This morning I attended one of the consultation meetings on the Nominet proposals to reserve .uk. for those with a physical presence in the UK and to make address spoofing rather harder. The meeting was supposedly for public interest groups but much of the time was taken up by arguments against the proposals by a US lawyer hired by registrars who wish to perpetuate the dominance of the Internet addressing system by those whose business is selling domain names to the best payer: without regard to physical address, trading record, whether they are to be used (and how, e.g. impersonation of those with a similar name or in support of fast flux), suppressed (including by large brands to prevent impersonation, parody or use by customer protest groups) or resold at a profit.
His clients appear to also be opposed to the improvement of security, apparently because it can never be perfect and therefore improvements would lead to false confidence.
I believe that if such arguments prevail, it will be only a matter of time before the overall Internet Addressing system is handed “back” to the ITU as an extension of telephone numbering in time for a world of ubiquitous computing in which most traffic will be over mobiles with security based on checking the physical address, sim card and/or geo-location
We should remember that the rise of the Internet as we know it was mainly because of the mess that the ITU made of X25 . The ITU is now in a more credible position because of its apparent success in handling IPV6 standards and its offer to “mediate” the types of patent dispute that destroyed RIM and threatened to derail the global move to smart phones. I fear that at WCIT the Western Internet community will win the battle but lose the war. Control over Internet addressing then will pass to national governments (including in the UK) unless current attempts to make it trustworthy succeed. The growing scale and nature of impersonation (both corporate and personal) and associate fraud and the tendancy of corporations to use civil law and tort (rather than criminal law) against those who fail to help them obtain redress mean the current situation is unsustainable.
Hence the importance of putting the Nominet consultation into broader context – and having a large number of response from those who really do wish to improve confidence in the on-line world and get the other 70% of business transacting on-line.
I am told that Nominet have so received 450 submissions. I fear that many, perhaps most, are from the registrar and ISP community – split between those who wish to preserve their current business models and those who wish to earn more from supplying genuinely trustworthy names. Meanwhile it is apparent that almost all outside the closed community are unaware that .co.uk does not mean the supposed business is based in the UK, or even has a physical address of any kind in the UK. This comes as a shock whenever it is mentioned.
As most readers will be only too well aware I am committed to improving trust in the on-line and in the UK as the best place to base a globally trusted on-line business. Hence the effort I am putting onto the competiton for ideas on how to achieve this. But neither will happen unless customers are able to make an informed choice to deal only with .uk domain names which mean what they say on the tin, linked to physical addresses with routines for enforceable redress when things go wrong.
Until that happens on-line business will continue to implode onto a small number of dominant brands which consumers think they can “trust”. Most of these (other than banking, insurance and travel booking) are parented in the United States with their EU operations based in Ireland or Luxembourg. This avoids liability UK regulation (e.g. that on consumer credit) and disputes resolution (e.g. County Court) as well as VAT and Corporation tax. The sums quoted by those opposing the Nominet plans are trivial by comparison. Hence another reason why HMG will not back down on the “polite” pressure it has put on Nominet to set its house in order.
The initial Nominet proposals are not perfect. How they should be packaged and implemented is not obvious. That is why there is such a long period for dialogue and response. I plan to blog again when I have got my head round the current state of responses, including the suggestions for reconciling and addressing the differences between those who genuinely wish to have a domain name system that serves the interests of society as a whole and gives a fair reward to registrars who verify the domain names to those who want us to trust them, give true anonymity to those who want it, and enable the rest of us to tell which is which. And when I say “verify” and “anonymise” I mean “with as much certainty as is reasonable in a world where nothing is certain for longer than it takes the minds of the Dark Market to find a way round”.
So why am I so concerned with confidence in the on-line world – and why do I think the future currently in prospect sucks – unless, that is, we have a consumer revolt against the internetties in their cyberghettoes?
The closure of our local NatWest Bank came as shock – then I read of a raid on the local Tesco barely a five days later. It became apparent that the response of Lambeth Police and Council to local policing, rather than the orignal incident, was the probable reason for the bank closure – and that Tescobank is unlikely to fill the gap. I fear that instead of spending my declining years in comfortable independence, with the support of easy to use, reliable, resilient on-line products and services to compensate for lack of mobility – I will starve to death, unable to order groceries for delivery by armoured Tescovan because my electronic credentials were hijacked after I visited Tesc0van by mistake or because I clicked on the link in an e-mail asking me to change my delivery schedule because ….