[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: persistent identities

At 10:31 PM 2/26/97 -0800, Hal Finney wrote:
>And Carl Ellison <cme@cybercash.com> replied:
>> Worse than that, I have come to believe that a global namespace
>> is just plain wrong -- insecure because it uses meaningless names.
>Aren't email addresses, domain names, and URL's examples of global name
>spaces?  Maybe we don't strictly *need* them, but we certainly use them
>a lot.  Is there something better?  Are these entities obsolete?
>It seems even more questionable that they are meaningless.  These do seem
>to have meaning in the context of the internet.  They are the addresses
>of the endpoints of communication.
>Perhaps I am missing the point of what is meant by a global name space

We have many global name spaces -- e-mail addresses, telephone numbers, 
passport numbers, ..., and they're all useful and important.

When I call a global name meaningless, I'm saying that the namespace is too
large for me to hold it in my head.  I can remember a few phone numbers
and a few e-mail addresses, but not the whole set.

E.g., for e-mail security, the meaning I'm looking for is that I would 
associate the name I use with the identity of some person I know.  I have an 
e-mail address book of a few hundred names of people I know and therefore 
might want to encrypt mail to, but I don't remember them by e-mail address.  
I remember maybe 5 e-mail addresses (outside cybercash.com, that is).  I 
remember my correspondents by my own name for them -- my nickname -- my 
e-mail alias.  My aliases are not part of a global name space.  They're too 
short...would be ambiguous.

The need of a global name space for uniqueness is in direct conflict with my
need for a name which is small and of my own choice.

 - Carl