Naming systems - Journal of Omnifarious
Apr. 16th, 2003
12:22 pm - Naming systems
There are lots of different kinds of names for things in the computing world. It gets rather confusing. For example, www.livejournal.com is the name for the LJ website, but so is 22.214.171.124. Those names are not exactly identical though. They are at this moment, but the next moment, www.livejournal.com could be equivalent to 126.96.36.199. One name is intended to be some variant of human readable. The other name is intended for the computers who make the Internet work to use to figure out where information should go.
Omnifarious.org has many names. It is known as www.omnifarious.org, ehopper-host33.dsl.visi.com, 188.8.131.52, mail.omnifarious.org, 3ffe:2900:c00f:10:207:95ff:feeb:3f2c, shell.generalpresence.com, and others. It used to be known as a couple of other names, but I stopped paying the authorities responsible for maintaining names for those names, and the names disappeared.
Worse yet, when you hold a conversation with some computer on the Internet, there's no really good, standard way of telling whether or not you're really holding a conversation with 184.108.40.206, www.omnifarious.org, or whatever other name you think you're talking to.
My mailbox has a name too. And, while I almost always use digital signatures that would allow people to confirm that mail came from my mailbox, the technique is used by a very small percentage of the total Internet population. And, worse yet, most Internet mail software cannot verify the digital signatures I attach to my email, so even if all of my messages have a digital signature, that signature is useless for most people. Generally, when you get an email message, it requires a discerning eye to tell if it really came from the name it says it came from.
But, this digital signature thing is kind of interesting. If more people would use it, you could have hard verification that a message comes from who it says it comes from. So, what is a digital signature?
A digital signature is a curious thing, and I've been thinking a bunch on how to think about them most usefully. A digital signature is a bit of math done on a message and a secret value. It can be verified using a publicly published value. The publicly published value cannot be used to generate message signatures that can be verified with that value.
In a sense, the publicly published value is a name for me. And it's a verifiable name in that I can verify that I know the secret value associated with the publicly published value without having to reveal the secret values. My publicly published name is very long and complicated, but my publicly published name also has a name (a self-verifying name of a different class that I'll get into later). Its name is
E06D 5619 E7C3 D8BF 8A08 8EC8 8EDB 2F94 EC2F 6B36, or
EC2F6B36 for short.
Since I can use my public name to sign things, I can sign various assertions, implying that the owner of that name (me in this case) thinks the assertion is true. One such assertion that people usually download right along with the name is the assertion that a more human readable name is "
Eric Mathew Hopper (main key) <firstname.lastname@example.org>".
Time to stop for now, more on this later...