RE: Statements against new.net?

From: Vadim Antonov [mailto:avg@kotovnik.com]
Sent: Wednesday, March 14, 2001 12:46 PM

If it is machines communicating there's no need to do any
mnemonics. In
fact, it is still humans communicating, with the aid of the machines.

So... we have two design constraints:

1) people need to be able to locate and revisit somethings in
the network

2) any meaningful hierarchial labeling of the real world is quite
   impossible, and runs into problems of scaling, adversity, and
   entrenched notions of ownership.

My proposal is to create a special hierarchy (similar to
tpc.int) which
can _only_ be used to register numeric "names" on first-come
first-served
basis. The "current" DNS then can go down in flames, for all i care.
Actually, I think this is inevitable, since some day someone
will find a
way to win a lawsuit against the whatever central naming authority is.

Anyone who thinks numeric IDs do not work when "better"
alphanumeric IDs
are possible needs to take a look at the ICQ. It is _very_
successful in
case you didn't notice. And so is telephony.

Two points, ICQ has an address manager add-on and my contact manager makes
it so I don't have to memorize phone numbers. I scroll down select and talk.
New SprintPCS systems even eliminate that, you speak the name and it dials
for you. Suddenly, you get into your 40's and there is more to remember than
you want to work at. I'm sure you know what I mean. What about that number
that you absolutely have to have, every six months? I just hacked a print
server because I couldn't remember the passwd, that was last used over three
years ago. I don't even know my insurance agent's name, but when someone
wrecks my car, I absolutely HAVE to have his number. Long-term human memory
is much better at names than numbers and is MUCH better at general class
names than specific identifiers. It has to do with refresh rates, just like
DRAM.

fact: for the majority of world population ASCII strings are only
marginally better than numbers in being "mnemonic" - and it
is much easier
to pronounce numbers in a native language.

Okay, so you would propose yet another layer of virtualization? Let us count
the layers we have already;

1) Layer 2 to IP, used by switches and the like. Services are divorced from
IP addrs. Where you route is not where you think you are routing.
2) NAT, Site virtualization. You could renumber the underlayment of the
NAT'd space and the outside world will never know ...
3) Straight IP virtualization, used by resonate and F5, as well as local
directors, the answering host need never be the same host twice.
4) DNS, separates you from the IP addr layer altogether.

If you put design dates on each of those you will probably find that they
are pretty much developed in the order I listed. Each case was to implement
a technical solution to a policy issue, in a futile attempt to build
technical barricades between the technologist and the politicians. Give it
up, you will be assimilated. You have been in retreat for years. You just
didn't realize it.

Vadim, you're an analyst too, how many layers of abstraction can we have
before the system becomes unusable, unwieldy, non-performing, and more
difficult to maintain than the tower of Babel? Speaking of which, your other
point about ASCII names is also moot, with iDNS.

The real answer was to stop the incursion of trademark crowd into the DNS.
You can thank Dave Crocker, Kent Crispin, and their IAHC for that smooth
move. Now if you think that they'd stop just because you have retreated
behind yet another layer of abstraction, you are indeed naieve. They will
come and hunt you out.

The inclusive root zone efforts, like that of the ORSC and PacRoot, are
actually trying to keep the root intact. We saw the probability of outfits
like new.net, years ago. We also recognised what it meant. We spoke the
warnings, we spoke them again at the Nov00 ICANN meeting in MDR. However,
what really triggered the race was when the ICANN BoD assigned the BIZ TLD,
knowing full well that the Atlantic Root had been registering domains there
for years. That told the new.net folks that it is okay to create conflicting
delegations. After all, the ICANN is doing it ... why can't they? There is
no law that regulates that.

There's a lot of other stuff behind that, but, I think that you get the
point.

Two points, ICQ has an address manager add-on and my contact manager makes
it so I don't have to memorize phone numbers.

And so does any web browser and even all popular e-mail software. The
point is: you don't _remember_ e-mail addresses with their FQDNs, you look
them up in the address book.

Long-term human memory
is much better at names than numbers and is MUCH better at general class
names than specific identifiers.

Long-term memory is _much_ better remembering gestalts than precise ASCII
strings. I'm exchanging e-mail with my colleague nearly every day, but
i can't remember what exactly variant of spelling is used for his name
(there's at least sixteen ways to spell his name in English, each as good
as any other :).

It has to do with refresh rates, just like DRAM.

It has to do with the way the redundancy is handled in the brain.
Long-term potentiation is not a terribly reliable process.

Okay, so you would propose yet another layer of virtualization? Let us count
the layers we have already;

1) Layer 2 to IP, used by switches and the like. Services are divorced from
IP addrs. Where you route is not where you think you are routing.
2) NAT, Site virtualization. You could renumber the underlayment of the
NAT'd space and the outside world will never know ...
3) Straight IP virtualization, used by resonate and F5, as well as local
directors, the answering host need never be the same host twice.
4) DNS, separates you from the IP addr layer altogether.

Actually i do not propose any new layers. The "layer" in question exists
already, in form of address books, hyperlinks and search engines.

If you put design dates on each of those you will probably find that they
are pretty much developed in the order I listed. Each case was to implement
a technical solution to a policy issue, in a futile attempt to build
technical barricades between the technologist and the politicians. Give it
up, you will be assimilated. You have been in retreat for years. You just
didn't realize it.

Actally i am not in retreat. I just have a funny habit of doing different
things, seeing new things and trying to know what other people are
thinking.

What i learned so far - if technology aims to change human nature, it
fails. It is very naive to assume that brotherhood of technologists will
stay cooperative when real money gets in. I do not like it any more than
any other techie, but let's face reality. The control of domain name
space is passing from technologists to lawyers and politicos.

Speaking of which, your other
point about ASCII names is also moot, with iDNS.

iDNS is a crock. A great way to subvert SSL (well, you rely on eyeball
recognition of URL; now, with iDNS you may have lots of ways to create
identically-looking but _different_ URLs). Though, admittedly, the fault
is not in the iDNS idea itself, but in the Unicode. And, yes, you cannot
even say if two domain names are the same if one is upper-case, and
another lower-case - because conversion depends on language. Next bright
idea, please?

The real answer was to stop the incursion of trademark crowd into the DNS.
You can thank Dave Crocker, Kent Crispin, and their IAHC for that smooth
move.

You can't stop them. They are the guys who are making laws. The only way
to actually stop them is to organize revolution. Can i opt out?

Now if you think that they'd stop just because you have retreated
behind yet another layer of abstraction, you are indeed naieve. They
will come and hunt you out.

What i am proposing is to remove the contention point. When "names" do not
have intrinsic value, nobody'll fight over them. Do you see many scandals
around people who own cool IP addresses? Now, the lawers will keep
hunting trademark violators - but with nothing as tangible as single name,
they will have to prove the intent to defraud; for now courts think that
just acquiring a well-known brand name (thus depriving "rightful" owner of
its use) is an ample proof of such intent.

The inclusive root zone efforts, like that of the ORSC and PacRoot, are
actually trying to keep the root intact. We saw the probability of outfits
like new.net, years ago. We also recognised what it meant.

It means that the ICANN soapbox is only fine because Microsoft has bigger
fish to catch. Now imagine they ship an OS with a resolver with
"additional" functionality - conviniently pointing to _their_ registry if
"public" root didn't yield the result. You cannot charge them with unfair
competition because this is just an additional convinience to their
customers, and besides they already do similar things with keyword search
and messaging. If i understand correctly, no O.S. vendor has a contract
with ICANN specifically prohibiting expansion of search capabilities. I
think the present new.net scandal is bound to attract their attention.

We spoke the warnings, we spoke them again at the Nov00 ICANN meeting
in MDR. However, what really triggered the race was when the ICANN BoD
assigned the BIZ TLD, knowing full well that the Atlantic Root had
been registering domains there for years. That told the new.net folks
that it is okay to create conflicting delegations. After all, the
ICANN is doing it ... why can't they? There is no law that regulates
that.

Because the current DNS has a single contention point, it is very
vulnerable. It can be very easily taken over by a large corporate entity.

There's a lot of other stuff behind that, but, I think that you get the
point.

The Internet is successful precisely because it is decentralized. There
is absolutely no reason to make the few "natural" central points
vulnerable by having them to dispense what is considered intrinsically
valuable property. (Thanks God, NAT made IP address allocations somewhat
less critical).

And if you think .COM fight is nasty... in other places conflicts like
that are sometimes resolved by means of sending goons with guns. I
personally was threatened over a domain name dispute, because of my
affiliation with one popular community resource. Fortunately, that time
that was merely a bluff.

--vadim

And so does any web browser and even all popular e-mail software. The
point is: you don't _remember_ e-mail addresses with their FQDNs, you look
them up in the address book.

I remember FQDN's.

I know where to email when I want to reach abuse@some.isp too. I also know how to tell someone over coffee what my address is, or my mom's email address.

For that matter, she remembers my email address, FQDN and all. This is a woman who labeled every port and every cable with matching labels like "a", "b", etc, just to move her desktop to a different room in the house.

Labels have an intrinsic value that goes far beyond the scope of the internet, and even beyond the scope of language.

A name. What is a name? A rose by any other name... Wouldn't be a rose anymore, would it? We place immense value in names. When you are sick, the first thing you want to know is the name of the disease. When you see someone, someone that stirs the ancient hormonal need to breed, what do you want to know? A name. When something is discovered, be it molecule or star, organism or crystalline formation, what do we do to mark the occasion? We name it. And then we name the day we named it, so we can celebrate that name.

Trying to divorce names from our thought processes (even if only in this one area) would be painful (if possible at all) to the general populace. Not to mention the damage it would do to marketing campaigns (print, radio, and TV).

Long-term memory is _much_ better remembering gestalts than precise ASCII
strings. I'm exchanging e-mail with my colleague nearly every day, but
i can't remember what exactly variant of spelling is used for his name
(there's at least sixteen ways to spell his name in English, each as good
as any other :).

Methinks he needs a shorter alias.

What i learned so far - if technology aims to change human nature, it
fails. It is very naive to assume that brotherhood of technologists will
stay cooperative when real money gets in. I do not like it any more than
any other techie, but let's face reality. The control of domain name
space is passing from technologists to lawyers and politicos.

Only if we bend over and lube for it.

What i am proposing is to remove the contention point. When "names" do not
have intrinsic value, nobody'll fight over them. Do you see many scandals
around people who own cool IP addresses?

No, but I bet you would see a mad dash for 123.123.123.123 and the like if your proposal were to take hold.

> There's a lot of other stuff behind that, but, I think that you get the
> point.

The Internet is successful precisely because it is decentralized. There
is absolutely no reason to make the few "natural" central points
vulnerable by having them to dispense what is considered intrinsically
valuable property. (Thanks God, NAT made IP address allocations somewhat
less critical).

The Internet is only useful because of standardization (IP, TCP, UDP, SNMP, ICMP, the list goes on forever). Otherwise, we are left sitting in a dark room with 200 other people... all speaking different languages.

Let's just ditch this whole "Internet" thing and go back to BBSes, shall we?

~Ben, blah blah speaks for himself blah not reflect blah blah employer

On Wed, Mar 14, 2001 at 11:21:57PM -0800, Vadim Antonov had this to say:
[snip]

Actually i do not propose any new layers. The "layer" in question exists
already, in form of address books, hyperlinks and search engines.

one word - inaccuracy. Have you tried to do a search for any even moderately
popular or public term lately? The last thing people want to do is have to
sift through 50,000 or more results for the exact site they're looking for -
this is _why_ we have domain names: so people can go exactly where they're
trying to go. Search engines are horribly inaccurate for trying to reach any
single particular page, unless it's so bizarre that you only get a dozen
search results. I would definitely not advocate search engines to replace
the current DNS system, unless a whole new generation of search engines
was created that could effectively deduce exactly where the user _really_
wanted to go, accurately, every time (which is what DNS currently does).

On Wed, Mar 14, 2001 at 11:21:57PM -0800, Vadim Antonov had this to say:
[snip]
> Actually i do not propose any new layers. The "layer" in question exists
> already, in form of address books, hyperlinks and search engines.

one word - inaccuracy. Have you tried to do a search for any even moderately
popular or public term lately?

Have you ever tried looking in the dictionary for the meaning of a word,
and found multiple definitions? You are arguing against LANGUAGE, which is
not strictly deterministic.

The last thing people want to do is have to sift through 50,000 or more
results for the exact site they're looking for - this is _why_ we have
domain names: so people can go exactly where they're trying to
go.

What Vadim is trying to explain to you is that this does not scale(or at
least not with the current system.) When I type in the world "apple" do I
want information on the fruit, the computer company, or the record
company(or something else that contains/is related to the string "apple"?)

Add to this the complexity of multilingualism, where a string of
characters can have a reasonably deterministic meaning or set of meanings
in one language, and a completely different set of meanings in
another.

Search engines are horribly inaccurate for trying to reach any
single particular page, unless it's so bizarre that you only get a dozen
search results. I would definitely not advocate search engines to replace
the current DNS system, unless a whole new generation of search engines
was created that could effectively deduce exactly where the user _really_
wanted to go, accurately, every time (which is what DNS currently does).

So tell me when I type in the word "apple" where exactly do I want to go?

On Thu, Mar 15, 2001 at 12:08:42AM -0800, Ben Browning had this to say:

>point is: you don't _remember_ e-mail addresses with their FQDNs, you look
>them up in the address book.

[reply left in entirety for emphasis]

I remember FQDN's.

I know where to email when I want to reach abuse@some.isp too. I also know
how to tell someone over coffee what my address is, or my mom's email address.

For that matter, she remembers my email address, FQDN and all. This is a
woman who labeled every port and every cable with matching labels like "a",
"b", etc, just to move her desktop to a different room in the house.

Labels have an intrinsic value that goes far beyond the scope of the
internet, and even beyond the scope of language.

A name. What is a name? A rose by any other name... Wouldn't be a rose
anymore, would it? We place immense value in names. When you are sick, the
first thing you want to know is the name of the disease. When you see
someone, someone that stirs the ancient hormonal need to breed, what do you
want to know? A name. When something is discovered, be it molecule or star,
organism or crystalline formation, what do we do to mark the occasion? We
name it. And then we name the day we named it, so we can celebrate that name.

Trying to divorce names from our thought processes (even if only in this
one area) would be painful (if possible at all) to the general populace.
Not to mention the damage it would do to marketing campaigns (print, radio,
and TV).

*APPLAUSE* this is probably the best non-technical argument for the importance
of names that I've heard yet in this whole thread. Very well spoken.

>Long-term memory is _much_ better remembering gestalts than precise ASCII
>strings. I'm exchanging e-mail with my colleague nearly every day, but
>i can't remember what exactly variant of spelling is used for his name
>(there's at least sixteen ways to spell his name in English, each as good
>as any other :).

Methinks he needs a shorter alias.

no kidding.

>What i learned so far - if technology aims to change human nature, it
>fails. It is very naive to assume that brotherhood of technologists will
>stay cooperative when real money gets in. I do not like it any more than
>any other techie, but let's face reality. The control of domain name
>space is passing from technologists to lawyers and politicos.

Only if we bend over and lube for it.

I, for one, find that thought intensely uncomfortable. In fact, I find the
idea of letting lawyers/politicos even be _involved_ loathsome; however, I
_do_ realize that certain amounts of evil come with the territory.

>What i am proposing is to remove the contention point. When "names" do not
>have intrinsic value, nobody'll fight over them. Do you see many scandals
>around people who own cool IP addresses?

No, but I bet you would see a mad dash for 123.123.123.123 and the like if
your proposal were to take hold.

absolutely - it's human nature (especially for marketers) to focus on what
_separates_ us from each other; what makes us different; what makes us stand
out. People will grab at any straw they see to try to have _some_ way to
be noticed in the crowd, without actually resorting to the merits of whatever
product/service they're selling.

>The Internet is successful precisely because it is decentralized. There
>is absolutely no reason to make the few "natural" central points
>vulnerable by having them to dispense what is considered intrinsically
>valuable property. (Thanks God, NAT made IP address allocations somewhat
>less critical).

The Internet is only useful because of standardization (IP, TCP, UDP, SNMP,
ICMP, the list goes on forever). Otherwise, we are left sitting in a dark
room with 200 other people... all speaking different languages.

Amen. And currently, there are certainly PLENTY of business interests that are
more than eager to subvert any standards they can find if it will put a buck
in their pockets. I _know_ you can all come up with at least a couple names
immediately that fit in that category.

Let's just ditch this whole "Internet" thing and go back to BBSes, shall we?

please, no.

<soapbox>
To sum up: if I had a choice between an Internet that worked, that
was a haven for the free exchange of information and ideas, where people were
able to effectively communicate with each other; and being able to pull a fast
one, stick it to the rest of the community, and make a million bucks, I think
in this particular case, I'd prefer to live cheaply than to have a marketing-
driven and non-functional Internet. Call me naive if you will, but I really
think the early days of the Internet, with the focus on free exchange of ideas
and information, before corporations, lawyers, politicos and PR departments
got in and fux0red the whole thing, is something that could possibly come again.
Perhaps not in the same manner (one can never really go back), but we _do_ have
the power to decide where we want this thing to go, and make it happen. We don't
have to just let ourselves be led around by the nose and blame "the market" or
"business" or our respective sales depts. Is this really that idealistic of a
stance to take, that we can still make a difference in how this Internet that
we collectively operate will develop?
</soapbox>

I await your collective jeers at my youthful naivete. *sigh*

~Ben, blah blah speaks for himself blah not reflect blah blah employer

ditto

On Thu, Mar 15, 2001 at 01:19:03PM -0800, Patrick Greenwell had this to say:

What Vadim is trying to explain to you is that this does not scale(or at
least not with the current system.) When I type in the world "apple" do I
want information on the fruit, the computer company, or the record
company(or something else that contains/is related to the string "apple"?)

see below - folks should NOT be encouraged to expect that the computer can
read their mind. As Dominus of #perl is famous for saying, "YOU CAN'T JUST MAKE
SHIT UP AND EXPECT THE COMPUTER TO KNOW WHAT YOU MEAN, RETARDO!" (apologies to
mjd). Obviously, this applies more to programming, but I think the general
principle holds true for any interaction with computers - people need to be
taught not to expect telepathic machines (not until we can build them anyway).
You type exactly what you mean, and you should get there. This is what DNS
currently accomplishes (with the exception of domain squatting, but that's
another story).

Add to this the complexity of multilingualism, where a string of
characters can have a reasonably deterministic meaning or set of meanings
in one language, and a completely different set of meanings in
another.

Oh, give it up on the multilingual thing already. I have been hearing this
for years now, and yes, it sucks in some ways that nearly everything having
to do with the Internet was originally developed in English (including
programming languages). HOWEVER - trying to re-engineer the entire ball of wax
to incorporate the multitude of localized languages is not technically feasible.
We can make our best effort by allowing people to register domains in other
languages, but an attempt to make DNS multicultural would mean rewriting the
underlying systems to support that functionality as well. This would lead to a
cascade that would eventually have us rewriting Perl, bash and HTML to support
any arbitrary language the user wanted to speak. (please don't throw XML into
this - I'm making a general point, to which I'm sure somebody will come up with
specific instances of exceptions).

> Search engines are horribly inaccurate for trying to reach any
> single particular page, unless it's so bizarre that you only get a dozen
> search results. I would definitely not advocate search engines to replace
> the current DNS system, unless a whole new generation of search engines
> was created that could effectively deduce exactly where the user _really_
> wanted to go, accurately, every time (which is what DNS currently does).

So tell me when I type in the word "apple" where exactly do I want to go?

you DON'T type in the word "apple" and expect to go anywhere specific. This is
EXACTLY the point I have been trying to make - people should not expect to be
able to type 'apple' either in a browser or a search engine, and always reach
some arbitrary site. www.apple.com OTOH should resolve to Apple Computers or
whoever owns that domain. If you don't know the name of the specific site you're
looking for, THEN it's time to dig up a search engine. But if I had to go to a
search engine everytime I wanted to read slashdot or userfriendly, the same
marketers that are causing the current crop of problems would quickly figure
out how to get their own unrelated sites to return at the top of any search
results for any reasonably common word. (porn search, anybody?)

If we remove DNS or a similar unique naming convention, the only way people have
to navigate is by hoping that their search terms are specific enough to have the
site they really want to reach appear somewhere in the top 100 results (i.e.
"apple computer corporation" should hopefully return www.apple.com but may also
return fansites, technical reviews, magazine sites, etc.).

Removing DNS is kinda the wrong thing. Do *you* want to run NIS?

In any case, what I've seen here screams out "Distributed directory
service!" Ie, if I pulled up a browser and typed in "apple" then it'd
first match an all the categories an "Apple" was found in, and
then let the user navigate that way.

.. which, people could argue is already being done through people like
Yahoo!, but I'd think something a little less centralised and a
little more end-user controlled would be more useful. In any case,
the first question which pops into my head is "How do you then stop
a porn site entering in wrong information to get the $$$?"

(.. and my answer to that is the porn store shouldn't be allowed to list
because of mis-representation, but hey, I'm just a youngin..)

Adrian

Removing DNS is kinda the wrong thing. Do *you* want to run NIS?

The proposal here is not to _remove_ DNS, it is needed to translate
end-point IDs into transport-level addresses, but rather create a separate
NS hierarchy which has only numeric "names"; and create some
infrastructure around so anyone can come and get a numeric domain. It can
even be made "free" by being subsidized by providers. My estimate is
about one man-year to get it (and self-registration) up and running.

If that structure is independent from ICANN, it will provide a ground for
experimentation, _and_ safety for those who don't want to see their
business or personal pursuits being harmed because of the present registry
mess. Actually, services like that already exist, but they are vulnerable
to the same name contention issues.

I.e. what i am saying is that there's a need for contention-free and
stable zone of namespace. The only way to eliminate contention is to make
names devoid of intrinsic value. Numeric names are also not a subject to
trademark law, and (not being choosen from a finite dictionary) are not
scarce.

--vadim

create a separate
NS hierarchy which has only numeric "names"; and create some
infrastructure around so anyone can come and get a numeric domain.

One possible solution to this is LDAP. A catalog server could build a
cache of O and CN objects and associate them various locator attributes
(like IP addresses, domain names and SRV RRs). This wouldn't even qualify
as theoretical really, it would be pretty easy to do.

But then we'd be back into delegation authority, naming conflicts, certs
and everything else. Plus we'd have a bunch of new problems like
normalized data ("John Doe", "Doe, John" or "J. Doe"?).

I think an expansion of the TLD catalog will eventually solve the problem.
ICANN is moving that direction (ploddingly slow but it is motion).
Probably ought to see how that plays out before we invent something that
is worse than DNS.

Can someone point to working examples for this please? The last LDAP/DNS system I checked was Verisign's and they appeared to take the LDAP query, convert it to query whois and then convert the result back into an LDAP response. The storage portion was not native LDAP.

One possible solution to this is LDAP. A catalog server could build a
cache of O and CN objects and associate them various locator attributes
(like IP addresses, domain names and SRV RRs). This wouldn't even qualify
as theoretical really, it would be pretty easy to do.

Best Regards,

Simon Higgs

Actually there are native LDAP interfaces for the Verisign registry and
Verisign registrar. For a couple of other registrars, we wrote a GPL'ed
whois->ldap gateway. Documentation of the project, examples of how to
use local LDAP clients, a sample web interface that calls LDAP,
and the gateway code is at http://www.ldap.research.netsol.com.

Regards,
Mark