Is the Internet Really Broken?
Let me first introduce myself. My name is Dan Kioria, from Nakuru, Kenya. I’m working with Wes Kussmaul, CEO of The Authenticity Institute.
My blog is about Authenticity. Not authenticity as in “people should be authentic with each other,” although that is certainly true. No, this is about a very specific application of the concept of authenticity to the principles underlying the internet.
So - remember this?
That lack of accountability led to this MIT Technology Review cover story 16 years ago…
16 years later, all evidence suggests that the internet is more broken than ever!
We’re inundated with spam and malware. Ever more effective phishing attacks lead to breaches, theft, ransomware attacks and general mayhem. Inside the attacked networks, security technology is simply not working.
The state of the world’s infrastructure – the internet – is beyond chaotic, right?
Well, let’s think about that.
The internet used to be characterized as an information highway and the metaphor still fits.
So. What is a highway?
A highway is a public transport facility, right? An outdoor public transport facility.
And… how do we use highways?
Typically we use highways to transport ourselves from one building to another. One indoor space to another indoor space.
We do our banking in buildings. We hold our meetings in buildings. We don’t keep our files in rest areas beside the highway; we keep our files inside bounded rooms inside… buildings of course.
Buildings do more than keep the rain off our heads. An even more important function of buildings is to provide bounded spaces that serve specific purposes. Most importantly, those spaces provide accountability. We tend to know who is in the room with us. The people in a room tend to be accountable to each other. The clubhouse or office suite or residence or accounting department file room tend to defined or implicit access control lists that answer the question “Do you belong in here?”
Buildings and rooms and offices and residences are about accountability.
So, in this global digital information infrastructure… where are the buildings? Where are the bounded accountability spaces?
Well, to start with, if you want bounded spaces of accountability you need the basic tool of accountability, which is measurably reliable identities of people who occupy that accounting department file room or residence or clubhouse. In the physical world our face and voice and demeanor identify us. But, well, on the internet, no one knows you’re a dog.
The right way to do identities is with digital identity certificates, because digital identity certificates are part of the world’s best digital construction material. That world’s best construction material is PKI. Digital identity certificates not only do away with passwords but as part of a PKI facility that’s built correctly, facilities that are built with it are pretty much unhackable.
If you’re not familiar with PKI, take two minutes to watch “What Is PKI?”:
So let’s go back to “The Internet Is Broken.”
If the internet is indeed a highway, that is, an outdoor public transport system, then do we blame a highway for problems we encounter when we hold our meetings, keep our files, and let our kids hang out by the side of a busy highway?
Of course in the physical world we would do those things in those bounded indoor accountability spaces – those things we call buildings.
So where are the digital buildings?
There is the real answer to why “the internet is broken.” It’s not broken at all! The highway does its job extremely well, facilitating the transport of packet vehicles with incredible speed and accuracy.
It’s what happens when those packet vehicles get to their destination that’s the problem. The contents of the vehicle, whether it’s a representation of a person in an interactive session, or pieces of a file, or a forum message, are simply dumped onto the surface of the parking lot because there is no PKI building, no accountability space, for them to enter.
So if PKI is so good why don’t we see it everywhere?
Actually we do see bits and pieces of PKI everywhere.
Most sites these days use SSL / TLS, which means they use bits and pieces of PKI.
Blockchain and its NFTs and smart contracts and cryptocurrencies use bits and pieces of PKI.
But just as a pile of the world’s best construction materials is not a building, bits and pieces of PKI are not a PKI facility.
Think about SSL/TLS. The site must have a site certificate right?
So who issues the certificate?
Some years ago my friend and colleague Wes Kussmaul invested in a commercial certification authority. We’ll get back to the implications of that in a moment but for now let’s dwell for a moment on those words “commercial certification authority.” Doesn’t that sound like
Joe’s Pawn Shop, featuring Payday Loans, Driver’s Licenses, Passports and Birth Certificates. 20% off Special – buy today!!!
Think I’m stretching things? Just take a look at these ads for site certificates
Can you imagine if the world worked like this?
Now for good reason we live in a world that is high on decentralization. Institutions like national and regional governments and Silibandia companies (Silibandia = Silicon Valley + the broadband and media industries) have abused their access to our personal information and have had a lot to do with the problems we’re addressing here. For the most part this impulse toward decentralization is healthy.
Except when it isn’t.
Lawrence Lundy-Bryan is a prominent member of the Outlier Ventures team, whose investment focus is blockchain and Metaverse – oriented startups. So Lawrence is a big fan of decentralization. But here is what he has to say about one form of decentralization:
“There is no such thing as decentralized governance.”
Let’s go back to that commercial certification authority that Wes invested in. He had made that investment largely because of the company’s reputation for integrity, a much-needed quality in the issuance of site certificates.
Because of that integrity the company steadily gained market share in the business (!) of site certificates. You could say that it had developed an integrity asset.
Then the company put itself up for sale, somewhat to the apprehension of minority stockholders like Wes.
Ask yourself: who is likely to want to buy a business that has a particularly valuable asset? Who is likely to offer the highest price for that business with the integrity asset?
Why of course, it would be a buyer who lacks that asset, right?
The likely buyer of a business with an integrity asset is a business that does not have an integrity asset.
And that is exactly what happened. The buyer wanted to issue fraudulent site certificates – but those site certificates would need to be recognized by all the popular browsers. The sold company’s root certificates were honored by all the browsers because, again, integrity.
Then, very soon after the sale of the business the new owner started their funny business backdating certificates and other nefarious practices. Shortly after that the browser makers dropped the company’s root certificates. Nanoseconds after that, users of the tens of thousands of websites whose authenticity was attested by the now-worthless certificates started getting those ugly and scary “Don’t trust this site” messages. The owners of those sites had a lot of ‘splainin’ to do about things that were not their fault.
Folks, the reason why birth certificates and driver’s licenses and passports and licenses for professional structural engineers and doctors etc. are issued by municipalities and other forms of duly constituted public authority is simple: a municipality cannot be purchased. A municipality is owned by its residents. Companies can be purchased. In the early days of the Web, some shady types purchased the bankrupt etailer Toysmart in order to use its customer information in ways that totally violated its privacy policy. Because that’s the sort of thing that shady types do. Rather than investing years of effort building a company with a reputation they buy failing but reputable companies on the cheap and milk their assets.
Again decentralization is good; but again, “There is no such thing as decentralized governance.”
If you think about it, the most participatory and least manipulative form of public governance is exhibited by municipalities. Largely, that’s because the governed are physically close to the source of governance. Really, cities are governed by the activists who have the time and energy and smarts to show up for hearings and to pester the mayor and council members about taxes and regulations and infrastructure and potholes. Yes, there are insiders who get more than their share of favors, but it’s nothing like the Machiavellian goings-on in the provincial, state and national governments that are isolated from their constituents not just by physical distance but by layers of representation.
And then there’s this. Certainly corruption can be found in municipal government, but those who work at the actual desks where certificates are signed implicitly understand that their salaries ultimately come from one thing: the fact that their certificates mean something – that they represent real duly constituted public authority. If they were to do things that erode confidence in that authority then they are eroding their own source of income.
And that is why the Osmio certification authority takes the form of a municipality. The City of Osmio issues individual identity certificates not site certificates or machine certificates, etc. Someday, the contents of websites will be signed by a (well paid) site signing officer, a professionally licensed human being who like our structural engineer assumes personal responsibility and liability for the claim that the site represents their client accurately.
Take a look at https://osmio.ch. (The .ch domain represents Switzerland; the CA server is in Geneva.) Watch the video entitled The Right Way To Certify – its thumbnail is on the right side of the page.
Also take a look at https://governance.osmio.chto get an idea how participatory governance will make a big difference in the way things are done.