Click "Oh yeah?"
How the Web’s inventor viewed security issues a decade ago.
As part of a larger proposed effort to rethink the Internet’s architecture (see “The Internet Is Broken”), Internet elders such as MIT’s David D. Clark argue that authentication – verification of the identity of a person or organization you are communicating with – should be part of the basic architecture of a new Internet. Authentication technologies could, for example, make it possible to determine if an e-mail asking for account information was really from your bank, and not from a scam artist trying to steal your money.
Back in 1996, as the popularity of the World Wide Web was burgeoning, Tim Berners-Lee, the Web’s inventor, was already thinking about authentication. In an article published in July of that year, Technology Review spoke with him about his creation. The talk was wide ranging; Berners-Lee described having to convince people to put information on the Web in its early years and expressed surprise at people’s tolerance for typing code.
But he also addressed complaints about the Web’s reliability and safety. He proposed a simple authentication tool – a browser button labeled “Oh, yeah?” that would verify identities – and suggested that Web surfers take responsibility for avoiding junk information online. Two responses are excerpted here.
From Technology Review, July 1996:
TR: The Web has a reputation in some quarters as more sizzle than steak – you hear people complain that there’s no way of judging the authenticity or reliability of the information they find there. What would you do about this?
Berners-Lee: People will have to learn who they can trust on the Web. One way to do this is to put what I call an “Oh, yeah?” button on the browser. Say you’re going into uncharted territory on the Web and you find some piece of information that is critical to the decision you’re going to make, but you’re not confident that the source of the information is who it is claimed to be. You should be able to click on “Oh, yeah?” and the browser program would tell the server computer to get some authentication – by comparing encrypted digital signatures, for example – that the document was in fact generated by its claimed author. The server could then present you with an argument as to why you might believe this document or why you might not.
…Another common gripe is that the Web is drowning in banal and useless material. After a while, some people get fed up and stop bothering with it.
To people who complain that they have been reading junk, I suggest they think about how they got there. A link implies things about quality. A link from a quality source will generally be only to other quality documents. A link to a low-quality document reduces the effective quality of the source document. The lesson for people who create Web documents is that the links are just as important as the other content because that is how you give quality to the people who read your article. That’s how paper publications establish their credibility – they get their information from credible sources….You don’t go down the street, after all, picking up every piece of paper blowing in the breeze. If you find that a search engine gives you garbage, don’t use it.
Become an Insider to get the story behind the story — and before anyone else.