Schneier on Security

Clive Robinson • February 20, 2014 7:49 AM

@ SchneieronSecurityFan,

In other words the internet domain name system took precedence over my own state’s law which is still recognized and in effect in the U.S. I always felt that there should be better coordination there

The problem is partialy one of “naming” and partly of people not understanding the difference between the tangible physical world and the intangible information universe(s) [1].

Think about the business naming system not on a state level but on a village or town level which it would have once been.

Firstly people are not just lazy they have short attention spans and dificulty remembering words that are beyond seven charecters unless broken up in some way into related small piecies (it’s how we got many of our surnames such as “son of Robin, becoming Robin’s Son and finally Robinson). It was not untill Shakespear came along and invented lots of new words and later the Victorians came along and did the same again that words became longer and they did this by using multiple words from other languages (Greek Latin) which they spliced together to snobishly set people appart, and thus make “proffessions”.

However most businesses want to have short distinctive names that people remember, which unfortunatly are already taken thus we we get contractions in various ways such as “coke” and “IBM”.

Initialy business names were about people, it might have “Dry Good’s Store” over the window but it would be called “Ned’s Store” or just “Neds”. Thus “Neds” was fine in a village but a town might need “Neds dry goods” and “Neds undertakers” that in one town might be owned by the same “Ned” but in other towns by different “Neds”. But people would still use “Neds” simply because the context of talking would differentiate them as in “I’m of to Ned’s for flour”.

When towns became bigger people still lived in small areas or districts and not much changed except people might say “Ned’s on the west side” to differentiate from the local “Neds”. So you started to get “of” so you would have “Harrod’s of London”.

Then postage came along and started causing problems. Streets not only had to have names and buildings numbers because “local knowledge” did not translate into a physical location for anyone who did not have that specific “local knowledge”.

So we have the issue of businesses wanting short memorable names but having coverage of much wider areas. As businesses grew their ownership changed from sole practicioner through partnerships to having investors. Legal entities start happening, and to prevent legal problems companies are registered and have not just unique names, but registration numbers. Which gave rise to “trading as” thus you might have “discombobulators Ltd trading as ‘Neds Motors'” or even “… trading as Ned’s of Bolton” (usually with “Registerd in England and Wales Company number 73456184” added).

The problem is to few desirable –easily memorised– names thus they need to be either localised (address) or differentiated (trading as) or both in some way, and to prevent argument they have to be unique. The problem is in an infinate scope you need an infinate number of names, but humans don’t do big, let alone infinite names.

This has a further unstated assumption underlying it which is a single register is possible –it’s not– or single arbitrating authority to control it. Thus we have the same issue as we have with patents that have the same fatal underlying assumption.

The second issue with scope or covarage area was as communications went from post and telegraph to phone with insividual instruments giving point to point communication. The same problems of “local knowledge” arose with the use of “local operators” giving a very temporary solution and many problems which gave rise to an undertaker devising a way to automate the fickle operators out of the phone system. Which quickly started revealing that the problem of naming uniquness existed.

However as phones use numbers a working but ineficient solution was to have exchange codes but the expanding usage turned this into area codes and eventually into national codes under the ITU which is part of the UN.

The Internet grew up in the light of this knowledge but was constrined by technology and we ended up with IPv4 and it’s limitations amongst which the most limiting being that of 32bits for addresses. IPv6 was supposed to resolve the address limit as well as many other issues, but it has not been taken up by the bulk of users for various reasons, one of which is a central authority with sufficient authority is lacking or seen as very partisan, which is a problem that exists in other systems.

As noted earlier humans have memory issues bad as it is with words it’s worse with letters and numbers. Even with a 32bit number in dotted quad decimals format it is still impossible for most to remember even with practice more than one or two numbers. So a way with more natural words was developed that has the strengths of words but also the strengths of numbering systems which has given us the Domain Name System distributed heirachical database. The problem with this is that current control is felt by many to be in the US by a US organisation controled for the benift of the USG and it’s intel organisations and LEO’s. Which is why many countries tried the take over at the ITU’s WCIT meeting in Dubai.

However DNS is not a long term solution and actually failed from virtualy day one. The registra immedatly segregated the US from the rest of the world by forcing countries appartfrom the US to use the country code in the domain name. Thus a mom&pop in the US gets .COM status where as other countries have to use .CC.com…

Which has given rise to the problem you mention all businesses should use a country code thus neds.us.com would not conflict with neds.uk.com. But this still leaves a middle ground issue do you go for area codes so neds.ma.us.com and neds.sry.uk.com or an area of business or both such as neds.boston.ma.us.cafe.entertainment.com and neds.slough.sry.uk.cafe.entertainment.com. Whichever it can quickly be seen that the chance of error is very high –thus crime– and again to difficult for the average human to remember.

So if you can think of a “better mouse trap” to solve this problem and make it fair, error/criminal proof and not being under the control of any vested interests government or otherwise, don’t expect a knock on the door, it won’t happen and your path will get overgrown. The reason is humans and their failings yet again, power political/criminal/otherwise is not based on fairness, business is almost always skating on the wrong side of the edge of criminality using the complexity of legislation to get their way and using lobbying and the inherant coruption in the heirachical political process to get legislation in their favour.

[1] Not being funny, but many theoretical physics models either don’t exclude or appear to work better if there are multiple universes. With information being the only commonality between them all and thus arguably the superset that contains them all.