Waterken^TM YURL

Naming vs. Pointing

2003-09-21

The problems with a name-centric designation model, like the PKI, are explained using an analogy.

The scenario

Alice has brought her son, Jon, to a party. Also at the party is Libby, a friend of Alice's. Jon and Libby have not met. Many other people are at the party.

The PKI analogy

In a PKI-like model, Alice introduces her son to Libby by telling Libby that her son is named "Jon". Libby then looks around for someone who claims to be named "Jon". Upon finding such a person, Libby asks the person for their driver's license, to confirm that the person's name is indeed "Jon".

The YURL analogy

In a YURL-like model, Alice introduces her son to Libby by pointing at him and telling Libby: "This is my son."

The introducer role

In both cases, Alice is the introducer, and controls which person Libby comes to know as Alice's son. In the PKI-like introduction, Alice can give any name she wants to Libby. If Alice says her son's name is "David", Libby comes to know David, not Jon, as Alice's son. Similarly, in the YURL-like introduction, Alice can point at whomever she chooses.

Problems with naming

Using names and licenses creates a number of potential problems in a PKI-like introduction that are not present in a YURL-like introduction.

Trust

Libby must trust the Department of Motor Vehicles (DMV) to be meticulous about putting the right name on an issued license.

Entry barrier

If Jon is underage, the DMV will not issue him a license.

Scalability

Jon may normally be resident in a foreign country. For Jon to have a license recognized by Libby, either the DMV must be able to issue a license to a foreigner, or Libby must be able to recognize a license issued by a foreign DMV. Both cases present difficult scalability problems. In the former case, the DMV must be able to accurately establish the name of any person, from anywhere in the world. In the latter case, Libby must trust a license issued by any state in the world.

Name conflation

When Libby is looking for a person named "Jon", Jan might say: "Hi, I am Jon." When Libby checks Jan's license, she is expecting it to say "Jon" and does not notice that it actually says "Jan".

Fake identification

Mallory works at the DMV, and likes playing party tricks. Knowing that Alice is bringing her son to the party, Mallory makes himself a fake license. The fake license is indistinguishable from the real thing. When Libby comes asking for a person named "Jon", Mallory can claim to be "Jon" and can prove it with a license.

Identity revocation

The DMV may decide that another person is the rightful user of the name "Jon" and revoke Jon's license. Anyone looking for Jon will instead find the new licensee.

Time

A license is only valid for a limited duration of time. When a person's license expires, they must go to the DMV and get a new one issued. This process can be time consuming.

Money

Issuing a license is hard work, and the DMV will not do it for free. Everyone who gets a license must pay a fee to the DMV.

Identity loss

Due to the cost and difficulty involved in issuing a license, the DMV must issue licenses that are valid for years. Over such a long duration, people are bound to lose their license or have it stolen. As a result, a person using a license may not be the legitimate holder of the license.

Conclusion

A name-centric designation model is fraught with problems. Pointing is often an easier and safer solution than naming. A YURL enables pointing on the Internet.

Copyright 2002 - 2003 Waterken Inc. All rights reserved.