Re: [GNU/consensus] Zooko's Triangle

[Melvin Carvalho]

On 25 July 2013 09:40, elijah <address@hidden> wrote:

On 07/24/2013 11:01 AM, carlo von lynX wrote:
> On Mon, Jul 22, 2013 at 10:13:04PM +0200, Melvin Carvalho wrote:
>> They are in the church of "your email is your identity" -- let's
>> be clear this is an unnecessary restriction with will not scale.
>> Other projects (not mentioning any names) *cough cough* are also
>> in this religious sect.
> also, key management is ridiculously easy if it doesn't try to get
> along with email addresses. the key is the identity. works great in
> modern systems such as tor hidden services, retroshare etc.

We still live under Zooko's triangle. Identity <> key mapping is only
easy if you exclusively care about globally unique and decentralized,
but it is very hard if you care also about human friendly.

Zooko's triangle is a useful tool, but note the comment:

Zooko's triangle is not a proof, but rather a suspicion; as Zooko puts it, "I didn't prove that it is impossible to have all three features, I only said that I doubted that your namespace will have all three.". (wikipedia)

The triangle applies when you wish to confine yourself to a single identifier, which is just not a common best practice.  In facebook, for example, people use a combination of their real name, their email, their telephone number, or their graph address (which is the one that ties all the others together).

Overloading identifiers is conceptually wrong.  You are not your email address, you HAVE an email address.  You are not your public key you HAVE a public key.  If you overload this, it's a hack, called 'indirect identifiers', and you have to accept the disadvantages that it's harder to scale.  Scaling is what's important in social.

 

You can get all three, if you cheat. Namecoin is an example of cheating
in a peer to peer way (the cheat is that the global append-only log is
essentially an authority, derived from consensus of miners). DANE
achieves all three by relying on the authority of the root DNS zone.
Nicknym, the protocol we are working on (https://leap.se/en/nicknym)
also achieves all three by relying on DNS, although in an entirely
different way.

So this is a cleaner approach.  Have a composite identity of which email and key are but facets.  Therefore you need a technology to tie them together.  This is the engineering challenge.  Namecoin is a distributed database of key / value pairs, which is not a bad idea.  DANE could work, but again we are overloading.  DNS is already a central point of failure, be careful not to put all your eggs in one basket.  Key value pairs can also be stored in something like a facebook graph, in a database, or in your browser -- there's more than just one solution to this.

 

We can, and must, do much better than a secure identity system that is
unfriendly to humans. It is the 21st century, after all.

True.

 

And yes, I proudly belong to the church of identity in the form of the
URI commonly referred to as an email address. Not only is address@hidden
fantastically usable, it is also universally understood by every
internet user on earth. There are other addressing schemes that are user
friendly-ish, like twitter @user, or namecoin (although namecoin
obviously has other problems), but address@hidden is here to stay.

There's a number of disadvantages with this approach.  Firstly, you have to convince everybody to subscribe to your world view, which is time intensive (also a losing battle from the start) which takes away from your, and everyone else's development time.  Secondly, it creates 'haves' and 'have notes' and balkanized the space.  Even though I like the technology of LEAP, more so because it is free software, because it's done in an intolerant way, it's harder to even fork or reuse the code, because of the militant opposition to getting the patches upstream, either to the codebase, or the protocol.

The battle of free software has shifted from proprietary software, to centralized data, to the gatekeepers of the non-free protocols that people use. 

CC: zooko

 

-elijah