Previous Issue | Search TidBITS | TidBITS Home Page | Next Issue

TidBITS Logo


Aside from the releases of PageSpinner 3.0 and MRJ 2.2.3 and news of Apple's licensing of Amazon's 1-Click patent, this issue is devoted to explaining XNS, a new Internet technology platform, and XNSORG, the independent non-profit tasked with maintenance of the XNS standard and governance of the XNS community. It's worth a look. (Please note: no issue next week!)


Copyright 2000 TidBITS Electronic Publishing. All rights reserved.
Information: <> Comments: <>

This issue of TidBITS sponsored in part by:


No Issue Next Week -- We're taking the next issue of TidBITS off to recover from finalizing several major projects with some family vacation plans next week. We'll continue to post breaking news on our Web site and discussions in TidBITS Talk will keep humming along. Look for our next issue on 09-Oct-00. [ACE]

MRJ 2.2.3 Oracle Certified, Caches Java Archives -- Apple has released Macintosh Runtime for Java 2.2.3, the latest version of its Java virtual machine. MRJ 2.2.3 includes bug fixes and performance improvements, reduces memory usage for Java applications that run for long periods of time, and offers better support for applets with double-byte file names. When using Internet Explorer 5, MRJ 2.2.3 is Gold Certified for use with Oracle Applications 11i, and Bronze Certified when used with Oracle Developer 6i, which makes the Macintosh slightly less irrelevant in an Oracle-driven enterprise environment. MRJ 2.2.3 also intelligently caches Java archives (JAR files) which contain segments of code used by Java applications. MRJ 2.2.3 will keep up to 100 MB of Java archives on your local hard disk; when you re-launch the Java applications, MRJ will ask if the JAR files have been updated and only download newer versions; this could save time re-starting Java programs. MRJ 2.2.3 still supports only Sun's JDK 1.1.8 specification rather than the now-standard Java 2. MRJ 2.2.3 is a 4.7 MB download, and is also available via Mac OS 9's Software Update control panel. MRJ 2.2.3 requires a PowerPC-based system with at least 40 MB of RAM running Mac OS 8.1 or better. [GD]


PageSpinner 3.0 Enhances HTML Editor -- Optima System has released PageSpinner 3.0, beefing up the HTML editor with new features and better support for multiple markup languages. (See our review of PageSpinner 2.1 starting with "Spinning the Web, Part 1: Trade-offs and PageSpinner" in TidBITS-384.) The new version now recognizes HTML 4.0 and XHTML 1.0 tags, includes a built-in HTML checker, and improves support for Web pages created in graphical HTML editors. PageSpinner 3.0 also enables direct editing of files stored on FTP servers, and includes commands for working with server side includes. PageSpinner 3.0 is a free upgrade for registered users of version 2.0 and higher; otherwise, the program costs $30. The new version, a 1.9 MB download, can be used as a demo for 21 days. [JLC]


Apple Licenses 1-Click from -- Apple announced that it has licensed's controversial 1-Click ordering patent for use at the online Apple store. Apple is the first company not affiliated with to license the patent. After you sign up for 1-Click ordering, which stores personal billing and shipping information on Apple's servers, you can buy items without going through the typical multi-step ordering process. Although many online retailers offer a variation of 1-Click ordering, Amazon was granted a patent on its implementation in February 2000 (see " Awarded Affiliate Program Patent" in TidBITS-520). Other online merchants and industry figures, such as publisher Tim O'Reilly, have criticized the patent. Apple's license also includes the use of the 1-Click trademark, and is no doubt as much of a marketing opportunity as an improvement to its online ordering. [JLC]


Poll Results: Teneration X -- Apple has made it clear that the official pronunciation of the X in Mac OS X is "Ten," and not "Ex." But it's going to be interesting to see if Apple backs down on that over time, since a full 53 percent of the 1,300 respondents to last week's poll claim they most commonly say "Mac OS Ex" when talking about Apple's forthcoming operating system. Apple will face an uphill battle in insisting on proper pronunciation, but at least the confusion inspired Shannon Spires to post an "X on X" spoof of the famous Abbott and Costello "Who's on First?" sketch to TidBITS Talk. [ACE]


Poll Preview: One Address for Life? This week marked the launch of XNS, a potentially compelling Internet technology coupled with independent non-profit governance. We're devoting the rest of the issue to explaining what benefits XNS provides and how it works, so after you read through the full description, tell us in this week's poll if you think XNS will succeed. [ACE]


Introducing XNS and XNSORG

by Adam C. Engst <>

For many of us, the allure of the Macintosh started with the feeling that our use, support, and evangelism really could change the world. That was certainly true for me and for Tonya, and I watched her interest in the Mac, and then in HTML, fade somewhat as it became harder for her to see how her actions made a difference. I've retained that desire, but it has been hard to keep the same level of enthusiasm as TidBITS has shifted from being the only online Macintosh publication to working hard at standing out from an increasingly large pack of Macintosh news sites.

But I've come across a new technology that I've found so compelling that I've gone beyond my usual role of analyzing its implications and become involved at the most fundamental level. The technology is called XNS, for eXtensible Name Service, and along with everything I do related to TidBITS, I'm now serving as president of an independent non-profit governance organization called the XNS Public Trust Organization. I firmly believe that if this technology is successful - always a crapshoot on the Internet - it will influence the lives of every Internet user and the operations of every Internet company and organization. Big words, I know, but I've put vast amounts of my time and energy into backing them up.


What Is XNS? The Internet is good at many things, including publishing, file distribution, shopping, and research, all of which are about information access. But where the Internet has faced troubles, and often performed worse than the real-world analogues, is in the field of information exchange. Filling in forms is harder than swiping credit cards, an ever-increasing number of people have concerns about online privacy, spam fills our email, our naming systems are confusing and increasingly creaky, and our constant email address changes cause fits for both individuals and businesses alike.

Developed by Seattle startup OneName Corporation, XNS is a globally distributed platform aimed at simplifying the exchange of information over the Internet and giving individuals privacy protection for their personal data. At its base, XNS integrates communication agents with a next-generation naming system. It's based on open Internet standards and, once the source code is prepped and the open source license established by a working group, everything will be available as open source. Along with the advantages of a pure Internet technology, XNS offers a variety of benefits, some directly financial, to businesses. And what really sets XNS apart from other technologies that have come down the pike is the independent, community-driven governance from the XNS Public Trust Organization, known as XNSORG.

Let's dive in, starting with some of the benefits of having an XNS agent working for you, and then moving on to the details of how it works.

XNS Agent Features -- XNS is a platform, and an open source one at that, so the features I describe below are just those that are available or possible now. As more people and businesses register XNS names and as the technology moves forward, many additional features will present themselves. Also, there's no question that individual companies have previously offered products or services with features like XNS, but they've essentially all been one-trick ponies with little or no room to abstract their technology to provide additional capabilities. Note too that, with one exception, all these features are provided at the server level, so you can use them on any platform and on multiple computers - you don't have to download anything.


It's worth noting that the massive interest in XNS has initially swamped OneName's registration servers co-located at LogicTier, a high-capacity hosting company. If you're not worried about your name being taken, it might be less frustrating to wait briefly until performance improves.


Although the features above are significant, they're only the tip of the iceberg revealed by agent-negotiated synchronized links protected by privacy contracts. For instance:

There's no reason data must be limited to contact information in the future. For example, the health care world is extremely interested in ways to let physicians access agent-maintained prescription records as a way of avoiding harmful drug interactions - again, XNS agents would let this happen in a system where the patient would choose precisely what information to share with whom, and it would be protected by the privacy contracts embedded in every link. Frankly, the possibilities truly are dizzying, and since we're talking about an open source platform governed by an independent non-profit, concerns about relying on a single company to succeed - or about concentrating power in an entity whose base goal is to provide value for shareholders - are minimized or eliminated.

Enough about the benefits, though. Let's look at how the technology offers these features.

Agents -- When you order something from an ecommerce site, you're not communicating with a live person but instead with a server, a program acting as an agent for the site. That's an advantage while you're selecting items to purchase, but when it comes time to check out, you must enter all your purchasing information manually, or access purchasing information the company has stored from a previous transaction (and good luck trying to edit or update it!). Even if you use a tool like Internet Explorer's AutoFill feature, the burden is still on you to manage the form or manage the data individual merchants keep on file.

XNS's web agent technology evens the playing field, giving you an agent that automatically talks to the agents representing Internet sites. Your agent supplies only information you've agreed to disclose, and only discloses it under terms you've specified. It's a bit like saying, "I'll have my people work with your people." Your XNS agent works on your behalf to negotiate information exchanges with other XNS agents.

What's in these information exchanges? As you might expect from its name, XNS is based on XML, or eXtensible Markup Language. Despite structural and semantically oriented tags like H1 and CITE, the browser wars of the late 90s essentially hijacked HTML and turned it into a display language with tags for specifying fonts, line breaks, and the like - and this is the base-level HTML we're still stuck with today. XML, in contrast, is all about structure - tags describe the type of content they enclose, and anyone can create their own tags. As an example, those of you using Eudora 5.0 can look at the Eudora Statistics.xml document that Eudora uses to store data about your email use, which has only tags that describe content, such as <STARTTIME> and <RECEIVEDMAIL>. So what XNS agents transfer around are actually XML documents.


XNS agents go beyond just exchanging information, though. Whenever an XNS agent communicates with another XNS agent, the two can (but aren't required to) form a permanent, bidirectional link. That link can even be active, meaning that information can continue to flow back and forth over it as needed. Combine these two concepts and you see that once they've created a link, XNS agents can synchronize data that changes on either side of the link. That's how the automatically updating electronic business cards work.

All communications between agents currently use HTTP (HyperText Transfer Protocol), just like Web browsers, with the addition of SSL (Secure Sockets Layer) security to prevent snoops from sniffing your traffic for credit card numbers or the like. Additional security is provided by standards that XNSORG will set down regarding operational requirements for XNS agencies, which are the server sites that host XNS agents.

Names -- What about this next-generation Internet naming system I mentioned? In a system where there could be literally hundreds of millions of these XNS agents, how can these agents find each other? In short, an XNS name identifies an XNS agent.

Our existing naming schemes are at the same time complicated, limited, and rife with intellectual property concerns. Few people would defend the current hierarchical domain name system (DNS) as easy to use for non-technical people; something like 98 percent of common English words have been registered in the .com top-level domain; and we've all seen the battles over who gets addresses like XNS solves each of these problems.

Agencies -- I said before that your agent is hosted by an XNS agency. There are essentially three types of agencies: the single root agency maintained by OneName, public agencies, and private agencies. The root agency works much like the top-level DNS registry maintained by Network Solutions; name information may be cached at lower levels of the system, but the root is always the final word on location. That's where the comparisons between XNS and DNS start to break down. In DNS, only recently have companies other than Network Solutions been allowed to register domain names. In XNS, however, the root agency registers only public and private agencies, and those public and private agencies not only host agents, they serve as registrars of new agents.

Most people are likely to interact primarily with a public agency, since the organizations that will want to run public agencies include ISPs, portals like Yahoo, email providers like Pobox, and even large universities. Although a public agency may restrict its agent hosting services to a specific audience (such as students, staff, and faculty at a university), they're open to anyone in that group. Most importantly, anyone who registers an agent with a public agency owns that agent. Public agencies register and host agents on behalf of others.

Contrast that with private agencies, which will be run primarily by large businesses or government organizations. They too serve a specific audience, but as with corporate email accounts today, agents hosted by a private agency are owned by the private agency. Private agencies register and host agents on behalf of themselves, and the agents don't go so much with an individual, but with a job position.

There are several reasons an organization might want to operate an agency (which isn't likely to be cheap due to the computers and bandwidth necessary). Initially, the most important reason will be service. XNS provides attractive features (especially the spam blocking) which folks using ISPs, portals, and email providers will want, and providing those features should help those businesses reduce the hugely problematic customer churn. The XNS business model should also be attractive: currently, fees for registering personal names and business names are $12 and $100 per year, and it's likely that large businesses relying on XNS for synchronized links with customers will also pay some small yearly per-link fee. Name registration revenue is shared between the registering agency and the root agency, and link revenue is shared equally three ways, with a third each going to the agency hosting the customer's personal agent, the agency hosting the vendor's business agent, and the root agency.

Privacy -- One major problem with privacy abuses is that they're inherently not technical concerns. Once you give some company your snail mail address for a legitimate reason, such as to receive an order, they have your address and there's nothing you can do to prevent them from sending you junk mail. The same is true in spades for spam. Social pressure to act responsibly clearly doesn't work on anyone intent on abusing privacy via snail mail, telephone, or email. And legislation, although it could solve these problems, is generally slow, heavy handed, rife with its own problems, and drafted in a manner that isn't particularly representative - and that's leaving aside the fact that laws would need to be consistent across national boundaries. Plus, living in Seattle as I do, it's pretty clear that international non-governmental organizations like the WTO, which generated tremendous protests during its meeting here last year, aren't the answer.

The other notable problem with encouraging people to protect their privacy is that - as I noted in my retelling of Neal Stephenson's keynote at the Computers, Freedom, and Privacy 2000 conference - the amount of effort necessary to protect privacy today is often greater than the perceived risk. I don't turn off cookies because, frankly, browsing the Web with them off is more of a pain than it's worth to me.


Drummond Reed, the founder and CTO of OneName, recognized these issues when designing the foundation of XNS. His solution was not to try to prevent privacy abuses technically, but instead to create an internally consistent system that automatically builds legally enforceable privacy contracts into every link without user intervention. To use XNS, everyone must agree to a registration agreement that sets down the basic requirements of privacy protection. The specific terminology reads:

"All REGISTRANTS of all XNS AGENTS and AGENCIES agree that a principal purpose of XNS REGISTRATION AGREEMENTS is to establish a web of trust in which all MEMBERS of the XNS COMMUNITY agree to respect, protect, and enforce the right to privacy, security, and accountability of all other MEMBERS."

The XNS Global Terms also make it clear that it's acceptable to be anonymous or pseudonymous in situations where you're not claiming a true legal identity as long as you aren't knowingly misrepresenting yourself as another person.

But what's really meant by "legally enforceable?" Recognition of contracts is relatively standardized worldwide, and if an XNS privacy contract is broken, the aggrieved party can file a complaint and start working through the dispute resolution process that XNSORG has created and that will undoubtedly evolve over time. Our goal was to create a system with a low barrier to entry (you shouldn't have to pay a lot to complain about a privacy violation) and that attempts to exhaust simpler methods of resolution before finally ending up at binding arbitration, which will undoubtedly cost a bit.

The XNSORG dispute resolution system is in fact designed to handle any XNS-related complaints, though we anticipate the primary complaints being privacy violations and business name registration disputes. We've tried to head off as many of those as possible by building in anti-cybersquatting provisions, but some will undoubtedly still arise.

XNSORG's Role -- As is probably becoming clear, the key to all of this really is XNSORG. Few people would trust any company with control over the kinds of information an XNS agent is likely to hold, and if trying to resolve a dispute required fighting a corporate legal department, it would be a complete non-starter.

That's why Drummond ensured that OneName licensed its intellectual property rights to XNSORG, which he and I and two others set up as an independent non-profit. The work of setting up the organization and negotiating license and registration agreements with OneName has been huge already, and it's just going to grow as XNSORG takes on the tasks of working to explain XNS, handling disputes, coordinating the open source code base, setting and maintaining the technical and operational standards to which agencies must adhere, and so on.

Although my role has been totally hands-on during the bootstrap phase of XNSORG, I anticipate being able to concentrate more on policy issues in the future, since it's clear that XNSORG will need a staff to handle day-to-day operations. Our funding model should support this - a fixed amount of about 1.7 percent of each personal and business name registration goes to XNSORG. Because those numbers are fixed, we're unaffected by pricing changes or promotions (such as the first free million personal names) that may take place.

But more importantly, we intend XNSORG to be both representative of and composed by the XNS community. It's pure hubris to assume that we - or anyone - could establish a legal and governance framework that would adequately serve today's needs, much less those of the future. As a result, we've been careful to keep XNSORG and our legal infrastructure flexible and expandable, and now that we've taken the wraps off XNSORG, it's time to start inviting people to come in, learn about XNS, and help evolve the system in the direction the entire community wants it to grow. You can start, if you like, by checking out the mailing lists we're hosting. From those lists, we anticipate spinning out additional lists on specific topics and starting to create formal working groups.


Obstacles for XNS -- I'd be remiss if I didn't address some of the significant obstacles XNS faces.

A Social Contract for the Internet -- I'm sure there are plenty of other obstacles XNS will face, and although I certainly hope it survives, I won't pretend that it's a sure thing by any means. I do believe XNS offers great promise for solving some of the serious problems we face on the Internet today, and I hope the extent to which I've committed my energies to helping it succeed conveys how important I believe it could be. It takes time to understand XNS fully, and all I ask is that you consider it with an open mind.

Non-profit, non-commercial publications and Web sites may reprint or link to articles if full credit is given. Others please contact us. We do not guarantee accuracy of articles. Caveat lector. Publication, product, and company names may be registered trademarks of their companies. TidBITS ISSN 1090-7017.

Previous Issue | Search TidBITS | TidBITS Home Page | Next Issue