Greetings to Everyone! I’m publishing this text in order to share with you some thoughts I’ve had recently concerning the management of names and social relationships on Internet. These ideas came to me as I began thinking about certain problems of my own: how to manage SPAM without the installation of an anti-spam filter that, although it is often very helpful can nevertheless become very problematic (above all, when self-hosting ).
But in their finality, these thoughts went much further. The aim is to participate in the establishment of non-exclusive social networks and reduce the lock-in effect which would become more decentralized. The point of view isn’t technical, but editorial, semantic, and the goal of the users: even if this has an effect on previously developed applications or provided services.
This reflection analyzes the roles, what is at stake and the different elements of an address written
email@example.com for email and many other applications. It appears necessary here to question the reasons for the majority’s acceptance of which elements are necessary for an address :
me@mycomputer or even
LinuxFr appears to be a good place to begin our conversation and to verify that I’m not totally off-base, or that I’m not making too many errors. I am NOT a programmer, but I’ve worked in Numeric publishing, which explains my point of view editorialist. Techniciens and /or experienced users are more than welcome to help me expand on these ideas.
In this first part, which I recognize is a bit long, may be too obvious to you if you are very familiar with LinuxFr. In this case, I invite you to go to the conclusion of this document
Benjamin Bayart established early on that one can only have access to Internet if one has an IP address1). In the same manner, one can’t have an autonomous social existence on Internet if he doesn’t have a DNS name that is linked to an IP address, thus to his publications: this was established in Bayart conference “Free Internet or Minitel 2.0”2).
Internet is a media which permits each and every person a potentially strong media existence. By “media existence” I mean that our thoughts can be consulted by people who are unknown to us, which is very different from conversations that we choose to send to specific people, and these people can respond directly to us.
The first role of the name such as joe.net is to permit anyone in the world to be aware that Joe has a media existence, and thus to anwser to the question “What has Joe published on the Internet?”. This combines the functions of naming, identification and localization, and this combination forms an address3). I call this type of address a “mediatization internet address” as it only permits the mediatization of one’s publications.
Thus, it shouldn’t be considered that the DNS gives names to machines, but that it unifies the names of persons -physical or juridical persons- to other names of machines managed by the IP addresses4). Currently, practically only machines and juridical persons possess DNS names. To block this current general acceptance, I propose to no longer talk about a domain name, but only of a name on Internet.
If this were the case, all the applications on Internet would permit their clients to use their own domain names. As you are probably aware, it is already possible for a machine to receive several DNS names, and sort them out upon reception (Wordpress, Blogger, etc. already do this).
Today, there are only 300 million domain names of the second Level5), while in fact, we should be 4 billion (which is the number of Internet users). In France the Afnic which manages 17 names of the French top-level such as .fr .paris .bzh and .re only account for approximately 3 million names for a population of 65 million people. If we consider the need for one person to have several names or nicknames to manage his identity according to the context, we should be well beyond the 4 billion.
This first mediatization internet address is re used in the part that is to the right of the @ to compose an internet address of conversation. I will come back in the next part to the utility of the element that is found on the Left of the @. But one can already see that the interest of having one’s own name (its user name) in the part which is on the right of the @ is that if for some reason my conversational address is not working, my contact can nevertheless stay in contact with me by visiting my publications (for example my website) and eventually retrieving another conversational address.
Certain services which are primarily oriented towards conversation as email permit the usage of one’s own name (for example: Gmail but the best examples would be Gandi Mail or OVH). Strangely enough however, certain services closer to “free software movement” don’t permit the use of one’s own name. For example: Mailoo is wonderful because it offers a service of free storage of emails, but it requires having an address in the form of
firstname.lastname@example.org. This same problem can be seen in the service XMPP offered by Duckduckgo and by many XMPP providers. Other platforms such as Twitter or Seenthis.net only give an address such as @Toto, which is not connected to any DNS and thus remains completely local and not federated.
If my association, company or service provider want to manage my name then they must give me a DNS name in the style of my name.mycompany.com; even if it would permit to me to use it only for web pages and/or emails that they have control over. This allows me free management of the part preceeding the @, which is a necessary condition to the management of all interactions.
The use of the semantic
email@example.com (which I personally consider to be a deep error) is very old and still very frequent, particularly by the important actors of Internet. Thus in his famous talk Benjamin Bayart says6) :
Email, when I was a kid learning to send emails I was told “it represents the login of the user, and the name of the machine”. My address is “bayartb” – that’s my login – “@edgardfdn.fr”, which is the name of my machine”.
Again in 2012, Ray Tomlinson, speaking on the origin of email and mostly about the use of @, do the same mistake:
“The sign @ made the most sense, because the users were necessarily at an address… ”@”, he said later to the magazine WIRED.
Also, in recent projects such as Diaspora*, the same mistake which consists in using a format such as “@name” without using the part before the @ and without use the DNS :
To connect with someone the only necessity is to simply find them and then add them to an aspect (see below foe details on aspects). To find them (….) you ca also use their diaspora* identifiant (
hisname@pod_name.com) if you already know him.
You want to get someone’s attention? Its easy. Just write “@mentionner.
Or even in the IETF RFC 805 entitled “Computer Mail Meeting Notes” (published in 1982):
The major conclusion reached at the meeting is to extend the “
username@hostname” mailbox format to “
firstname.lastname@example.org”, where the domain itself can be further structured.
While since a very long time, the IETF leaves in its RFC, which well analyze the use of the different elements, the possibility to other interpretations. For example, we can see it from RFC 805:
One of the interesting ideas that emerged from this discussion was that the “
user@host” model of a mailbox identifier should, in principle, be replaced by a “
unique-id@location-id” model, where the unique-id would be a globally unique id for this mailbox (independent of location) and the location-id would be advice about where to find the mailbox.
However, it was recognized that the “
user@host” model was well established and that so many different elaborations of the “user” field were already in use that there was no point in persuing this “unique-id” idea at this time.
But also in more recents ones like RFC 5598 on the “Internet Mail Architecture” (2009):
A mailbox is specified as an Internet Mail address
<addr-spec>. It has two distinct parts, separated by an at-sign (@). The right side is a globally interpreted domain name associated with an ADministrative Management Domain (ADMD).
The portion to the left of the at-sign contains a string that is globally opaque and is called the
<local-part>. It is interpreted only by the entity specified by the address's domain name.
Unfortunately, despite these possibilities, no other semantics have really succeeded in gaining momentum.
We therefore systematically find examples based on this
me@myservice model, for example in RFC 5322:
This could be called a canonical message. It has a single author, John Doe, a single recipient, Mary Smith, a subject, the date, a message identifier, and a textual message in the body.
From: John Doe email@example.com
To: Mary Smith firstname.lastname@example.org
Stéphane Bortzmeyer explains it regularly, the DNS is a hierarchical tool, it does not allow us to have a name without depending on a tutor, be it Icann, Afnic or wordpress (for example with a name of the form toto.wordpress.fr). If one of my tutors rejects me and thus imposes his decision on other tutors7), I then loose my audience and the social relations that are attached to the name – one recognizes here the lock-in effect of social networks that makes it difficult to leave Twitter or Facebook8).
The guardianship relationship is not only problematic from the pupil’s point of view, it is also problematic from the point of view of the tutor because it involves his own reputation and responsibility. If you can only exist through it, every time you are mentioned the tutor will be mentioned too. Sometimes he will benefit, but often he will not want to take this risk.
Considering thee two problems, one solution could be that the municipalites or “departments”, via their 10 000 libraries or the hundreds directed by the “departments”, propose to its citizens a tutorial adoption of their names. By this I mean, give them names such as
jdoe.paris that they could link to any service on the Internet. While a name with the semantic
jdoe@paris (or at times, simply @toto that isn’t attached to a DNS) would bind to a specific service and not permit having an autonomous existence.
A municipal gestion would permit a more neutral and more stable system than associations, universities, enterprises and would permit to manage the rivalry between certain names and the name-squatting. Nevertheless, it is not 100% perfect as people are highly mobile, leave university, move from one city to another, and drop out of associations.
Surely it would be a good idea for municipal libraries to also provide physical hosting and software administration services for email, Mozilla Persona and XMPP. Of course these services should be dissociated from the DNS naming service to leave the choice of host.
Another complementary solution would be the GNU Name System (GNS) which is a subpart of GnuNet project. It transforms the status of name registers: currently “tutors” they would become “referents”. Each and every ”tutor” (or registar) would become avoidable and subject to contest, if necessary.
GNS, briefly9), is based on two levels of names, here is a presentation based on that of Christian Grothoff10) (author of the project) and that of Stéphane Bortzmeyer11):
Another important point to avoid registries is that their data bases are public and can be easily forked.
From this point of view, let’s see why the stature of referent is so interesting. The following part is a digression intended to promote one of the GNS particularities: the non-unicité des noms. If you prefer, you can skip it and go directly to the intermediary conclusion.
It seems very important to me to be aware of the fact that it is undesirable to have names which are universally unique. The majority of P2P alternatives DNS try to circumnavigate the problem of the Zooko triangle that states a P2P name can not simultaneously be unique, manipulable by humans and secured, as only two of thee objectives can be obtained at the same time. However, to do away with the absolute uniqueness is of the utmost importance.
On the one hand, being unique isn’t a good objective as this only reenforces rivalry therefore resulting in name-squatting. With four billion names, this would happen quite quickly:
Also, universal uniqueness isn’t necessary as humans have good ability to interpret and to understand unusual contexts unlike machines (for example, the googlecar can only be driven on a road that it has already traveled on several times and that it already is acquainted with) which need unique identification.
Already, humanity is not using unique names and things are still functioning very well. For example with city names : London, Londres, لندن, 倫敦 are the names used to designate the same city in different cultural contexts. This multiplicity of names is important to facilitate identification of names by people exterior to the initial culture. Imagine that you had to distinguish between 北京 de 上海, 深圳, 南京, 香港, 广州 et 东莞. To get an idea you can try to find your way around here or there.
We must stress the importance here that these “renamings” are not made by the culture of the named entity but by the exterior cultures that have been made aware of the entity in order to integrate it into their own cultures.
Faced with this multitude of names, we verify the identity either by referents in whom we trust, or by its complex local specificities : when one is there, its very difficult to usurp London’s identity as a city charecterized by its location, its institutions, the shape of the city, the language that is spoken there, etc.
In the case of GNS, this unique complex reality is the unique name which has the form of a public cryptographic key or its condensate.
With GNS, Afnic & Icann remain useful but their status evolves from tutor to referent, in the sense that we always have an interest in going through them, at least initially, to indicate their name to a person. Here Afnic or Icann remain important as cultural referents common to given populations. For example in France, all names could be expressed with more or less explicit reference to Afnic. It looks like “go see my jdoe.net site” because, most of the time, our interlocutor would know what .fr we were referring to and everyone would have already saved it on their computer, in the same way that we all keyboard adapted to French. The uniqueness of the names would then be maintained for a given cultural context.
So, if we decide to redirect all .org.fr to the American .org, in the United States the name of Wikipedia would be wikipedia.org.gnu while in France it could be wikipedia.org.fr.gnu and at the same time wikipedia.fr.gnu
As we can see, the further we are culturally from a person, the longer her name becomes as the chain of intermediaries would be longer. But, the more we consult this person’s page, the shorter his name becomes. For example, Wikipedia could become wp.gnu
Assuming the roles of intermediaries means recognizing the necessity of political management for domain names. Nevertheless, by attributing them the status of mere referents we do not give up the possibility, when necessary, to circumventing them or to fork them.
We see that we benefit from their usefulness (partial unicity and culturally relative) while keeping the autonomy of names and identities, that is to say the possibility to totally bypass these intermediaries or to use other referents.
GNS is more of an extension of the current system, it will never replace the 300 million names registered in the first strate of domain names. But GNS could coexist with these DNS names if the .zkey and .gnu were recognized by ICANN, or were integrated (Provided that all these current registers switch their software from DNS to GNS).
By the way, Afnic, too, would really become independent from Icann. The global naming authorities would work in a network, with equal status and without hierarchy, and they would keep their notoriety and credibility already established with regard to their public and in their zone or cultural sphere of reference.
However, there are two major dificulties to change over to GNS:
We shouldn’t think that the DNS only manages addresses of machines or hosts’s as that is the main job of the IP address.
But the names of Internet users, natural or legal persons who express themselves on the Internet, do not have to be managed by anything other than the DNS or what can replace it. Thus, the DNS links the names of Internet users to the addresses of machines or hosts.
A DNS address of the type
name.tutor, for example
jdoe.net, is what I call a “mediatization internet address”. She answers the question “What did Toto publish on the Internet?”. Having a DNS name allows you to freely manage your media existence, i.e. its audience, its reputation, its legitimacy, its capacity for mobilization, etc. This helps to stabilize this existence, not to lose these elements every time we change software or host.
We must therefore go from 300 million to 4 billion names managed by the DNS. To do this, it is necessary to facilitate the management of DNS zones, to make it more user-friendly than it is currently. And publication hosting services, web or otherwise, must allow their users, Mr and Mrs Smith, to easily use their own DNS names.
In addition, as the DNS is hierarchical therefore users always depends on tutors. This situation is oppressive should thus be rejected, despite without denying the usefulness of the intermediaries. This could partly be accomplished in assuming the need for a political management of the names, but also by using tools, such as the Gnu Name System, which allow bypassing intermediaries when necessary. This would transform the status of intermediaries: currently “tutors” they would become “referents”.
GNS does not allow absolute uniqueness of names but it does not matter because it is not desirable. On the one hand, Internet users can take into account unusual contexts and act accordingly. On the other hand GNS allows cooperation between registrars and renames adapted to the practices and cultural contexts of Internet users: the more an address would be used in a cultural context the fewer the intermediaries would be, and therefore the shorter it would be, and vice versa. Finally, it seems especially difficult to manage more than 4 billion names in a single register without the emergence of major conflicts related to induced rivalry and political centralization.
The names of internet users and mediatization addresses also participate in the composition of “conversation internet addresses”, being used in the right part of the @. These addresses allow Internet users to have conversations, to respond directly. Confining the name in the right part of the @ allows you to leave the free management of the left part of the @.
But then, what’s the use of the part in front of the @? This is what we will see in the second part.
internet isn’t only a media, it’s also what I call a “converso”. Others call it “social networks” but this term doesn’t quite seem pertinent to me. A “converso” is a social apparatus that organizes, frames and makes possible the conversations by mobilizing certain techniques and social groups. It permits people to respond to each other directly. It is achieved in particular by the constitution of a place where conversations exist according to certain rules. In this place, privacy can (more or less) exist. Here are a few examples of non-computerized “conversos” : telephone, speed dating, a shared meal around a table, or a job interview etc.
A conversation is distinguished from media coverage by the fact that all participants perceive themselves, can speak and respond to each other. A discussion requires that each participant have a name. But to be initiated it must also go through a mutual greeting. This greeting indicates a protocol that sets the framework and the modalities of a conversation. To your friends you say “yo”, to your family you say “hi”, to your boss or to a stranger you say “hello”, at school we raise our fingers to speak etc.
Obviously the boundaries between media and converso are blurred and the two can be combined. On the one side, a discussion between people can have a large audience without the latter being able to participate in the conversation, this is already the case with talk shows on TV. On the other side on the Internet a discussion between thousands of people can take place, for example through the discussion lists, XMPP or Twitter. All these people do not speak at the same time, they then form a huge audience, but they can speak.
Numerous “leaks” or photos taken out of their private domain – for better or worse – are yet another illustration of this increased porosity on the Internet between media and converso.
We will see how the Internet address of the form
hello@myname, historically used for email, can be used to manage these conversations. I call this style of address an “conversational internet address”. The word “address” tells us what we are looking at, that is an address that allows us to address one specific person.
The part to the left of @ should therefore be used to define the modalities that make conversation possible. Without the @ in front of the name and without the part to the left of the @, the relationship is not conversational. It's like turning on the TV and watching the BBC, we still cannot converse with the BBC.
The first function of this part of the address is to locally manage the reception of messages intended for us, moreover the RFCs are quite clear on this point. It must therefore define an assembly of editorial rules which must be respected for a message to be accepted and received. This allows you to manage the form that the discussion will take.
Each mailbox is a combination of editorial rules. Thus, its important that one person can create as many mailboxes as necessary in order to manage the different types of conversations he has, according to the contexte, origin and social relationship entailed.
Here are some of the editorial rules used in the life without a computer: sustained language, colloquial language, posture body language, the “tu” and the “vous”, humorous tone, compassionate tone, solemn language, teasing language, length of speech without interruption (10 seconds or 15 minutes) etc.
Obviously, all these rules that exist without computers are reintegrated into the conversations via computers. But other editorial rules are specific to computerized conversos. Here are a few that could be used in combinations to define the mailboxes:
In order that everyone can manage his own mailbox , and thus pay close attention to the editorial rules in place, its necessary to have a simple program that is both user friendly and ergonomic. However, it appears to me that this program does not exist currently.
The second function of the part on the left of @ is to filter the conversations according to their origins and their contexts. So, a same mailbox may have many aliases. These aliases are greetings which, already without internet, permit one to measure social standing and indicate the editorial rules to follow.
If your boss calls out to you saying “Hey, dude”, there will certainly be a reason or even an argument. If you call out to him saying “Yo, bro”, it’s the same thing. If you call your friend by saying “Good Day to you, John Doe” it will surely be considered ridiculous, as these greetings imply and reflect different ways of maintaining a social relationship. A mistaken salutation will break off the possibility of beginning a discussion. If you whistle to a friend further down the street, she’ll turn around and walk towards you so that you can talk together. But try whistling at a woman you don’t know in the street: she’ll reprimand you in anger, if she doesn’t give you a punch in the nose!
On Internet, these aliases also permit to manage spam or the lifetime of an interaction. Thus, to publish one’s name on a mailing address without it being ab le to get “spammed”, it’s no longer necessary to use the regularlyefficient tactics;
contact [@] jdoe.net or email@example.com or even the web form which requires to use a web browser because it does not provide an address.
For example, in my editorial rule “public address”, my address will be
firstname.lastname@example.org; for a person met in a bar or party, it can be
email@example.com, for a professional relationship it would bee
firstname.lastname@example.org and the addresse published on my web site would be
contact-T31s8@jdoe.net; this last alias being able to be revoked if used too often having been added to Spam lists.
One of the advantages with this system is that if an alias is revoked, the person using this address can always go to see what I publish on toto.net and find there an ad-hoc address to contact me again. But the discussion channel will no longer be the same because the social relationship will no longer be the same.
In order that an Internet user manage in autonomously his audience, the types of his social relationships, their lifetime , etc., the semantics of a conversational Internet address should therefor be:
Its easy to imagine a ton of names for these different contexts and their editorial rules. A few examples follow:
email@example.com my bank
firstname.lastname@example.org from July to December 2016
email@example.com from January to June2017
The use of trash emails whose aliases cease to be active after 24 hours, etc. is another possible use.
The email clients should be adapted to this gestion of aliases and mailboxes. Certain systems like Yunohost or Modoboa already permit a good management of alias. But I don't know of any that allow me to manage mailboxes as I explained.
Registering on an online service or web media is making conversation possible. This is why a
greeting@name type address is necessary and required by these platforms.
Mozilla Persona hoped to permit to manage it well and was part of the management of the names and social relations that I described. Links with XMPP were envisaged, which would have improved the tool. Unfortunately the mail hosts did not adopt it (just as they did not adopt XMPP) this is why Mozilla abandoned it in November 2016. Should it be forked (with BrowserId) to give it a new life? We can also read feedback on the failure of Persona by Mozilla and by a mail host (for whom Let's Encrypt would be a good solution today).
this is how Persona was presented:
Persona is an openly distributed, cross-browser identity system providing a solution to the traditional password model. It addresses the usability deficiencies that plague other privacy-related systems such as OpenID, without resorting to a centralized infrastructure such as Facebook Connect.
The current approach for establishing and managing user names and passwords is tedious, inefficient, and insecure. Users must create and remember complex passwords for each site and service. Sites then must securely encrypt and store passwords to prevent the leaking of sensitive information. The prevention and negation of security leaks is the primary reason for the use of Persona, but the flexibility of its systems outclasses most standard identity security systems.
Persona eliminates the need for per-site passwords
Persona utilizes a safe, two-click system built on top of public-key cryptography for logging in to websites. The user's browser generates a cryptographic affirmation of identity that expires after a few minutes and is only valid on one site. By avoiding passwords, users do not need to worry about remembering several distinct passwords and need no longer be concerned with unsecure access to their password. This quick and easy sign-in process eliminates the current inefficiencies of traditional account registration and allows users to quickly establish accounts on websites.
The email addresses carefully capture the idea of someone@some-context. This makes it easier for users to keep their identities @work, @home, or @school separate. This differs from the trend of linking together many accounts through real identity, single-account policies on social networks like Google+ and Facebook.
Persona is flexible
Within Persona, your identity is your email address. You can use as many email addresses as you want, but you still only need one password.
Currently, internet users too rarely have a DNS name and chat systems are too thought out with addresses of the form
me@myhost. This old semantics of the conversation address makes internet users dependent on web hosts and service providers. They risk, leaving their hosts, losing their audiences, their social relationships, etc. Furthermore, this does not allow them to properly filter their interactions. This semantics must therefore be rejected.
For an Internet where Internet users have a more independent media existence, it is necessary that they all have a name managed by the DNS. And for the Internet to be a more decentralized converso (social network), we must use this new semantics for the conversation Internet address:
name (even if that does not solve all the problems)
The greeting must be freely managed by the Internet user, which permits him/her to shape the form of his text and conversations (mailbox) and to filter them according to the interlocutors and the contexts of the meeting (alias).
Technical systems like email, XMPP and Mozilla Persona already allow this new semantics to be used, even if their software needs to be improved. DNS zone management software is also involved in its deployment, but it needs to be more ergonomic and easy to use. Finally, the use of the Gnu Name System instead of or in addition to the DNS would make everything even more decentralized.
Of course it is very likely that you are already using this semantics. But it seemed to me necessary to explain it since it is very unused. I hope the article has convinced you or at least interested you, your comments are welcome.