Petnames

by Peter Saint-Andre

2005-07-07

Thanks to a link over at the Financial Cryptography blog, I've found an intriguing exposition by Marc Stiegler of petnames. It turns out that the contact lists (Jabber rosters, AIM buddy lists, etc.) in your typical IM system provide a pretty good foundation for petname systems. In particular, petname systems differentiate between three things:

  1. An address, ID, or "key" (which is globally unique and unforgeable)
  2. A friendly nickname (which is memorable and global)
  3. A personal petname (which is memorable and secretly unique)

In XMPP, my Jabber ID (stpeter@jabber.org) is globally unique and close to unforgeable (given server dialback, emerging use of TLS for server-to-server connections, address verification at the server level, etc.). My nickname (stpeter) is memorable and global (or would be if I published it explicitly) but it is not globally unique. A person's petname for me (I call it a "handle") is how they have tagged me in their roster via the 'name' attribute (see RFC 3921) -- maybe they call me "Patron Saint of Jabber", "psa", or "Peter SA", "that guy who annoys me so much", or whatever they like. So we have all the elements for a petname system here. There are only a few things we need in order to strengthen the system:

The benefits would be a naming system that is simultaneously global, secure, and memorable. We're pretty close to that already, but we need a few more bits to put us over the top.


Peter Saint-Andre > Journal