For many of us, the allure of the Macintosh started with the feeling that our use, support, and evangelism really could change the world. That was certainly true for me and for Tonya, and I watched her interest in the Mac, and then in HTML, fade somewhat as it became harder for her to see how her actions made a difference. I’ve retained that desire, but it has been hard to keep the same level of enthusiasm as TidBITS has shifted from being the only online Macintosh publication to working hard at standing out from an increasingly large pack of Macintosh news sites.
But I’ve come across a new technology that I’ve found so compelling that I’ve gone beyond my usual role of analyzing its implications and become involved at the most fundamental level. The technology is called XNS, for eXtensible Name Service, and along with everything I do related to TidBITS, I’m now serving as president of an independent non-profit governance organization called the XNS Public Trust Organization. I firmly believe that if this technology is successful – always a crapshoot on the Internet – it will influence the lives of every Internet user and the operations of every Internet company and organization. Big words, I know, but I’ve put vast amounts of my time and energy into backing them up.
What Is XNS? The Internet is good at many things, including publishing, file distribution, shopping, and research, all of which are about information access. But where the Internet has faced troubles, and often performed worse than the real-world analogues, is in the field of information exchange. Filling in forms is harder than swiping credit cards, an ever-increasing number of people have concerns about online privacy, spam fills our email, our naming systems are confusing and increasingly creaky, and our constant email address changes cause fits for both individuals and businesses alike.
Developed by Seattle startup OneName Corporation, XNS is a globally distributed platform aimed at simplifying the exchange of information over the Internet and giving individuals privacy protection for their personal data. At its base, XNS integrates communication agents with a next-generation naming system. It’s based on open Internet standards and, once the source code is prepped and the open source license established by a working group, everything will be available as open source. Along with the advantages of a pure Internet technology, XNS offers a variety of benefits, some directly financial, to businesses. And what really sets XNS apart from other technologies that have come down the pike is the independent, community-driven governance from the XNS Public Trust Organization, known as XNSORG.
Let’s dive in, starting with some of the benefits of having an XNS agent working for you, and then moving on to the details of how it works.
XNS Agent Features — XNS is a platform, and an open source one at that, so the features I describe below are just those that are available or possible now. As more people and businesses register XNS names and as the technology moves forward, many additional features will present themselves. Also, there’s no question that individual companies have previously offered products or services with features like XNS, but they’ve essentially all been one-trick ponies with little or no room to abstract their technology to provide additional capabilities. Note too that, with one exception, all these features are provided at the server level, so you can use them on any platform and on multiple computers – you don’t have to download anything.
Universal address. Unlike a snail mail address, telephone number, or email address, an XNS name is permanent and never needs to be changed. Think of it as a container for all your other contact information (including as many instances as you like of telephone number, email address, or even company, though you don’t have to enter any information other than email address initially). If you give someone your XNS name, they can always access the most current contact information that you’ve chosen to share with them. But since XNS names must all be unique, I encourage everyone to visit the site below and sign up for the name you want (read on for the minimal restrictions). One XNS name is free for life to each of the first million registrants ($12 per year thereafter). It’s equally important for businesses to reserve their names; the cost there is currently $100 per year for registration with the possibility of some amount added on as an agent hosting fee (probably a small yearly per link fee for businesses over a certain size).
It’s worth noting that the massive interest in XNS has initially swamped OneName’s registration servers co-located at LogicTier, a high-capacity hosting company. If you’re not worried about your name being taken, it might be less frustrating to wait briefly until performance improves.
Permanently synchronized electronic business cards. Every business meeting begins with the ritualized trading of business cards. By the time you need someone’s card, it’s often out of date. XNS electronic business cards – e-cards – contain as much or as little of your personal data as you choose to share, but once you’ve shared an e-card with someone else in the XNS community, those cards are permanently linked. If you update any piece of information, the change will automatically be reflected in shared copies. OneName has also created an ActiveX control for Internet Explorer 5 for Windows that synchronizes electronic business cards with the Microsoft Outlook, Outlook Express, and Netscape address books. Although that "special agent," as it’s called, works only with Windows, it will be open source, so I hope Mac programmers will quickly produce similar utilities.
Elimination of spam. Most spam filtering today relies on a blacklist approach that tries to identify messages as spam. More effective is a whitelist approach, which instead identifies messages that are almost certainly not spam, since they come from known senders. The general problem with whitelists, however, is that they make it too hard for legitimate people to get through to you. The server-side XNS email filter (your ISP must install the XNS email filter for you to use this feature) improves the whitelist approach by suspending any message from an unknown person, and then replying with a "privacy contract." For XNS 1.0, that reply simply asks the sender to agree that the suspended message isn’t spam, that the sender won’t send spam in the future, and that the sender won’t use your email address for commercial purposes (in the future, you’ll be able to specify your own terms). The sender can agree to your legally enforceable privacy contract by filling out a simple email form or by clicking a link. Then the agent adds the sender to your whitelist and releases the suspended message. The vast majority of spam uses bogus return addresses, so all of that will go away, and any live spammers who reply open themselves up to the XNSORG dispute resolution process. You can also create special "private email addresses" that bypass the auto-reply for particular situations, certain people, or automated message systems. Should a private email address start receiving spam, you can create a new one and make the old one public so it uses the auto-reply spam filter.
Single sign-in. We all have a myriad of usernames and passwords to remember, and even those who have tried to be consistent with passwords have to deal with some sites asking for usernames and others for email addresses. XNS holds the promise of a single sign-in at any XNS-savvy Web site; your universal address and password are all that’s needed. It will be some time before most Web sites support XNS, but encouragement from users will help drive adoption.
Although the features above are significant, they’re only the tip of the iceberg revealed by agent-negotiated synchronized links protected by privacy contracts. For instance:
It could become trivial to change your email address and have all your mailing list subscriptions automatically updated.
Registration cards could be replaced by agents built into software programs, resulting in permanent, privacy-protected links between companies and their users.
Electronic business cards stored at your agent could become the centralized address book for synchronizing contact information to multiple computers, handheld devices, or telephones. (In the near future, you’re likely to see auto-fill forms appear on the mini-browsers in mobile phones and handhelds, since entering data is so hard on those devices).
There’s no reason data must be limited to contact information in the future. For example, the health care world is extremely interested in ways to let physicians access agent-maintained prescription records as a way of avoiding harmful drug interactions – again, XNS agents would let this happen in a system where the patient would choose precisely what information to share with whom, and it would be protected by the privacy contracts embedded in every link. Frankly, the possibilities truly are dizzying, and since we’re talking about an open source platform governed by an independent non-profit, concerns about relying on a single company to succeed – or about concentrating power in an entity whose base goal is to provide value for shareholders – are minimized or eliminated.
Enough about the benefits, though. Let’s look at how the technology offers these features.
Agents — When you order something from an ecommerce site, you’re not communicating with a live person but instead with a server, a program acting as an agent for the site. That’s an advantage while you’re selecting items to purchase, but when it comes time to check out, you must enter all your purchasing information manually, or access purchasing information the company has stored from a previous transaction (and good luck trying to edit or update it!). Even if you use a tool like Internet Explorer’s AutoFill feature, the burden is still on you to manage the form or manage the data individual merchants keep on file.
XNS’s web agent technology evens the playing field, giving you an agent that automatically talks to the agents representing Internet sites. Your agent supplies only information you’ve agreed to disclose, and only discloses it under terms you’ve specified. It’s a bit like saying, "I’ll have my people work with your people." Your XNS agent works on your behalf to negotiate information exchanges with other XNS agents.
What’s in these information exchanges? As you might expect from its name, XNS is based on XML, or eXtensible Markup Language. Despite structural and semantically oriented tags like H1 and CITE, the browser wars of the late 90s essentially hijacked HTML and turned it into a display language with tags for specifying fonts, line breaks, and the like – and this is the base-level HTML we’re still stuck with today. XML, in contrast, is all about structure – tags describe the type of content they enclose, and anyone can create their own tags. As an example, those of you using Eudora 5.0 can look at the Eudora Statistics.xml document that Eudora uses to store data about your email use, which has only tags that describe content, such as <STARTTIME> and <RECEIVEDMAIL>. So what XNS agents transfer around are actually XML documents.
XNS agents go beyond just exchanging information, though. Whenever an XNS agent communicates with another XNS agent, the two can (but aren’t required to) form a permanent, bidirectional link. That link can even be active, meaning that information can continue to flow back and forth over it as needed. Combine these two concepts and you see that once they’ve created a link, XNS agents can synchronize data that changes on either side of the link. That’s how the automatically updating electronic business cards work.
All communications between agents currently use HTTP (HyperText Transfer Protocol), just like Web browsers, with the addition of SSL (Secure Sockets Layer) security to prevent snoops from sniffing your traffic for credit card numbers or the like. Additional security is provided by standards that XNSORG will set down regarding operational requirements for XNS agencies, which are the server sites that host XNS agents.
Names — What about this next-generation Internet naming system I mentioned? In a system where there could be literally hundreds of millions of these XNS agents, how can these agents find each other? In short, an XNS name identifies an XNS agent.
Our existing naming schemes are at the same time complicated, limited, and rife with intellectual property concerns. Few people would defend the current hierarchical domain name system (DNS) as easy to use for non-technical people; something like 98 percent of common English words have been registered in the .com top-level domain; and we’ve all seen the battles over who gets addresses like mcdonalds.com. XNS solves each of these problems.
Simplicity. XNS names can be as simple as your first and last names, prefixed with a single character (described below). There’s no complicated syntax necessary. For instance, my XNS name is =Adam Engst. You can register multiple names, though only the first one is free for the initial million registrants. (Actually, you also automatically get a free XNS name based on your email address, so [email protected] also works for me. This turned out to be necessary so people could sign up without providing any personal information other than email address. But there’s no reason to stay with a name that’s likely to stop corresponding with your current email address at some point.)
Numerous possibilities. Names in XNS can be up to 64 characters long, and each character can come from the Unicode character set, meaning that there are 1,024 possible combinations for each position, and it’s as internationally savvy as possible at the moment. There are only three restrictions. First, every name must be unique. Second, although you can use spaces and punctuation (other than /@=+), only letters and numbers count for uniqueness. Third, letters are not case-sensitive. Although all names must be unique, a future enhancement to the system will provide for aliases, so if you had to accept =JohnSmith8534 as your XNS name, you’ll still be able to create an alias of =JohnSmith so people using an XNS-enabled directory can still find you (presumably with the help of other information about you).
Avoiding trademark problems. XNS provides three "namespaces" for personal, business, and general names. Personal names (prefixed with =) are intended to be registered by individuals, have no intellectual property rights, and cannot be transferred (for money or otherwise). Anyone registering a business name (prefixed with @) asserts intellectual property rights in that name (either existing or intended), and business names can be bought and sold. Name speculation is expressly forbidden to prevent cybersquatting. Only XNSORG can register general names (prefixed with +), which are common words that no one should be allowed to control to the detriment of others in the XNS community.
Agencies — I said before that your agent is hosted by an XNS agency. There are essentially three types of agencies: the single root agency maintained by OneName, public agencies, and private agencies. The root agency works much like the top-level DNS registry maintained by Network Solutions; name information may be cached at lower levels of the system, but the root is always the final word on location. That’s where the comparisons between XNS and DNS start to break down. In DNS, only recently have companies other than Network Solutions been allowed to register domain names. In XNS, however, the root agency registers only public and private agencies, and those public and private agencies not only host agents, they serve as registrars of new agents.
Most people are likely to interact primarily with a public agency, since the organizations that will want to run public agencies include ISPs, portals like Yahoo, email providers like Pobox, and even large universities. Although a public agency may restrict its agent hosting services to a specific audience (such as students, staff, and faculty at a university), they’re open to anyone in that group. Most importantly, anyone who registers an agent with a public agency owns that agent. Public agencies register and host agents on behalf of others.
Contrast that with private agencies, which will be run primarily by large businesses or government organizations. They too serve a specific audience, but as with corporate email accounts today, agents hosted by a private agency are owned by the private agency. Private agencies register and host agents on behalf of themselves, and the agents don’t go so much with an individual, but with a job position.
There are several reasons an organization might want to operate an agency (which isn’t likely to be cheap due to the computers and bandwidth necessary). Initially, the most important reason will be service. XNS provides attractive features (especially the spam blocking) which folks using ISPs, portals, and email providers will want, and providing those features should help those businesses reduce the hugely problematic customer churn. The XNS business model should also be attractive: currently, fees for registering personal names and business names are $12 and $100 per year, and it’s likely that large businesses relying on XNS for synchronized links with customers will also pay some small yearly per-link fee. Name registration revenue is shared between the registering agency and the root agency, and link revenue is shared equally three ways, with a third each going to the agency hosting the customer’s personal agent, the agency hosting the vendor’s business agent, and the root agency.
Privacy — One major problem with privacy abuses is that they’re inherently not technical concerns. Once you give some company your snail mail address for a legitimate reason, such as to receive an order, they have your address and there’s nothing you can do to prevent them from sending you junk mail. The same is true in spades for spam. Social pressure to act responsibly clearly doesn’t work on anyone intent on abusing privacy via snail mail, telephone, or email. And legislation, although it could solve these problems, is generally slow, heavy handed, rife with its own problems, and drafted in a manner that isn’t particularly representative – and that’s leaving aside the fact that laws would need to be consistent across national boundaries. Plus, living in Seattle as I do, it’s pretty clear that international non-governmental organizations like the WTO, which generated tremendous protests during its meeting here last year, aren’t the answer.
The other notable problem with encouraging people to protect their privacy is that – as I noted in my retelling of Neal Stephenson’s keynote at the Computers, Freedom, and Privacy 2000 conference – the amount of effort necessary to protect privacy today is often greater than the perceived risk. I don’t turn off cookies because, frankly, browsing the Web with them off is more of a pain than it’s worth to me.
Drummond Reed, the founder and CTO of OneName, recognized these issues when designing the foundation of XNS. His solution was not to try to prevent privacy abuses technically, but instead to create an internally consistent system that automatically builds legally enforceable privacy contracts into every link without user intervention. To use XNS, everyone must agree to a registration agreement that sets down the basic requirements of privacy protection. The specific terminology reads:
"All REGISTRANTS of all XNS AGENTS and AGENCIES agree that a principal purpose of XNS REGISTRATION AGREEMENTS is to establish a web of trust in which all MEMBERS of the XNS COMMUNITY agree to respect, protect, and enforce the right to privacy, security, and accountability of all other MEMBERS."
The XNS Global Terms also make it clear that it’s acceptable to be anonymous or pseudonymous in situations where you’re not claiming a true legal identity as long as you aren’t knowingly misrepresenting yourself as another person.
But what’s really meant by "legally enforceable?" Recognition of contracts is relatively standardized worldwide, and if an XNS privacy contract is broken, the aggrieved party can file a complaint and start working through the dispute resolution process that XNSORG has created and that will undoubtedly evolve over time. Our goal was to create a system with a low barrier to entry (you shouldn’t have to pay a lot to complain about a privacy violation) and that attempts to exhaust simpler methods of resolution before finally ending up at binding arbitration, which will undoubtedly cost a bit.
The XNSORG dispute resolution system is in fact designed to handle any XNS-related complaints, though we anticipate the primary complaints being privacy violations and business name registration disputes. We’ve tried to head off as many of those as possible by building in anti-cybersquatting provisions, but some will undoubtedly still arise.
XNSORG’s Role — As is probably becoming clear, the key to all of this really is XNSORG. Few people would trust any company with control over the kinds of information an XNS agent is likely to hold, and if trying to resolve a dispute required fighting a corporate legal department, it would be a complete non-starter.
That’s why Drummond ensured that OneName licensed its intellectual property rights to XNSORG, which he and I and two others set up as an independent non-profit. The work of setting up the organization and negotiating license and registration agreements with OneName has been huge already, and it’s just going to grow as XNSORG takes on the tasks of working to explain XNS, handling disputes, coordinating the open source code base, setting and maintaining the technical and operational standards to which agencies must adhere, and so on.
Although my role has been totally hands-on during the bootstrap phase of XNSORG, I anticipate being able to concentrate more on policy issues in the future, since it’s clear that XNSORG will need a staff to handle day-to-day operations. Our funding model should support this – a fixed amount of about 1.7 percent of each personal and business name registration goes to XNSORG. Because those numbers are fixed, we’re unaffected by pricing changes or promotions (such as the first free million personal names) that may take place.
But more importantly, we intend XNSORG to be both representative of and composed by the XNS community. It’s pure hubris to assume that we – or anyone – could establish a legal and governance framework that would adequately serve today’s needs, much less those of the future. As a result, we’ve been careful to keep XNSORG and our legal infrastructure flexible and expandable, and now that we’ve taken the wraps off XNSORG, it’s time to start inviting people to come in, learn about XNS, and help evolve the system in the direction the entire community wants it to grow. You can start, if you like, by checking out the mailing lists we’re hosting. From those lists, we anticipate spinning out additional lists on specific topics and starting to create formal working groups.
Obstacles for XNS — I’d be remiss if I didn’t address some of the significant obstacles XNS faces.
It’s possible people aren’t actually bothered by the way things are on the Web (and in their lives) in terms of information exchange and privacy. If so, XNS will fail.
XNS may not capture enough trust to succeed. Instead of being viewed as a cool technology that protects your privacy, it may be seen as a single point of failure. After all, if an agent carries confidential information, having your password stolen could be disastrous. (OneName is not allowing agents to have easily guessed passwords, but they can’t prevent users from storing those passwords in insecure ways.)
Microsoft (or some other large company) could try to crush XNS by exercising its considerable muscle in a variety of ways. The classic FUD (Fear, Uncertainty, and Doubt) approach has served many large companies well in the past and could again here.
Although there are very smart people working on the technical infrastructure, if problems crop up with data integrity or on-going performance, XNS could end up being too much trouble to use.
If no one steps forward to help with XNSORG’s tasks, we’ll be faced with a situation where there’s too much work to do and whatever is done could be criticized as coming from a non-representative body. In short, apathy and a desire to criticize without participating could seriously hamper XNSORG’s efforts.
A Social Contract for the Internet — I’m sure there are plenty of other obstacles XNS will face, and although I certainly hope it survives, I won’t pretend that it’s a sure thing by any means. I do believe XNS offers great promise for solving some of the serious problems we face on the Internet today, and I hope the extent to which I’ve committed my energies to helping it succeed conveys how important I believe it could be. It takes time to understand XNS fully, and all I ask is that you consider it with an open mind.