[tahoe-dev] Bringing Tahoe ideas to HTTP

James A. Donald jamesd at echeque.com
Wed Sep 16 23:09:52 UTC 2009 

James A. Donald wrote:
 >> The ideas used in Tahoe are useful tools that can be
 >> used to solve important problems.

Ivan Krstic' wrote:
 > Yes, and I'd be happy to opine on that as soon as
 > someone told me what those important problems are.

<http://www.waterken.com/dev/YURL/Name/>

More generally, we need an egocentric authentication
system.

The vast majority of users believe that if they
"successfully" login, this is proof of relationship.
Obviously we should make that true.

When you receive a message that purports to be from
someone that you have a relationship with, the relevant
question is not "is the globally recognized true name of
this entity "First National Bank of Omaha", but "is this
an entity you have  a relationship with, if so, how is
this entity known to you, and how are you known to this
entity?"

In pre computer days, a business communication:

1.  Could only be read by the sender and the recipient.

2.  Identified the sender as the sender is known to the
recipient, and the recipient as the recipient known to
the sender.

3.  Identified the primary key of the recipient's file
at the sender, and sender's file or issue file at the
recipient. (And if no valid recipient key, the
communication is low priority)

In the computer age, we need to have cryptographic
enforcement of all this.  Cryptographic enforcement of
true names is not particularly relevant or useful.

In the days before banks became part of the government,
ordinary middle class people used a variety of financial
instruments, called "notes" or "bills", wherein a
communication from Ann to Bob could contain a capability
that Bob could use with Carol, thereby granting Ann a
corresponding capability with Bob.  The "cheque" or
"check" is the degenerate remnant of these once diverse
and multifaceted capabilities.  We need to recreate this
ability to transfer capabilities in organization to
human communications and organization to organization
communications, starting with, and most importantly,
capabilities representing money or promises to deliver
services on demand.

More information about the tahoe-dev mailing list