CDR: Re: Public Key Infrastructure: An Artifact...

Thu Nov 16 19:01:24 PST 2000

On Thu, Nov 16, 2000 at 08:11:25PM -0600, Mac Norton wrote:
> 
> Of course not. Unilateral offers can be made to a defined class
> of persons and accepted by action thereon. An old principle, but
> valid still.
> MacN
> 
> On Thu, 16 Nov 2000, Greg Broiles wrote:
> > > >
> > > > It has been conventional wisdom that, for e-commerce to fulfill its
> > > > potential, each party to a transaction must be confident in the identity of
> > > > the others.

The quoted text isn't mine - but, to further expand on Mac's comments,
it's not even necessary that the offeror's identity be clear to potential
acceptors. It's quite likely that many people and organizations are 
wrong about the assumptions they make about identity - you may think
you've bought fast-food from McTacoKing, but it turns you you purchased
food from an out-of-state corporation that's a franchisee of another
out-of-a-different-state corporation who licenses out their recipes and
trademarks to different people. 

This ambiguity may go both directions - the local McTacoKing may 
purchase services (like, say, carpet cleaning, or drain cleaning) from
yet another locally-held but distantly-registered corporation who's just 
a franchisee/licensee of widely-recognized trademarks in those fields.

It's easy to be sloppy and say that transaction represents a contract
between McTacoKing and DrainSuckers - but that's not true at all. 

It's rare for people to even bother asking about niceties like business
form (corporation vs. LLC vs. partnership vs. whatever), much less
actually bother to figure out whether what's represented is really 
true - nobody bothers to call the Secretary of State and ask if the
business called "X, Inc." really is a corporation, really is registered,
really does have officers, etc., until people start using the words
"million" or "billion". Trillions of dollars in small transactions
take place without any attention at all paid to identity, in a 
legally significant sense - people do pay attention to trademarks, 
but those have only a slight relationship to the legal entitites 
involved.

Even moderately sized-organizations find it useful to divide their
operations into a number of legal entities, which may have common
owners or have parent/subsidiary relationships - but invariably they
hide that complexity behind a nice shiny trademark, because it's 
just distracting for people to think that "barnesandnoble.com" isn't
really the same company as the people who run the bookstore down
the street - or that the UPS who ships the books that the online
entity sells you isn't the same UPS who sells the online entity the 
insurance on the safe delivery of that package. It's distracting
to think that the entity which places a taxicab company ad in the
yellow pages (which have the same logo as the local phone company, 
but are actually a separate corporation) isn't paid for by the
corporation which owns the taxi which drives customers around, which
isn't the same as the person who's driving, and may not even be
the same company as the one which holds the taxi medallion. 

And who wants to think about the (lack of) identity between different
banks and insurance companies who operate under the same trademarks
and in the same office space? If you've got a savings account in
a Bank of America branch in California and a checking account in
a Bank of America branch in Oregon and a mutual fund account in
a Bank of America branch in Oregon, how many different entities have
you opened accounts with? 1? Bzzt! 3, or at least that was true 
before Congress clobbered the Glass-Stegall Act last year.

Does that bother the people who cheerfully issue domain names and
X.509 certs to various of these different entities? Nope. Does it
bother consumers? Nope. Nobody cares, just like nobody cares that
individual identities are pretty fluid, too, given that one name
can be reused across many different meat things, and a single meat
thing may, perfectly legally, use a number of different identies.
The relationship between meat-world entities (including their
cousins, the entities created by registration with governments or
by mutual agreement of participants) and text strings like 
"John Smith" or "Bill Clinton" or "Bank of America" is 
not one-to-one but many-to-many, and that's not going to change. 
The legal system is accustomed to this ambiguity, and deals with
it as necessary.

Efforts to "fix" this and force people or corporations to identify
in some enforceable way the underlying legal entities involved in
a transaction are doomed to failure. The flexibility inherent in
the ambiguity is important to getting things done - it's not a
bug, it's a feature.

--
Greg Broiles gbroiles at netbox.com
PO Box 897
Oakland CA 94604