International Telecommunication Union   ITU
Site Map Contact us Print Version
 Wednesday, February 08, 2006

Via Schneier on Security comes a pointer to an interesting paper entitled Introduction to Petname Systems.

Zooko's Triangle [Zooko] argues that names cannot be global, secure, and memorable, all at the same time. Domain names are an example: they are global, and memorable, but as the rapid rise of phishing demonstrates, they are not secure.

For background reading, see Zooko: Names: Decentralized, Secure, Human-Meaningful: Choose Two, Waterken YURL: Naming vs. Pointing and the Petnames Markup Language.

To summarize, you cannot have a namespace which is all three of: 1. decentralized (which is the same as saying that the namespace spans trust boundaries), 2. secure in the sense that an attacker cannot cause name lookups to return incorrect values that violate some universal policy of name ownership, and 3. using human-memorizable keys.