWorking Labs (IWL) in Scotts Valley, California.

Karl’s home page is at

Karl is a “Pioneer Member” of the Internet Society.

Recently, Karl has become concerned that our efforts to improve Internet and device security have overlooked our need to manage and repair the Internet. Security barriers have made it increasingly difficult to locate, isolate, and repair faults.


For more than five decades Karl has been involved in nearly every aspect of Internet technology and in much of the related national and international policy. There are few with Karl’s synoptic view of the Internet. Karl has worked with Internet technology from the electronic signaling layer all the way up through applications.

Karl was influenced by Dave Farber’s DCS network to think of networks as distributed systems with dynamic behavior and properties similar to that of a large scale industrial process.

Karl’s perspective on Internet policy is condensed into his “First Law of the Internet”:

  • Every person shall be free to use the Internet in any way that is privately beneficial without being publicly detrimental.
    • The burden of demonstrating public detriment shall be on those who wish to prevent the private use.
      • Such a demonstration shall require clear and convincing evidence of public detriment.
      • The public detriment must be of such degree and extent as to justify the suppression of the private activity.

Karl was among the first to bring together law and network technology, particularly with regard to privacy and domain name policy.

Karl has long strongly advocated that the Internet must be considered a lifeline grade utility. He has argued this point several times, such as in his 2003 presentation “From Barnstorming to Boeing – Transforming the Internet Into a Lifeline Utility”, his 2019 Keynote presentation at NANOG, and his long time position that the Internet should be managed less as individual, independently acting devices and more as a complex distributed process.

Karl’s technical work has contributed to the expansion, security, and reliability of the Internet.

His work on Internet policy and privacy have contributed to the development of Internet Governance and protections for users.

Karls work on tools and testing have led to an internet that is more robust and interoperable. And through Karl’s tools and testing people everywhere have increased assurance that their Internet devices will actually work.

His work with network security, although largely confined to the military sphere, advanced the art of both network and operating system security.

Karl’s work with John Romkey’s PC/IP, Packet Drivers, the ULANA effort, and Interop helped publicize and deploy interoperable TCP/IP code in an era when networking was largely for larger computers.

Karl’s leadership in articulating the technical goals and reasoning for design decisions in IETF meetings and on IETF mailing lists for 50 years has had major influence on two generations of technologists.

Karl, an attorney and member of the California Bar, has formed or led policy discussion groups and bridged the gap between Internet technology and government representatives, policy makers, lawyers, and academic researchers.

His work with voting contributed significant advances to trustworthy open source, inspectable testable voting machines and software.

Significant Achievements

During the 1970s Karl designed and implemented some of the first operating systems and networks based on formal security models. In this work Karl created the first encrypted VLANs, Virtual Private Networks, cryptographic key management protocols, message digests, access controllers, and multi-level secure networks.

During the 1980s and later Karl worked with several others to bring small computers into the nascent Internet.

His testing tools and his lead roles at “bakeoff” events, the ULANA project, and the Interop show net greatly increased the probability that network devices from different vendors would actually work with one another.

Karl created the first Internet “butt set”, a highly portable device that could be brought into the field by network repair teams to rapidly analyze problems.

In the mid 1990s Karl architected and implemented IP/TV, a pioneering product for internet distribution of entertainment grade video over the internet.

Karl’s efforts building tools, developing interoperability tests, and designing, deploying, and running the Interop show networks have facilitated Internet growth and the quality of Internet devices.

Karl has been a long-time member of the Internet Engineering Task Force (IETF). During that time Karl participated in, or chaired, working groups that led to the creation of widely used, full Internet Standards.

Mr. Auerbach served as a publicly elected member of the Board of Directors of ICANN, the Internet Corporation for Assigned Names and Numbers.

Karl is a co-founder of the Boston Working Group and has been involved in the issue of Internet governance for several years.

Karl has long been interested in questions related to Internet reliability, particularly as the Internet evolves into a critical element of our infrastructure.

Karl has a strong interest in network diagnostic tools

Karl was a principal in the creation of open voting systems. He was formerly on the Board of Directors of the Open Voting Consortium.


  1. Van Nuys High School (1966-1968) (Final year was spent at UCLA.)

  2. University of California, Los Angeles (UCLA) (1967-1969)

  3. University of California, Berkeley (CAL) (1970-1971) - BA

  4. Loyola Marymount Law School (Los Angeles) (1974-1978) - JD Cum Laude

Employment Chronology

  1. Aerojet Electrosystems (1971, Azusa, California) Programmer developing real time operating systems to process real-time satellite downlink data for a classified worldwide monitoring system much as seen in the movie “War Games”.

  2. System Development Corporation (1971-1980, Santa Monica, California) Senior Analyst in the Research and Development group on security of computer networks and operating systems.

    Much of Karl’s work at SDC was classified by the US and UK and has never been published to the public.

    At SDC Karl designed and implemented early TCP stacks, cryptographic protocols, key management, cross-network access control, and virtualized networks.

    Karl contributed to network security research and implementation for the US Joint Chiefs of Staff, NSA, and RSRE (UK), and with researchers at ACC (Santa Barbara), UCLA, RAND, and Mitre. Among the people with whom Karl worked on network and operating system matters were Jan Garwick, Donald Davis, Paul Baran, and Gary Kildall.

    While at SDC Karl designed and implemented formally verified security kernels for operating systems, including the design of a capability-architecture computer to run Peter Neumann’s Provably Secure Operating System.

    Karl, along with David Kaufman, created a formalization of network protocol layering, anticipating by several years the layered model of ISO/OSI. We needed a means to describe the information flows and interactions between protocol layers so that we could apply appropriate security measures. This work informed the decision to separate the then unified design of TCP into two separate parts, IP and TCP.

    At SDC Karl was one of the principal designers and implementers of the Blacker network, a classified, multi-level, formally proven, secure network. Karl brought distributed system concepts from Dave Farber’s DCS network into the Blacker design, particularly the notion of specialized, trusted “security controller”, i.e., servers operating in conjunction with strong cross-network identification and authentication protocols. Much of the results of this work informed the Orange Book on security published by NSA.

    While at SDC Karl did early work on privacy policy for trans-border data flows and on US domestic data privacy policy and law, particularly the US Privacy Act of 1974.

  3. Interactive Systems Corporation (1980-1981, Santa Monica, California) Senior developer of network based products. At Interactive Systems Karl developed a distributed email system that foreshadowed the later deployment of Allman’s Sendmail. Also while at Interactive Karl deployed one of the first non-research Ethernet LANs.

  4. Wells Fargo Bank (1981-1985, San Francisco, California) Network design and deployment. Karl worked to modernize the bank’s networking operations, helping it move into the new era of packet switching and LANs. It was at Wells where Karl first experienced the need for secure, yet managed, reliable, and repairable networks in high value, high transaction rate commercial settings.

  5. The Wollongong Group (1985-1986, Palo Alto, California) Karl commercialized John Romkey’s (MIT) PC/IP project. This had the effect of encouraging the creation of several networking companies including FTP Software and Intercon.

  6. Epilogue Technology Corporation (1986-1990), Redwood City, California) Founder

    At Epilogue Karl helped deploy USENET; participated in the formation of The Little Garden (an early ISP); helped define SNMP (and MIBs), including creation of commercial SNMP code for embedded systems.

    During this time Karl worked with the ISO/OSI and MAP/TOP communities on several technical matters. This resulted in a prototype implementation of X.400 (including ASN.1 tools that would be used in Epilogue’s highly successful SNMP products.)

    It was during this time that Karl worked on the ULANA procurement (US Air Force) that demanded the creation of commercial-off-the-shelf TCP products that actually would interoperate in the field. Karl worked with vendors to create a catalog of tested, interoperable products. Karl worked with David Kaufman (TRW) to create Ethernet cards and device drivers, TCP/IP protocol stacks, and the Netbios over TCP standard (RFCs 1001 and 1002.)

    At Epilogue Karl was a principal in events such as TCP/IP Bakeoffs where he would create tools that would drive TCP implementations into often untested corner cases.

    Karl led Epilogue’s efforts to emphasize network management at the IETF.

    It was also at Epilogue where Karl began his long work designing, deploying, and operating the Interop Show networks.

  7. Sun Microsystems (1990-1991, Mountain View, California)

    At Sun Karl led an effort to design and construct a network management product that would deal with the internet as a distributed process rather than as individual devices.

    At Sun Karl also worked on a Russian-operated low-earth-orbit satellite system to provide network services to mobile devices.

  8. Empirical Tools and Technologies Corporation (1991-1995, Santa Cruz, California) Founder

    Karl created Dr. Watson, The Network Detective’s Assistant - the Internet’s first “butt set”, a highly portable tool to quickly diagnose network problems. This tool was used by network operators around the world to quickly diagnose and repair network faults.

  9. Precept Software (1995-2000, Palo Alto, California) Principle Software Engineer (Precept was acquired by Cisco in 2000.)

    At Precept Karl worked with Steve Casner to design and implement a commercial RTP/RTCP stack to carry entertainment grade media over IP multicast.

    During this time also helped refine IP Multicast and the RSVP protocol (and worked with Fred Baker (Cisco) to implement it.)

  10. Cisco Systems (2000-2003, San Jose, California) Senior researcher in the Advanced Internet Architecture group in the Office of the Chief Strategy Officer and CTO at Cisco Systems.

    While at Cisco Karl created a prototype system to efficiently deliver entertainment grade audio/video content. This system incorporated security to assuage Intellectual Property owners that their content would not be compromised. The system design also included hooks for dynamic content placement and reducing the “fourth wall” between the on-screen content and the viewer.

    It was during this time that Karl worked on a DARPA “Smart Networks” project. This was intended to explore network routing control planes that were informed by models based on traffic expectations. This idea was extended by Karl based on the premise that excursions outside the models' predictions were indicators of security penetration, faults, or configuration errors.

    Karl worked with the question of improving the binding of Internet clients to servers, in particular the question of choosing the “best” server among several. This work resulted in a draft “Fast Path Characterization Protocol” and a patent on comparing internet proximity measures.

  11. InterWorking Labs (IWL) (2003-present, Santa Cruz, California) CTO

    IWL develops tools to test Internet protocol stacks, particularly with regard to robust operation in the face of imperfect network conditions.

    Karl has transformed Jon Postel’s original “flakeway” idea into a series of products to induce controlled flaws (such as packet loss and duplication, fixed and variable delay, re-ordering, etc) in the traffic flow between Internet devices so that implementers can test their code under unusual and sub-optimal conditions.

    Karl has brought IWL’s tools to several interoperability test events (such as SIPit) where they have helped developers discover and repair flaws in their code.

    Among the tools and tests are suites for:

    • Session Initiation Protocol (SIP - RFC3261)
    • MQTT
    • SSL/TLS
    • Ethernet framing, ARP, IPv4, IPv6, UDP, TCP, ICMP, DNS, and others.
    • Windows Sockets (WinSock)

    IWL organized “Internet For Executives”, a program, to spread knowledge about the then relatively unknown Internet. Karl and Steve Casner were the principal presenters.

    Karl and IWL participated in the DARPA Robotics Challenge, developing, providing, and operating devices to generate impaired network conditions that could occur during disaster situations.

    Also at IWL, Karl revisited the IETF’s network management approach and developed a potential successor to SNMP.

    Karl is a regular contributor to IWL’s blog and collection of white papers on network issues.

Volunteer Activities

  1. History of the Internet (1965-1995) project - Karl is a principal in a project to document the early years of the net. This effort is still in the data gathering stage, but will result in several hundred short videos on various Internet topics. The focus of the project is on the process of creation, not on the technology itself.

  2. IETF (1989 through early 2000s) Participant in-, or chair of-, several working groups.

  3. Interop Show Network (1988 through early 2000s) Principal show network architect and team leader. The Interop show networks have been a force driving TCP interoperability around the world.

  4. ICANN (2000 through 2003 and on special working groups at later dates) Mr. Auerbach was the first (and only) North American publicly elected member of the Board of Directors of ICANN, the Internet Corporation for Assigned Names and Numbers.

  5. Lectures at Harvard, Stanford, UC Berkeley, University of Texas on matters of Internet Governance and Internet technology

  6. Advocate for the interests of individual people in Internet governance at meetings at the UN.

  7. Speaker and group leader at the IFWP meetings about domain name policy before the NEWCO effort of NTIA that led to ICANN.

  8. Boston Working Group (BWG) - The BWG coalesced around improving the proposals that eventually became ICANN.

  9. Contributor to the “Big Blue” and “Baby Blue” computer and network privacy policy documents created for President Carter.

  10. Member of the Board of Directors of the Open Voting Consortium, an organization to promote standardized, inspectable, paper-based voting machinery, software, and procedures. Karl assisted the California Secretary of State to organize the creation of reference implementations.

  11. Uniregistry - Karl was part of the team to respond to ICANN’s call for new top level domains. This effort involved the design and establishment of a worldwide domain name registry system. Over fifty new top level domains were established and put into operation.

  12. Theatre - Karl has long supported and participated in local and regional live theatre.

  13. California Trolley and Railroad Corporation - Karl is a member and participant in CTRC, an organization dedicated to the preservation of historical rail, automotive, and trolley transportation.


  1. In 2002 Karl received the Norbert Wiener Award from the Computer Professionals for Social Responsibility (CPSR).

  2. Karl was named a Yuen Fellow of Law and Technology at the California Institute of Technology and Loyola of Los Angeles Law School.

Publications and Presentations

Below is a partial list of Mr. Auerbach’s publications and presentations.

His website ( contains some materials not listed below.

Nearly a decade of his work was classified and is effectively unavailable.

Internet Technology

Title Description
Design Alternatives for Computer Network Security This is a Google Books scan of a paper we wrote at System Development Corporation (SDC) in 1978 on the topic of network security.
The actual content begins on page 6.
My name is misspelled in the list of contributors.
1980 Letter to CACM on Security This is a letter I wrote to CACM after which they claimed I had revealed classified material even though 100% of the sources were open and unclassified.
A UNIX(tm) Subsystem On The CRAY Time Sharing System (CTSS) - 1986 We ported Unix System III to run on the Cray Time Sharing System at the Lawrence Livermore Labs' Magnetic Energy (MFE) project.
Note: Our paper begins on page 211 of these proceedings.
RFC 1001 and RFC 1002 This pair of RFCs are a full Internet Standard defining Netbios over TCP
I was the chair of the working group and editor of the resulting documents.
This work was instigated by the US Air Force’s ULANA procurement intended to push for good interoperability of network products.
Building the Interop Show Network - 1993 This is a 1993 video made showing our team building the Interop Show Network.
Towards Useful Network Management This is a paper written by Chris Wellens and myself regarding ways to better manage networks. Several of these ideas remain valuable but largely undeveloped.
July 1996
On Entity Associations In A Cloud Network This is a paper I wrote in 2010 about issues that arise when naming things that exist in a cloud network. Most particularly this note deals with issues concerning persistent network relationships between entities that exist within a cloud-net.
My presentation on Internet Naming to the US National Research Council The Domain Name System is often touted as a kind of global, uniform name space for the internet. It is not. This note describes various ways in which DNS lacks those properties that people and bodies of internet governance assume that it has. (Powerpoint format), July 2001
Protecting the Internet’s Domain Name System The Domain Name System (DNS) is one of the few parts of the internet that can be considered a single point of failure.
From Barnstorming to Boeing - Transforming the Internet Into a Lifeline Utility
Speaker’s Notes
Slide deck (.pdf)
Slide deck (Powerpoint)
8th IFIP/IEEE International Symposium on Integrated Network Management, Colorado Springs, Colorado, March 26, 2003
Fast Path Characterization Protocol (FPCP) What is “proximity” on the internet and how do we measure it?
Internet: Quo Vadis (Where are you going?) I do not believe that the future internet will be a Utopia. Nor do I believe that the future internet will be like some beautiful angel, bringing peace, virtue, equality, and justice.
Instead I believe that there are strong, probably irresistible, forces working to lock-down and partition the internet.
Domain Names Are Fading From User View The Domain Name System - both the technology of DNS and the deployed naming hierarchy we all use - are among those aspects of the internet that, although they feel solid and immutable, are slowly changing underneath our feet.
Network Operations On A Public Utility Internet - keynote presentations at NANOG (North American Network Operators' Group) in the fall of 2019 I gave one of the two keynote presentations at NANOG (North American Network Operators' Group) in the fall of 2019.
The first part deals with the responsibilities, obligations, and liabilities of being an operator of parts of an Internet that was becoming a lifeline grade public utility.
The second part shifts to ways we design and implement the Internet to improve its resilience to errors, problems, and attacks. I suggest that we look beyond traditional methods of designing and implementing computer systems. In particular I urge that we take a look at the methods used by living things to improve their ability to survive.
Network Considerations for Remote Vehicle Operation Some “self driving” automobiles include means for remote control. This article enumerates some of the issues.
Limitations of ICMP Echo for Network Measurement Many people assume that ICMP Echo, more familiar as “ping”, is a valid tool for measuring the performance and behavior of the internet.

That assumption is incorrect. Ping is a tool of value mainly for determining whether connectivity exists or not. Ping is a weak tool for measuring delay, variation in delay (jitter), and throughput
Does IPERF Tell White Lies? Iperf is a commonly used family of bandwidth testing tools. It is quite useful, but its output can be misleading.
Causes and Correlation of Network Impairments This note deal with ways in which networks err.
Rate Limitation vs. Bandwidth Limitation The phrase “bandwith rate limitation” is ambiguous. There are at least two distinctly different forms.
KNMP Overview KNMP is a next-generation replacement for SNMP.
Why You Shouldn’t Believe Network Speed Tests Network Speed Tests are all the rage, but they can be quite deceptive.
Avoiding Internet Timer Synchronization The Internet can exhibit pulsing traffic. One method to quiesce this is to randomize protocol timers.
2018 Fuzz testing is not a panacea. Focused testing can often find flaws more quickly.
Counting Bits How many bits are you sending, counting, or being billed for? It’s complicated.
Waveforms in KMAX Internet errors often occur in bursts. Often those bursts are short, a few milliseconds. But sometimes they occur on much longer time scales.
On The Internet Of Things 2016
Cavebear Catalog Karl’s Catalog of faux network products.

Internet Governance

Title Description
Thoughts on the NTIA Green Paper This is a copy of the NTIA “Green” paper of January 30, 1998 with some of my comments interleaved.
The National Science Foundation (NSF), the Internet’s Domain Name System (DNS), and The Privacy Act of 1974 This is a collection of pages from 1998 describing the role of the National Science Foundation (NSF) in the domain name system.
What I would say to the House Commerce Committee were I invited to testify July 17, 1999
Structural Principles For Internet Governance
Materials for the Meeting of the UN Internet Governance Forum.
Stakeholderism - The Wrong Road For Internet Governance Submitted to the the Meeting of the UN Internet Governance Forum.
Questioning Authority - Searching For Stability In Internet Governance I spoke on the weakness of ICANN’s legal and technical foundations, and the potential collapse of ICANN as a result, at Signifiers in Cyberspace: Domain Names and Online Trademarks at the Center for Law, Technology, and the Arts at Case Western Reserve University School of Law, November 12-13, 2009.
Why Louis XIV Would Have Loved The Internet King Louis XIV of France, a man who treasured control over chaos, would have loved the Internet.
This is a presentation I gave at Cal Tech and Loyola Law when I was named a Fellow of Law and Technology in 2001.
My Comments at the Conference on The Internet and Governance, John F. Kennedy School of Government, Harvard University Let me declare that ICANN has been a successful experiment in governance of the Internet. But there is more to say…
My Senate Testimony on ICANN of February 14, 2001 February 2001
My testimony before the Subcommittee on Science, Technology, and Space of the United States Senate Committee on Commerce, Science and Transportation June 12, 2002
My submission to the Communications subcommittee of the United States Senate Committee on Commerce, Science & Transportation July 31, 2003
My comments to NTIA’s “mid-term review” of its ICANN “JPA” agreement My comments on NTIA’s “The Continued Transition of the Technical Coordination and Management of the Internet’s Domain Name and Addressing System: Midterm Review of the Joint Project Agreement”
Internet Governance - By Whom? This is a note written not long after ICANN got started — and it reflects on how poor a start it was and how it established the pattern for the ICANN we have today. May 1, 1999
Fragmentation of the Internet This is a presentation that I gave at the American Bar Association (ABA) National Institute on “Computing and the Law: From Steps to Strides into the New Age”. San Francisco, June 2007.
Evaluation of ICANN As my last act as a director of ICANN and during the course of a public meeting I tendered this report to ICANN’s Board of Directors. ICANN has never acknowledged this document; nor does it appear in any ICANN document collection or website. Adobe Acrobat format, 13 pages. June 2003
A Prescription To Promote The Progress of Science and Useful Arts January 2002 issue of Internet Law & Business,
Contracting the Internet: Does ICANN create a barrier to small business? This is a statement made before the Committee on Small Business, U.S. House of Representatives
Boston Working Group Submission to NTIA This is the Boston Working Group (BWG) submission to NTIA on NTIA’s plan to form ICANN.  September 29, 1998
A Plan To Reform ICANN: A Functional Approach This is one of several papers that describes a way to structure bodies of internet governance, such as ICANN, into tightly constrained units that are less likely to go astray or suffer from mission bloat. April 2002
A note to NTIA for their review of their “transition” to ICANN My submission to “The Continued Transition of the Technical Coordination and Management of the Internet Domain Name and Addressing System
Review of the At‐Large Advisory Committee My “Concurrence” (Appendix 3) contains my arguments why ICANN needs a much broader base of public representation on its controlling body, the Board of Directors. My portion begins on page 32.

Internet Governance / ITU meeting on IG (Feb 2004)

Materials presented at the ITU meeting on Internet Governance in Geneva, February 2004

Title Description
Panel presentation and speakers notes
Governing the Internet, A Functional Approach
First Law of the Internet
Deconstructing Internet Governance