{"id":769,"date":"2005-04-13T12:57:00","date_gmt":"2005-04-13T16:57:00","guid":{"rendered":"http:\/\/www.markbaker.ca\/wp\/2005\/04\/13\/drummond-reed-web-identifiers-are-broken\/"},"modified":"2005-04-13T12:57:00","modified_gmt":"2005-04-13T16:57:00","slug":"drummond-reed-web-identifiers-are-broken","status":"publish","type":"post","link":"http:\/\/www.markbaker.ca\/blog\/2005\/04\/drummond-reed-web-identifiers-are-broken\/","title":{"rendered":"Drummond Reed; Web identifiers are broken"},"content":{"rendered":"<p><a href=\"http:\/\/www.equalsdrummond.name\/index.php?p=16\">Drummond mints a corollary<\/a>\nto one of\n<a href=\"http:\/\/www.identityblog.com\/stories\/2004\/12\/09\/thelaws.html\">Kim Cameron&#8217;s Laws of Identity<\/a>;<\/p>\n\n<blockquote>\nThe identifiers in a universal identifier metasystem MUST only reveal information identifying a user with the user&#8217;s consent.\n<\/blockquote>\n\n<p>&#8230; and follows it up with this bold claim;<\/p>\n\n<blockquote cite=\"http:\/\/www.equalsdrummond.name\/index.php?p=16\">\nSo half the Web breaks this corollary before we&#8217;re even out of the starting gate. But it gets worse. Look at one of the current bulwarks of online identification: DNS. A standard requirement for most DNS name registries is accurate, current contact data for the registrant that is published publicly as &#8220;Whois&#8221; data. Although many registrars now offer proxy registration services to preserve registrant privacy and prevent spam, there&#8217;s no escaping that a major component of our current Internet identifier infrastructure breaks the First Corollary squarely in two.\n<\/blockquote>\n\n<p>Hmm, how exactly does Web\/Internet\/DNS breaks that corollary?  I can&#8217;t see it.\nIs it because of DNS (and if so, why the &#8220;it gets worse&#8221; comment)?  DNS does\ncertainly require a small amount of information be made available, and though I&#8217;m\nhardly a historian, the little I do know of the history of this data suggests that it\nrepresents the minimum amount that a mature industry &#8211; which has had to balance the\nneeds of domain owners (anonymity) with those of the public at large (accountability)\nover many years &#8211; has reached concensus on requiring.  So I doubt that any competing\ncentralized solution would be able to reach widespread deployment without, in the\nsteady state, providing a similar amount of info about registrants.<\/p>\n\n<p>Also, who says that there&#8217;s a direct correspondence between a DNS name\nand the person who uses the email address?  I don&#8217;t own gmail.com, nor yahoo.com,\nyet have email addresses at both of those domains.  Google and Yahoo, in\noffering an email service, provide a degree of anonymity via proxy; if you\nwant to learn more about me there, you have to go through them, and I&#8217;m not\nrequired to publish any info about myself there.\n<a href=\"http:\/\/www.hushmail.com\">Hushmail<\/a>&#8216;s\nprobably the extreme case here, as they seem to exist to provide\nas-anonymous-as-possible email services.<\/p>\n\n<p>As you&#8217;d expect from a chair of the\n<a href=\"http:\/\/www.oasis-open.org\/committees\/tc_home.php?wg_abbrev=xri\">XRI TC<\/a>,\nhe then claims that\n<a href=\"http:\/\/wiki.idcommons.net\/moin.cgi\/XRI\">XRIs<\/a>\ndon&#8217;t have this problem;<\/p>\n\n<blockquote>\nSo can XRIs fix this problem? Yes. The first principle of XRI architecture is that XRIs are abstract &#8211; the association between an XRI and the real-world resource it represents is entirely under the control of its XRI authority (the person or organization registering the XRI, at any level of delegation). So nothing in an XRI need reveal anything about the authority&#8217;s identity or messaging address.\n<\/blockquote>\n\n<p>&#8230; which, as I&#8217;ve shown, is also the case with even DNS-bound URIs.<\/p>","protected":false},"excerpt":{"rendered":"Drummond mints a corollary to one of Kim Cameron&#8217;s Laws of Identity; The identifiers in a universal identifier metasystem MUST only reveal information identifying a user with the user&#8217;s consent. &#8230; and follows it up with this bold claim; So half the Web breaks this corollary before we&#8217;re even out of the starting gate. But [&hellip;]","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-769","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"http:\/\/www.markbaker.ca\/blog\/wp-json\/wp\/v2\/posts\/769","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.markbaker.ca\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.markbaker.ca\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.markbaker.ca\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.markbaker.ca\/blog\/wp-json\/wp\/v2\/comments?post=769"}],"version-history":[{"count":0,"href":"http:\/\/www.markbaker.ca\/blog\/wp-json\/wp\/v2\/posts\/769\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.markbaker.ca\/blog\/wp-json\/wp\/v2\/media?parent=769"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.markbaker.ca\/blog\/wp-json\/wp\/v2\/categories?post=769"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.markbaker.ca\/blog\/wp-json\/wp\/v2\/tags?post=769"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}