more on Release 1-0 on piece on ICANN

[David Farber <dave () farber net>]

Begin forwarded message:

From: Dave Crocker <dcrocker () brandenburg com>
Date: December 3, 2004 2:51:51 AM EST
To: dave () farber net, Ip <ip () v2 listbox com>
Cc: Esther Dyson <edyson () edventure com>
Subject: Re: [IP] Release 1-0 on piece on ICANN
Reply-To: Dave Crocker <dcrocker () brandenburg com>

Sorry, I hit send too soon:

On Thu, 2 Dec 2004 17:41:39 -0500, David Farber wrote:
>   The DNS was set up back in the 70s (before it had a name) at a time

The DNS was invented in 1982.  It was beginning to be a useful part of 
the Internet by about 1985.


>   I won't go into most of the problems that has produced, but there is
>   one that extends outside the domain-name community, and that is that
>   domain names are so easily available that their use in committing 
> fraud
>   is becoming a growing problem.

This implies that it is more difficult to create names in other parts 
of commerce.  It isn't.

The rules for using personal or business names are equally open and 
easy.


> Along with grandmothers, political
>   activists and honest entrepreneurs, fraudsters and criminals can buy 
> an
>   online identity - that is, a domain name such as sleazyfisher.com or
>   sterlingstartup.net - for a few dollars.

This is no different than con artists have been doing with business 
names for a very long time before the Internet.


>   The solution, I believe, is to create a system where the registries 
> can
>   compete with TLDs that stand for something and whose SLD-holders are
>   bound by some contract to specific standards of behavior.

Oh?  Are we really all that assured that awyers who belong to the 
appropriate associations are, themselves, the model of good ethics, and 
that doctors who belong to the relevant associations are all highly 
competent?

The idea that trust can somehow facilitated by defining discrete 
portions of the name space, like .trusted or .pure, as being specially 
endowed is certainly appealing, but I am not aware of any empirical 
evidence that it has real utility.

Associating differential semantics with differential names is generally 
thought to be a poor design choice in computer systems.  Separate from 
whether the purported trustworthinesses will be valid, software on the 
usage side of the DNS will certainly get complex.  So, where is the 
real-world experience that would justify doing this?

The role of reputation and accreditations services for certifying 
accountability and even trustworthiness associated with a domain name 
is a important, but complex, emerging business area.  For the moment, 
it is far better to let that area develop as an independent service, 
than it is to tie it do specific parts of the domain name space. 
Architecturally, this will call for a separate trust module, that can 
work for any name, not just special ones.


>   In short, ICANN should consider a fundamental overhaul of the system 
> -
>   not next year, but this year.

The idea of a  "fundamental overhaul" of an infrastructure system in 
use by roughly 1 billion people should be viewed rather skeptically.   
Operations folks tend to get very queasy when having to shift much 
smaller installed bases.


>   Take the example of the e-mail community, which is developing a 
> system
>   where authentication of mail servers is coupled with reputation 
> systems
>   and recipient choices about what mail to accept. It's time for the
>   possibility of similar approaches to work for visits to websites.

The email community is fishing (not phishing) around for useful 
authentication mechanisms to *add* to the service, not to *overhaul* 
it.

Work on accreditation and reputation is so new, it really has not quite 
reached the stage of "infancy".

So we should be judicious in our using it as an exemplar.


d/
--
Dave Crocker
Brandenburg InternetWorking
+1.408.246.8253
dcrocker  a t ...
www.brandenburg.com


-------------------------------------
You are subscribed as interesting-people () lists elistx com
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/