More from Eric
Eric paints a plausible scenario of what the Net will look like once strong digital IDs are in place, and then he scares the crap out of us by pointing to Verisign’s new “consumer authentication system,” currently being tested by eBay, that checks “50 best of breed data sources (personal, credit, demographic and black list information) to cross verify and risk rank consumers.”
Blacklist???? Whose? How you get on? How do you get off? So, now Verisign’s automated credit check will evaluate whether you have the standing to buy cotton doilies from eBay based on blacklists that come from unspecified somewheres. Anyone who’s dealt with Verisign’s ability to handle exceptions when it comes to domain names knows that Kafka was being optimistic.
This by itself should count as an argument against instituting “strong” digital IDs.
Categories: Uncategorized dw
My earliest experience with Verisign was trying to get one of their digital certificates to work with my IIS server. It didn’t work and, surprise, surprise, there was no customer service number on their site. After contacting them via e-mail I was basically told, “Here’s the FAQ. If that doesn’t work, tough s**t.” Thanks to that experience I continue to make certain my company uses other sites for digital certificates and I personally hope Verisign goes out of business in a metaphorical cataclysm involving fire, wailing and gnashing of teeth and big pointy sticks.
Even as an optimistic techno-geek, all of this stuff is starting to get really disturbing. Despite all of the efforts to decentralize ID’s and create a network that is end to end, we are increasingly becoming controlled consumers – tracked, logged, monitored and surveilled, and less customers with real choice in controlling anything – our privacy, identities, purchasing habits, reputations and dignity.
I’m with you Dave, until digital ID’s are controlled by customers for empowering vendor relationships as Doc Searle pointed out today, I’m totally opposed to them.
In a few weeks, the .org Whois registry db will transition from approx. 100 registrar databases distributed worldwide to one centralized Afilias db.
The thick registry model: “Afilias recommends that registrars point their WHOIS server to the Afilias port 43 WHOIS server at: whois.afilias.net”. “Thick” registries preceded today’s “thin” registries. The claimed benefit is “instant update of Whois data, removing 24hr delay”. Note that centralized whois data is a necessary step for enforcement of a “registration policy” for domain owners.
ISOC subcontracted registry operation to Afilias (Dublin)
Afilias subcontracted, later acquired Tucows-run LibertyRMS EPP registry (Toronto)
Afilias subcontracted DNS to Nominum (Redwood City Vixie/ISC spinoff, ISC bid against ISOC/Afilias for .org)
Nominum sold their DNS customers to UltraDNS
Afilias’ EPP registry runs Postgres, UltraDNS runs Oracle.
Why might a registration policy be necessary for accuracy of Whois data? Spam. One solution: national policy changes, possibly including registration. But the internet is decentralized and subject to the policies of many nations.
“This by itself should count as an argument against instituting “strong” digital IDs.”
Which “strong”? If you’d outlaw a centralized approach, then that implies the political structure has enough power to outlaw and prohibit other approaches as well….
It costs a lot to wade through all the words to be certain which points people are trying to make, but an obvious approach is to authenticate your own identity — to show a good credit report, which only you can invoke, to prove that you’re a good risk.
(As long as we don’t take responsibility for our individual IDs then centralized services would naturally evolve to fill the void… an imperfect VeriSign identity authentication would eventually lose ground to a better personalized identity authentication.)
I think Eric is raising the point that not all transactions need the same degree of identity authentication, which seems accurate enough to me.