1 2 3 4 5 6

This is an area that will benefit from industry standardization, so that you could choose an organization you already trust and tell your browser to accept only certificates issued by that organization. Or, using IDs issued by an outfit like VeriSign, which issues several classes of certificates, you might want to set the browser to refuse financial transactions in which the other party's certificate isn't, say, level two or better. That kind of setup would build a Web of trust in much the way the Internet itself has grown up; the advantage would be a much tougher cyber-societal fabric than the hierarchical structures most businesses today are used to. Widely accepted digital IDs should also add a layer of convenience: instead of filling out a new form at every Web site and being issued with a new ID and password to forget, you fill out one form once and use the digital ID thereafter. (It's fair to say, however, that any time we try to automate anything we find ourselves frustratedly coming up against the problem that computers just aren't flexible the way humans are. It's easy to imagine a setup where your browser will not let you carry out an urgent transaction because it's one penny over the limit you've set. We will be living in interesting times while that sort of thing gets figured out.)

Another type of central registration scheme with a wholly different purpose in mind is DoubleClick,[8] an advertising network set up early in 1996 when a division of the New York ad agency Poppe Tyson merged with a small software start-up. The result is a network of some thirty sites including those belonging to companies like Intuit and General Electric and advertisers like IBM, Intel, and United Parcel Service. DoubleClick's service offers a demographic twist: the company maintains a database of Internet users that tracks their specific interests. When one of the claimed 6.5 million users in that database lands on a DoubleClick site, the company's software looks up the user's email address and produces customized ads that are supposed to appeal specifically to that user. Advertising companies pay by the number of impressions (hits) delivered, which DoubleClick tracks. Naturally, this is behavior that's seen by a number of Netheads as intrusive, so there are now anonymizing services such as the Anonymizer and Privnet,[9]s both of which block the site's ability to retrieve information about visiting users.

Many Net surfers don't realize it, but the average Web site can tell what browser you're using, what domain you're coming from, and what type of computer and operating system you're using, as well as what pages you looked at and for how long. A lot of Web sites put this information into a small bit of text called a "cookie" and store it on your hard drive, to streamline your next visit to their site, which some people feel is an invasion of privacy.[10] No one's suggested it (yet), but in the way of the Net it's easy to imagine a future in which Net surfers could choose among several different types of centralized registration services to gain access to the same networks of commercial Web sites. One service might charge you extra but give you freedom from advertising; another might give you free access to content as long as you accept advertising with it; a third might pay you a tiny percentage in return for your personal details and the right to rent them out to direct marketers as part of a commercial database.

More traditional anonymizing services, used to protect the real-world identity of emailers and Usenet posters, introduce another class of middlemen. Services that assign a permanent pseudonym, as Julf Helsingius's anon.penet.fi did, allow users to interact over long periods. As Helsingius noted when explaining the reasons for closing his server,[11]such services must work with the law if they are to survive in the long term. A different situation applies to anonymizing services that strip all identifying information, keep no logs, and allow users to post but not receive replies. Hackers, who are some of the interested users of these systems, keep tabs on the systems' throughput and security level. However the servers work, you have to trust the owner's integrity, security, and determination not to hand over personal information to police or other questioners without the proper court or other orders. There would, after all, be some impressive scope for a blackmailer running an anonymous server and keeping tabs on its users.

Advertising is already bringing a whole new class of middlemen to the Net: specialist ad agencies such as DoubleClick and Burst! Media, which match Web