07-17-97 Electronic Filings on Internet Domain Names

###
Number: 116
From:      calvin calvin@ibm.net>
To:        NTIADC40.NTIAHQ40(dns)
Date:      7/17/97 8:00am
Subject:   domain names

I believe that the federal government or the united nations would be a
wise choice for this endeavor.  If either of these bodies were to be
involved in the process I think they could do a similar job of
regulating the internet the same way that the fcc licenses and regulates
the airwaves.  The scope I must admit should be much more limited to
just governing the DNS part of the internet.  The reason I feel that the
scope should be this limited is that at this time there aren't presently
ways of broadcasting content to an end-user unless they choose to go to
a particular type of site.  I do however believe that as push technology
matures the bodies mentioned above might have to broaden their scope to
decide what content would be apropriate for broadcast through push
technology.  I do want to stress however that there should be very
strict guidelines(at first) and legislation(to follow) that would limit
any censorship to what is broadcast through push technology and that
would explicitly state that any individual or company could put whatever
they want to put on their pages but that they shall not be allowed to
advertise using any content that would not be suitable for broadcast on
a TV network.

###
Number: 117
From:      Garrett M Datz  gdatz@charm.net>
To:        NTIADC40.NTIAHQ40(dns)
Date:      7/17/97 1:34pm
Subject:   Domain Name Service Comments


Domain Name Registrations and ownership on the 'net is something that we
must remember started out as a tool, not an asset.  DNS was created with
the purpose of taking a number such as 198.49.199.2 and calling it
www.ntia.doc.gov

DNS was created to make commonly visted sites easier to remember.  At the
time of creation, very few corporate entities were a part of the 'net.  IF
the system has orginally been designed with commercial purpose in mind,
a different evolution would have occurred.  Take the University of
Maryland for instance.  Registered 12 years ago they posses the relatively
simple umd.edu for domain purposes.  However, look at the name
chevychasebank.com and realize that this has gotten a little out of hand.

Possesion of rights on the Internet legally can be difficult.  Can Apple
computers legally claim all uses of the word apple for domain purposes?
In court they won, but a common dictionary word?  Under the system,
someone could have registered that name 10 years ago with no mal-intent
and Apple computers would not have cared.  Why?  No interest in the
Internet.  1994 comes along and all of a sudden its copyright infrigement.

By the way the system is designed, DNS services are a first come, first
serve and should remain that way.  Large corporatation are striking fear
and lashing out into smaller businesses simply for beating them to the
Internet game.  It often appears that there exists a level of perceived
insult from these companies because the 'little' guy took what they
considered to be their 'inherently claimed' domain name.  I wonder how
many businesses in Maryland have Chevy Chase in their officially
registered and trademarked business name.  I know of at least 10.  

My final opinion is that the system is insufficient to handle to demands
and requirements that businesses have.  There is a virtual limit to the
number of possible 'simple', easy-to-remember, common word names that can
have a .com attached to it.  Take baltimore.com and inbaltimore.com.
Comcast attempted to push us out of it by claiming some form of trademark.
How can a public-domain name of a city be owned by anyone?

The registering of 100's of DNS's for the purpose of making a profit
should be altogether stopped.  Enforce a limit of 5 or 10 addresses per
individual or company and make the penalty immediate suspension and
surrender of all DNSs.   Release a strong statement saying that the
registration of a domain name for association with a business is separate
from any other form of commercial trademark and property.  The same with
corporate law, no two companies can posses the same busineess name, no two
can have the same DNS name.  However indicate that they are separate and
distinct.

We must remember that the Internet was created for fostering research,
communication and growth.  It was a tool of the universities and for
research facilities.  Free ideas and free speech was the basis.  DNS is
past its time.  A new concurrent system needs to be designed that will
address the needs of businesses on the Internet.  It is inevitable.
Simply adding more .xxx domains won't help a damn thing.

And the guy at home who may have registered a domain for himself because
he though it was a cool thing to do a few years ago should be protected
from million dollar lawsuits because some company feels infringed upon.

Garrett M Datz
gdatz@charm.net

|------------------------------------------------------------------------|
|  Garrett M Datz          Charm Net, Inc.         Voice: (410) 558-3900 |   
| Director of Sales     2200 E Lombard Street      Fax  : (410) 558-3901 |
|   and Marketing        Baltimore, MD 21231                             |
|------------------------------------------------------------------------|
| Email: sales@charm.net                       URL: http://www.charm.net |
|------------------------------------------------------------------------|

###
Number: 118
From:      "Jay R. Ashworth" jra@scfn.thpl.lib.fl.us>
To:        NTIADC40.NTIAHQ40(dns)
Date:      7/17/97 4:18pm
Subject:   Comments concerning the Internet DNS NOI

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Follow my comments on the Notice of Inquiry concerning Domain Name
Service management.  I speak as a commercial consultant on
internetworking and computer systems design with 15 years experience.

I've used the "call and response" format customary to Internet email;
hopefully, my responses will be comprehensible, rather than compost.

>    The Government seeks comment on the principles by which it should
>    evaluate proposals for the registration and administration of Internet
>    domain names. Are the following principles appropriate? Are they
>    complete? If not, how should they be revised? How might such
>    principles best be fostered?
>    
>    a. Competition in and expansion of the domain name registration system
>    should be encouraged. Conflicting domains, systems, and registries
>    should not be permitted to jeopardize the interoperation of the
>    Internet, however. The addressing scheme should not prevent any user
>    from connecting to any other site.
>
>    b. The private sector, with input from governments, should develop
>    stable, consensus-based self-governing mechanisms for domain name
>    registration and management that adequately defines responsibilities
>    and maintains accountability.
>    
>    c. These self-governance mechanisms should recognize the inherently
>    global nature of the Internet and be able to evolve as necessary over
>    time.
>    
>    d. The overall framework for accommodating competition should be open,
>    robust, efficient, and fair.

These first four points are platitudes... but they're well thought out
platitudes.  :-)

>    e. The overall policy framework as well as name allocation and
>    management mechanisms should promote prompt, fair, and efficient
>    resolution of conflicts, including conflicts over proprietary rights.

This is well phrased, but will be quite difficult to manage in
practice.  The precise reasons why, I'll take up shortly.

>    f. A framework should be adopted as quickly as prudent consideration
>    of these issues permits.

In light of the current travails with NSF contractor Network Solutions,
yeah, this is a good idea, too.

>    B. General/Organizational Framework Issues
>    
>    1. What are the advantages and disadvantages of current domain name
>    registration systems?

From an operational standpoint, the major disadvantage to the current
registration system is that Network Solutions appears, based on reports
from a statistically significant number of its customers, incapable of
providing reasonable customer service, from a standpoint of response
time if no other.

If a request is at all out of the ordinary, the systems in place at
NetSol are guaranteed to both mishandle it and delay it.  Even normal
requests are often troublesome.

For example, NSI apparently has an undocumented policy of allowing
the "Host Registration" necessary to use a host as a DNS server to be
done only once for any given IP address.

I'm involved in a situation right now where administrative control of a
network is about to change hands, and I attempted to register two hosts
in that domain to use as servers.  The two registration templates
templates were sent out within 60 seconds of one another, the
"automated acknowledgement" messages came in 2 and 9 hours later
respectively, and 3 _days_ later, _one_ of the registrations was
acknowledged.  The other registration vanished into limbo, and 60
minutes of toll phone calls a week later were necessary to discover
that the registration was bounced "because another host is already
registered with that address".

Inasmuch as the very DNS system these registrations were intended to
support allows multiple names for one address, this is puzzling, but
the lack of response, the lack of documentation, and my total
inability to successfully contact anyone in authority to discuss the
matter are unconscionable.

It _has_ to be possible to provide better customer service than this...
with a $50M+ annual revenue stream.

From a _structural_ standpoint, the current Domain Registration system
is deficient primarily in it's centralization.  Many other components
of the Internet have evolved over the course of the last 20 years, but
DNS and registration administration is just now reaching it's adolescence.

The other major, and probably insoluble, problem is that the DNS system
uses names as addresses.  The problem is that names can change, and
addresses usually shouldn't.  The quintessential example of this is
professional service companies like law firms.

When Trenam, Simmons, Kemker, Scharf, Barkin, Frye and O'Neill loses a
partner and becomes Trenam, Kemker, Scharf, Barkin, Frye, O'Neill and
Mullis, what do you do with all that stationary... and more to the
point, all those bookmarks and web index engine entries, that say
"trensim.com" (or "tsks.com", or whatever)?

But it's _way_ too late to do anything about this now, and I'm not sure
there ever was a time when it wasn't.

>    2. How might current domain name systems be improved?

Caution is needed here; what's at odds is primarily the registration
systems that underlie DNS, not the technology itself.

It's difficult to answer this question without getting "personal" about
NetSol; the primary improvement I can see at the moment would be for
NSI to start earning the incredible amount of money they unilaterally
decided to charge for domain registration service.  This is
particularly true in light of the several major root nameserver outages
which have occured in the week or so since I started composing these
comments.

The other answer to this question is global, and the primary target of
this NOI; I'll return to it after building some more ground work.

>    3. By what entity, entities, or types of entities should current
>    domain name systems be administered? What should the makeup of such an
>    entity be?

There have been half a dozen proposals made for a restructuring of the
DNS registration services infrastructure.  Of all the approaches I've
investigated, I believe that the Denninger/Postel Internet Draft on the
topic is the best thought-out, and most comprehensive.

Extreme care is necessary here: one of the reasons that the Internet
has successfully scaled to the degree that it has in the short amount
of time it took is that the underlying foundations of the protocol
designs and their implementations were subject almost entirely to
engineering discipline; commercial and (say it softly) political
concerns were ignored.

Make no mistake, the expansion of the DNS registration infrastructure
which everyone agrees is necessary must take commercial concerns into
account... but it _MUST_ be designed by engineers; it's an engineering
issue.

We don't allow politicians to design interstate highways.

>    4. Are there decision-making processes that can serve as models for
>    deciding on domain name registration systems (e.g., network numbering
>    plan, standard-setting processes, spectrum allocation)? Are there
>    private/public sector administered models or regimes that can be used
>    for domain name registration (e.g., network numbering plan, standard
>    setting processes, or spectrum allocation processes)?

These issues are covered in the Denninger/Postel draft, but I'll note
that while the primary concerns are infrastructural, and thus engineering,
the main secondary, operational, concern is that of validation of
registration entities, providing for a common set of clearly enumerated
policies (for things like trademark disputes) which all registration
entities must agree upon(/have imposed on them).

>                                                           What is the
>    proper role of national or international governmental/non-governmental
>    organizations, if any, in national and international domain name
>    registration systems?

From an operational standpoint, there _must_ be some centralized agency
with responsibility for the "ownership" of the root of the DNS
namespace (commonly, but incorrectly, referred to as ".").

However, this agency's sole duty should be to delegate it's authority
to TLD registries and arbitrate disputes.  The design of the system and
the charter of this board should be such as to make it structurally
immune to litigation about issues like, for example, trademarks.  It
must have both the authority and the resources to reassign or
temporarily support any domain whose registrar become unable to continue
it's services.

Two points are important here: 

1) Registry services and DNS service provision are related but need not
be combined: it's possible to envision an enviroment in which
registries contract out the actual provision of DNS root services to a
technically competent third party, thus isolating customers from
business problems at the registry entity, and

2) Regardless of the legalities, domain names are being viewed as
property by their holders, and substantial investments are being made
in them, primarily in publicity, but also in customer mindshare.  The
nature of the net is such that it depends on this behavior, and
therefore it must be taken into account when prioritizing such items as
continuance of service.

>    5. Should generic top level domains (gTLDs), (e.g., .com), be retired
>    from circulation?

I think not, for the reasons enumerated above.  Many companies are
actually _named after_ their domain names; and while "no law guarantees
that anyone will be able to continue making his living in a certain
manner" (Judge Learned Hand), neither are flag days looked upon kindly;
justification for such things must be reached by consensus.

>                      Should geographic or country codes (e.g., .US) be
>    required?

See above; ie: no.

>              If so, what should happen to the .com registry? Are gTLD
>    management issues separable from questions about International
>    Standards Organization (ISO) country code domains?

I don't see any good reason to need to separate the topics; the
parallel structures don't seem to be what is causing the problem.

>    6. Are there any technological solutions to current domain name
>    registration issues? Are there any issues concerning the relationship
>    of registrars and gTLDs with root servers?

The current issues appear to be architectural and commercial, rather
than technical and operational, and therefore require architectural solutions.

>    7. How can we ensure the scalability of the domain name system name
>    and address spaces as well as ensure that root servers continue to
>    interoperate and coordinate?

These are mostly technical questions, and I don't claim to be an expert
on the topic, but if I don't see the names Vixie, Halley, Margolin, and
Liu on any paper asserting to answer this question authoritatively,
I'll assume it doesn't know what it's talking about.  That is: there
are experts on these topics, and anyone in authority who flouts them,
or worse, ignores them, does so at the peril of the entire Internet.

(Note to readers: there are other DNS experts, obviously; I simply
picked the top 4 I see on the mailing list as examples.)

>    8. How should the transition to any new systems be accomplished?

This is already taking place.  There are root nameservers which are
_not_ authoritative for .com and the other domains currently run by
NSI; this experiment seems to be working.  There are also currently
operational root servers for views of the namespace which include
alternate TLDs, these include alternic.nic.  In short, as long as the
current operators of the DNS roots (which primarily means NSI) help
rather than hinder, a transition will be a Small Matter of Administration.

It should be noted that the operators of Alternic have apparently
demonstrated poor business judgement in a denial of service attack
agains NSI this past week; this doesn't impugn their technical prowess,
but it _does_ illustrate the importance of the topic, and the degree of
discontent with NSI's current operations extant in the net.

>    C. Creation of New gTLDs
>    
>    10. Are there technical, practical, and/or policy considerations that
>    constrain the total number of different gTLDs that can be created?

Mostly, the size of the TLD tag.  Traditionally, these have been 2 or 3
characters; the D/P draft suggests a maximum of 4 or 5, which seems
sound, but does impose an absolute limit. 

Also, this limit is smaller than it might seem it ought to be: all
components of domain names _must_ be pronounceable.  This is more a
social limitation than a technical one (indeed, the software doesn't 
care), but it's a requirement nonetheless.

>    11. Should additional gTLDs be created?

Let's be careful here: the same namespace issues apply to TLD's that
apply to Usenet newsgroups: creating new ones without extensive
discussion and justification ought to be _expensive_ and _time
consuming_.  Much too little concern is given to namespace control...
which isn't suprising; it's an architectural issue, and most people
aren't architects.  But it's nonetheless crucial to the ongoing
simplification and "consumerizing" of the net of the net.

Case in point example: ".firm".  Is there really anyone who's
_thinking_ about this, who doesn't know which company will register
"ibm.firm" the second it hits the table?  They've probably got an
employee whose job is nothing else, by now.  That is to say,
"horizontal" segmentation of the namespace will not work; the problems
are identical to those in the botched release of the 888 toll free NPA.

Who owns 1 888 FLOWERS?

And ".nom" is simply stupid.

However, in the grand scheme of things, yes.

>    12. Are there technical, business, and/or policy issues about
>    guaranteeing the scalability of the name space associated with
>    increasing the number of gTLDs?

Well, it's likely that as long as the scaling doesn't go too fast, the
technology and policy issues involved can keep up with it.  Ensuring
this is probably the job of whatever group gets appointed to own the
root of the namespace.

And I'll say this again.  This is an architectural function.

Would _you_ want to live in a house designed by a politician?

>    13. Are gTLD management issues separable from questions about ISO
>    country code domains?

No; ISO3166 registries already exist, and by their nature, probably
should have their policy making continue unimpeded by any except
technical considerations.  The only control that appears necessary is
the "we're the new government, delegate to us now" sort of incident...
and this is large enough that it doesn't really matter _who_ has the
responsibility... professional diplomats will be the implementors.

>    D. Policies for Registries
>    
>    15. Should a gTLD registrar have exclusive control over a particular
>    gTLD? Are there any technical limitations on using shared registries
>    for some or all gTLDs? Can exclusive and non-exclusive gTLDs coexist?

I should think that it would be difficult to have more than one
registrar for a TLD.

The difficulty can be better illustrated by observing that there are
three functions performed by registrars:

1) Policy and administration,

2) registration operations, and

3) nameserver operation.

The first is the largest problem -- policy must be uniform across a
given TLD, and for technical reasons, the current implementation of DNS
makes division of number 3 difficult as well.

>    16. Should there be threshold requirements for domain name registrars,
>    and what responsibilities should such registrars have? Who will
>    determine these and how?

Yes, there should.  There is some merit to the idea, possibly original
to me, that these threshold requirements should be a contractual issue
between the registry and its clients (with the exception of
grandfathered TLD's, of course).

Since these requirements are to protect the clients, the only reason I
can see for externally-imposed requirements are in the event that more
than one entity applies to host the same TLD name simultaneously.

Arbitrating these types of disputes would be another job of the root
operators.

>    17. Are there technical limitations on the possible number of domain
>    name registrars?

Only the available number of registerable TLDs.

>    18. Are there technical, business and/or policy issues about the name
>    space raised by increasing the number of domain name registrars?

Hmmm...  technically, yes.  It becomes necessary to uncouple the root
nameservers from the TLD nameservers.

Business?  Making sure that customers see a _reasonably_ coherent view
of the TLD namespace, from a registration policies standpoint.

>    19. Should there be a limit on the number of different gTLDs a given
>    registrar can administer? Does this depend on whether the registrar
>    has exclusive or non-exclusive rights to the gTLD?

I believe that this is a question of workload and the ability to handle
it.  I _do_ think that a raw numerical limit wouldn't work the way it
was intended, as there are groups of TLD's that comprise a "concept",
which probably ought to be administered together... like, for example,
.am, .fm, .tv, .news and .mag.  These also comprise a good example of
TLDs which ought to have special policies; I, for example, would allow
in the first three categories only customers who could document an FCC
broadcasting license for the appropriate domain.

>    20. Are there any other issues that should be addressed in this area?

Probably, but I'm pretty certain that the D/P draft addresses them.

>    E. Trademark Issues

Oh, God.

>    21. What trademark rights (e.g., registered trademarks, common law
>    trademarks, geographic indications, etc.), if any, should be protected
>    on the Internet vis-a-vis domain names?

This is probably the single biggest problem with the current .com
domain.  As long as the policy is stable, and well documented, and
_doesn't change on a whim_, I'm not sure it matters.  The market will
fix any inequities here.

The reason this is really a problem, though--as is a surprise to no
one--is one of jurisdiction.  There are hundreds of geographical
jurisdictions for trademark control, and usually, the geographical
separation involved is enough.  "Smith's Plumbing" in Alaska probably
cares very little about competition from "Smith's Plumbing" in
Arkansas.

And then along came the net.

There's no perfectly satisfactory solution... 

But disabling a domain name's service that a customer has both paid for
and advertised extensively, without warning, or right of contest --
NetSol's policy -- is simply _not_ acceptable.  NSI has, in fact, this
week violated its own published policy on this topic, suspending
"NASA.COM" with no notice whatever on a complaint from NASA... which
domain had been in service continuously for 2 years previous to the
incident.

>    22. Should some process of preliminary review of an application for
>    registration of a domain name be required, before allocation, to
>    determine if it conflicts with a trademark, a trade name, a geographic
>    indication, etc.?

Nothing would ever get registered.  _Everything_ conflicts with
something, somewhere on the globe.  In the course of ordinary business,
these factors are the responsibility of the business, I see no reason
why they shouldn't stay there.

>                          If so, what standards should be used? Who should
>    conduct the preliminary review? If a conflict is found, what should be
>    done, e.g., domain name applicant and/or trademark owner notified of
>    the conflict? Automatic referral to dispute settlement?

Anything except the sudden "On Hold" will be fine, thanks.

>    23. Aside from a preliminary review process, how should trademark
>    rights be protected on the Internet vis-a-vis domain names? What
>    entity(ies), if any, should resolve disputes? Are national courts the
>    only appropriate forum for such disputes? Specifically, is there a
>    role for national/international governmental/nongovernmental
>    organizations?

Alas, (I say alas because countries have a disturbingly long history of
not being able to agree on these topics), I don't think anything except
an international body of some kind will have jurisdiction.  Understand
that I am not sure I _like_ that answer...

>    24. How can conflicts over trademarks best be prevented? What
>    information resources (e.g. databases of registered domain names,
>    registered trademarks, trade names) could help reduce potential
>    conflicts? If there should be a database(s), who should create the
>    database(s)? How should such a database(s) be used?

This is actually a question of intellectual property rights management,
not one of technology per se, nor the Internet, per se.

Check with Carl Oppedahl; he makes a living on this stuff.  :-)

>    25. Should domain name applicants be required to demonstrate that they
>    have a basis for requesting a particular domain name? If so, what
>    information should be supplied? Who should evaluate the information?
>    On the basis of what criteria?

This is a difficult question to answer.  It might help, but I feel that
the net is a hotbed of opportunity for entrepreneurialism, and
entrepreneurs often do the legal paperwork last.

Besides, this would impose one more load on potential registrars.

No, it's probably a good idea, but I'm not sure it's feasible.

>    26. How would the number of different gTLDs and the number of
>    registrars affect the number and cost of resolving trademark disputes?

I think the root-ops would have to make the appropriate arbitration
policies and require TLD registries to adopt them as part of their
contracts.

>    27. Where there are valid, but conflicting trademark rights for a
>    single domain name, are there any technological solutions?

Nope.  Modify the name in some fashion.  A client is an Allied Van
Lines moving agent.  When Allied went to request a domain name, 
{allied,avl}.{com,net} were all taken.  On bad advice, they registered
alliedvan.net, which they've since modified to the more expected
alliedvan.com.  It isn't great, but the other registrants had good
trademark claims to the other names, as well, so Allied Did The Right
Thing, and solved it's problems by clever _use_ of the technology,
rather than in court.

Note that that's not a "technological fix"...  it's simply an
intelligent _use_ of technology that already exists.

Another example: that client is on the net as well.  When they went to
apply, they discovered that "blocker.com", the appropriate domain name
for this 99 year old company, was already taken...  by some "name
registry company" in Canada for an unknown, and possibly non-existant
client.  So, taking advantage--again--of a little common sense, they
registered "blocker100.com", "in recognition of their upcoming century
anniversary".

>    28. Are there any other issues that should be addressed in this area?

Dozens, but they haven't all come up yet.

Copies of the Denninger draft are available from www.alternic.net, the
Postel inet-draft is in the usual places.

And in closing, allow me to compliment NTIA for soliciting, and indeed
_allowing_ the submission of comments electronically; this much
improves the chances you'll get what you're looking for.  Hopefully, my
comments will prove useful, informative... and not too derogatory to
NSI.  :-)

Cheers,
-- jra
-- 
Jay R. Ashworth       High Technology Systems Consulting              Ashworth
Designer            Linux: Where Do You Want To Fly Today?        & Associates
ka1fjx/4    "...short of hiring the Unabomber, how can I       +1 813 790 7592
jra@baylink.com              get back at them?" --Andy Cramer        NIC: jra3
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-- 
Jay R. Ashworth                                                jra@baylink.com
Member of the Technical Staff             Unsolicited Commercial Emailers Sued
The Suncoast Freenet      "People propose, science studies, technology
Tampa Bay, Florida          conforms."  -- Dr. Don Norman      +1 813 790 7592
-- 
Jay R. Ashworth                                                jra@baylink.com
Member of the Technical Staff             Unsolicited Commercial Emailers Sued
The Suncoast Freenet      "People propose, science studies, technology
Tampa Bay, Florida          conforms."  -- Dr. Don Norman      +1 813 790 7592


CC:        Alan Petrillo 

###
Number: 119
From:      Peter Bachman peterb@support.psi.com>
To:        NTIADC40.NTIAHQ40(dns)
Date:      7/17/97 10:01pm
Subject:   The "other" Internet namespace, c=US.

Dear Sirs,

Allow me to introduce myself, I am Peter Bachman, X.500 Manager
of the c=US public directory namespace, which has been maintained by
PSINet with the cooperation of other entities since 1988. I come
not to "replace" DNS, but offer something that increases the
value of the Internet.

For reference, my url is http://usdsa.psi.net.

Consider for the moment that the c=US namespace, (part of
the X.500 namespace Directory Tree) is a superior
graft to the current DNS Tree if one considers security
and international scope. Of course it has not garnered the
popularity of the DNS namespace but as someone who is both highly
involved in setting up nameservers, debugging nameservers,
and the X.500 system, it is clear that many benefits could
be accrued from a linkage between X.500 standards, and the
DNS system. As you may know, the major user of the X.500 system
is the U.S. Government. 

The X.500 Directory offers the value of unique objects that
can accessed from anywhere in the world. It has not gathered
a level of popularity due to it's complexity. X.400 addresses
offer security, but are not easily memorized, or guessed. In
many popular Internet mail packages, X.400 acts as the "Glue"
between different mail systems. Gateways aleady exist to
transfer between X.400 and SMTP DNS addresses.

I have been working with federal agencies such as the GSA, to explore
the potential for the exploitation of this directory namespace. This can
be a key component to "reinventing government" by listing government
services down to the local town hall, ems, fire station, etc. Within
that community is also room for Main street.

The Internet
has sufficiently "grown up", to require the sophistication
and flexibility of a secure system, as many major corporations have
already discovered. This namespace and related protocols, such
as X.509 Certificates will be a significant cornerstone of
the 20-200 Billion dollar world economic transactions of
electronic commerce over the Internet. It's the same
technology that allows your browser to go to "secure mode" to
send a credit card, or the protocols behind how "SET" work. Poke
under the hood of the Internet and you see it everywhere.

Within the X.500 community we also have been forced to grapple
with issues such as user security, privacy, and uniqueness. Like
the Internet was, the X.500 namespace is now largely populated by 
Government agencies, Universities, National Research Labs, and
some corporations. Much of the namespace is not available to
the public. This has also been a significant drawback
that is being solved.

In order to further and continue goals that were set in place
by the NSF, the X.500 namespace needs to protect the security
that exists in sensitive areas such as DOD, CIA, etc. and
can continue to do so with little public input. However the
same goals that those agencies have, are now being demanded by
the public, unique identification, remote operations, certified
namespace, avoidance of namespace collisions and certification
of transactions using X.509 Certificates for encrypted commerce.

I am willing to talk with stakeholders to expand the role
of X.500 directory services, which can serve up such information
as an X.400 email address, a RFC822 email address, a Uniform
Resource Indentifier, (the newer form of URLS, like http://), public
keys for secure commerce, and much, much more. 

I have requested
from the IANA that linkages to the X.500 namespace be located in the TLD
reserved for international treaty organizations and international
databases, .INT. This effort is beyond the scope of even a major ISP
such as PSINet, which also operates a root nameserver for the
Internet. We have a working relationship with GSA which is
currently managing a challenge project using '93 X.500 technology
which offers even more security, and which the c=US will migrate 
towards.

This technology was far to much ahead of it's time when it
was introduced and the overhead to produce and consume it
was too much, and largely unwanted outside of "mission critical"
applications. DNS remains, and will remain to be a viable system.
However, now we are considering alternatives!

With the introduction of a commercial c=US, that can
not only hold domain names, but people and other objects, all
uniquely indentifed, and linked to other international servers,
users will benefit greatly. The pilot project's usefulness
has largely ended. It is now time for the technology to emerge
from it's comfortable scientific womb where it serves the soldiers,
scientists and scholars, to the glare and popularity of the public eye. 

The complexity of the system will be ecapsulated in the web browser
and other tools using LDAP, the Lightweight Directory Access Protocol
also funded by the NSF at the University of Michigan and promoted
now by major http browsers by Microsoft and Netscape.

Shall we "sleep" this technology much longer? Or shall we
dust it off and take off to a networked world where a
name really means something?...

To paraphrase Charles Babbage:

"What's in a name, it's only a box until you put something
in it"

For everyone who "missed" getting their corporation into the DNS 
namespace, I'd suggest you consider this very seriously. You
could go from the mailroom to the executive suite.

(standard disclaimers, relating to my own personal opinion).

thanks.

-pb

###

07-18-97