On 12/31/2021 5:09 AM, John C Klensin wrote:
... I would only observe the similarities between the hierarchy implied by telephone numbers (especially before number portability in many countries, which has improved them as identifiers and created other problem), and the X.500 identifier and certificate plan. I think the bottom line is that one either hands these problems over to governments and their designees (another hierarchy but potentially a rather flat one) or treats them as private (whether intended to e for-profit or not) activities/enterprises. Either lends itself to abuse. Perhaps one of the better ways to evaluate any such system is to consider how it could be abused or attacked and then pick the sort of actual or potential abuses one prefers.
The telephone number hierarchy predates X.500 by a couple decades. Remember when the ITU ruled networking? The default situation was to have exactly one telecommunication provider per country, very often ruled by the government of that country. International calls were routed to the closest international telephone exchange, and from there to whatever provider was servicing the country code, until it reached the entry switch for the designated country. And then, the next digits were used to find the first level telephone exchange, etc., all the way to the subscriber. The telephone network had more-or-less a hierarchical topology, and the telephone numbers represented that hierarchy. The fancy improvements like 800 numbers or number portability came later.
X.500, and also X.400, date from a time when the ITU still believed they ruled networking, when the Internet was barely starting to develop. The names were hierarchical, rooted in a country code. There was a concession to the deregulation happening in some country, so X.400 addresses included an "operator identifier" in the hierarchy, just below the country code. But these were name, not numbers, and they described the properties of the named object, not to the topology of the network.
-- Christian Huitema
