[Cryptography] A naming and key distribution infrastructure for the Mesh

Paul Wouters paul at cypherpunks.ca
Wed Sep 23 10:18:36 EDT 2020


On Tue, 22 Sep 2020, Phillip Hallam-Baker wrote:

> So I don't want Alice's address to be alice at example.com. I want her to be @Alice.

We have millions of alice's who want to be @Alice. It can't work like
that. Look at a 12 year old who wants to get a gmail address. The good
namespace is already taken and they have to come up with weird stuff
that none of their friends can remember anyway.

I agree that you don't want an email address as unique qualifier because
people currently can't guarantee they can keep this identifier for life.

But you have a uniqueness and name mapping problem.

> Oh look, we have a new bit of censorship resistant technology. All she needs is an authoritative DNS service and Alice can publish
> her stuff at https://www.alice.mm--/ and that will be stable regardless of what ICANN does. And her coffee pot can offer status info
> at https://coffeepot.alice.mm--/ under a certificate that is signed under the root of trust mb2gk-6duf5-ygyyl-jny5e.

Again, nice for the first 100k users to get decent names. After that,
phb45986946 becomes unusable to remember, and mapping it all onto
one "squatted" pseudo TLD does not help.

you say you dont want @microsoft to not go to microsoft, but I'm not
sure about that either. I'm now letoams at twitter. Once you pull that
info, it should be able to publish that independantly later on? Even
if twitter ceases to exist. But that in itself runs into problems if
twitter deletes my account and lets someone else register it.

So, while user at FQDN is no permanent guarantee, it does have a guarantee
of uniqueness. The only global reliable one we have now. Sure, companies
and governments can take it away from you, and might force you to pick
up a new name, but the namespace is federated, so you can do that.

Sure, you can pick an unregistrable TLD like .mm-- and re-create the
uniquness there, but then you have to map it already to something else.
We can't all have memorable names in a single psudeo TLD. And I see
no guarantee that you can keep up the infrastructure for basically
guaranteeing uniqueness in a pseudo TLD either. You might run out of
money, die or get co-erced to stop running infrastructure. It could be
very de-centralized but to keep uniqness guarantee, something somewhere
has to make decisions and that CPU can be taken down. And handwashing
by saying Merckle tree or bitcoin doens't give me much confidence.

Two big problems. I see you are trying to solve them, but I'm not
convinced you have, or whether they are solvable.

Paul


More information about the cryptography mailing list