[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: persistent identities
At 10:31 PM 2/26/97 -0800, Hal Finney wrote:
>And Carl Ellison <cme@cybercash.com> replied:
>> Worse than that, I have come to believe that a global namespace
>> is just plain wrong -- insecure because it uses meaningless names.
>
>Aren't email addresses, domain names, and URL's examples of global name
>spaces? Maybe we don't strictly *need* them, but we certainly use them
>a lot. Is there something better? Are these entities obsolete?
>
>It seems even more questionable that they are meaningless. These do seem
>to have meaning in the context of the internet. They are the addresses
>of the endpoints of communication.
>
>Perhaps I am missing the point of what is meant by a global name space
>here?
We have many global name spaces -- e-mail addresses, telephone numbers,
passport numbers, ..., and they're all useful and important.
When I call a global name meaningless, I'm saying that the namespace is too
large for me to hold it in my head. I can remember a few phone numbers
and a few e-mail addresses, but not the whole set.
E.g., for e-mail security, the meaning I'm looking for is that I would
associate the name I use with the identity of some person I know. I have an
e-mail address book of a few hundred names of people I know and therefore
might want to encrypt mail to, but I don't remember them by e-mail address.
I remember maybe 5 e-mail addresses (outside cybercash.com, that is). I
remember my correspondents by my own name for them -- my nickname -- my
e-mail alias. My aliases are not part of a global name space. They're too
short...would be ambiguous.
The need of a global name space for uniqueness is in direct conflict with my
need for a name which is small and of my own choice.
- Carl
References: