[Cryptography] A naming and key distribution infrastructure for the Mesh

Phillip Hallam-Baker phill at hallambaker.com
Fri Sep 25 22:34:59 EDT 2020


On Thu, Sep 24, 2020 at 5:44 PM Francis Pouatcha via cryptography <
cryptography at metzdowd.com> wrote:

> On Wed, Sep 23, 2020 at 11:25 PM Patrick Chkoreff <pc at fexl.com> wrote:
>
>> Bill Frantz wrote on 9/23/20 4:50 PM:
>>
>> > It sounds like we're getting into Zooko's triangle territory. The
>> > general solution to this dillema is Pet Names. A pet name only has local
>> > significance. My address book is full of pet names, which resolve to
>> > real email addresses, postal addresses, and telephone numbers.
>>
>> Yes, as I was driving around thinking about Phillip's post, I thought
>> that I'd want my name to be 10 random digits, like a phone number, e.g.
>> @071-449-6372.  Then my friends would just map "Patrick" to that in
>> their contact lists.
>>
> Even better with the country code. I would like to be addressed with my
> phone number @+1-678-432-3321 .
>

No. That name space is taken by the telephone system and there is an
existing authority that assigns and reassigns the dwindling pool of
numbers. It is the use of telephone numbers that I find the weakest part of
Signal.

There is already a DNS to telephone numbers hack used by SIP. Let that
infrastructure die a gradual but hopefully final death. Like USENET it is
being spammed to death. 70% of the telephone calls I get on the landline
are spam. Which is why that line is going to be going away very soon. The
only reason we have it is the cell phone carrier demands a stupid rate for
international calls.

If you want to pick 8 random characters for your Mesh name, fine. But I
want a vanity name myself (@phb) and I want to have a decent title for the
controller @q (as in Bond's quartermaster, not that other jerk). And I need
to have a way to fund the development lab and I don't do cryptocurrencies.

If we are going to do telephone numbers, we can just require the
international code to always be there. so @1-617-432-3321. But That is
something I would reserve so that if at a future date we decide it is worth
doing, we do it properly and map to the actual legacy telco network. But
that would be a transitional technology to absorb the remaining remnants of
the telephone system, not something I would lead on.

So reserve all numbers and dashes for future use.


On Thu, Sep 24, 2020 at 5:45 PM Sid Spry <sid at aeam.us> wrote:

> On Wed, Sep 23, 2020, at 9:18 AM, Paul Wouters wrote:
> > On Tue, 22 Sep 2020, Phillip Hallam-Baker wrote:
> >
> > > So I don't want Alice's address to be alice at example.com. I want her
> to be @Alice.
> >
> > We have millions of alice's who want to be @Alice. It can't work like
> > that. Look at a 12 year old who wants to get a gmail address. The good
> > namespace is already taken and they have to come up with weird stuff
> > that none of their friends can remember anyway.
> >
> > I agree that you don't want an email address as unique qualifier because
> > people currently can't guarantee they can keep this identifier for life.
> >
> > But you have a uniqueness and name mapping problem.
> >
>
> Federated systems would solve this. It'd work kind of like email addresses,
> but you need a more robust technology like XMPP. Users could be globally
> addressable with their fully qualified federated name, e.g.
> alice at wonderland,
> or their local name within the node.
>

I have yet to see any problem that is solved by federation except the
problem of how a large number of pre-existing institutions fight over the
pie.

The division between .com .net and .org was a fiasco for the Internet. The
real world does not fit an arbitrary taxonomy thought up with five minutes
thought. It doesn't fit any taxonomy. All the division did was force people
to re-register their names in each one - if they were important. And now
for the price of $250,000, you can apply for your own right to extract
money for defensive registrations. The number of TLDs being kept at a level
considered judiciously within the boundaries of what will avoid a revolt.

Every single one of the new GTLDs could be shut off tomorrow and almost
nothing of consequence would happen.

So no, I am not interested in 'federating' the namespace.



On Thu, Sep 24, 2020 at 6:13 PM Richard Outerbridge <outer at interlog.com>
wrote:

> Actually, sounds more like ”True Names & Other Dangers” territory.
> __outer
>

>From a purely pragmatic point of view, one of my goals for the net is to
(eventually) get Microsoft, Apple, Google, etc. to adopt it and integrate
it into their platforms. Of course they have their walled garden,
interactive TV plans right now. But this ain't my first rodeo. Time Warner
had Interactive TV. Yes, there is a lot of money that has been pumped into
IoT because they all have this idea they are going to emerge as the
monopolist. Which is why I waited to the point where more than one of the
big boys has already started to realize it's not gonna be them and so they
should think defensively and making sure that their rivals don't win the
monopoly and shut them out.

If you are going to play with that crew, they are going to insist on owning
their names and such. So I am fully OK with the idea that whichever scam
artist decides to register '@microsoft' discovers they don't get to keep it
or to extort the trademark owner. And I am equally OK with the industry I
helped to create, the CA industry being a part of a solution to that
problem. But that doesn't mean anyone can demand @flowers because they
would rather like to have it. ICANN has been through all that. We can
re-use those parts of the design. But we don't need to fret about the
details at this point.

What I propose for this issue at this point is the ability to post a
'challenge' against a name. This would have a fee associated with it, say
$1000. So if someone is squatting on a trademark, someone can issue a
challenge and at some point we can develop a process for working out how to
handle those. And if the name is re-assigned, this is visible in the log.
So anyone who has connected to the old @trademarked will be notified of the
fact when they try to use that contact and they will be connected to the
one they choose.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20200925/3a69f46c/attachment.htm>


More information about the cryptography mailing list