[Cryptography] Standards Trolls: Re: net neutrality

[Phillip Hallam-Baker]

On Mon, Jan 4, 2021 at 12:56 AM John Levine <johnl at iecc.com> wrote:

> In article <18573.1609728521 at hop.toad.com> you write:
> >Anyone could start an ISP because by law, everyone had tariffed access
> >to the same telco infrastructure (dialup phone lines, and leased lines
> >at 56 kbit/sec or 1.544 Mbit/sec or 45 Mbit/sec).  You just called up
> >the telco and ordered it, and they sent out techs and installed it.
> >We did exactly that, plugged it into our modems and routers and bam,
> >we were an ISP:  "The Little Garden".
>
> This history, that the Internet was built on common carrier lower
> level circuits, is well known in telco circles but as you say, not
> much elsewhere.
>
> The situation in Europe is much better. Low level transport is
> mostly separated from Internet service and there are lots of ISPs.
>

More generally, the big issue for me has always been the lack of
competition in broadband in the US. The Common Carrier / Network Neutrality
issues were side shows.

If you have competition and the market is functioning as a free market,
censorship isn't going to be an issue nor is it going to be possible for
carriers to extort content providers for carriage.

Bringing things back to crypto. The big failure of the Internet has been
that users still don't have accounts that are portable between providers.
There is no DNS for user accounts (and DNS extracts a rent of $10.yr for a
service that should cost less than a cent to provide if competently
architected).

That is where I see an opportunity.

Let Alice have a public signature key pair {A, a} that is hers and she can
use as a life long key
Let Alice's fingerprint be ha = base32(sha2(A)) this can now be a life-long
identifier.

At this point Alice can create whatever application keys she needs and
these can be credentialed under some key validated under A and thus
verifiable to ha.

Alice can also produce a signed assertion saying 'my current account is
alice at example.com'.

Now let us imagine we have a PGP keyserver like infrastructure that will
map ha to Alice's current provider assertion. Basically 'DNS for accounts'
[not built with DNS technology of course, that would incur DNS operation
costs which are ridiculous]

At this point we have an infrastructure that is sufficient to provide Alice
with autonomy. She can move her mail, messaging, etc services about and
applications can work out where to send her mail.


That is an improvement but it isn't very easy for Alice to use because her
lifetime identifier is a base32 barf, yuk.

To make it usable, same components as before but Alice can register her
callsign on a first come first served basis. My business model projections
suggest this should cost no more than a one time fee of $0.10

So Alice can be @alice (and yes, this will be a reserved identifier for
Alice).


This approach would seem like it is antithetical to the interests of the
likes of Comcast, AT&T and so on. But it actually isn't because while
RFC822 email addresses tend to be sticky when people first get an internet
connection, almost nobody uses their ISP email address after they have been
forced to change. So lock in turns to lock out. Hence the reason gmail
started to become so popular.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20210104/49d784c3/attachment.htm>