Tim Berners-Lee on the Web 224
notmyopinion writes "In a wide-ranging interview with the British Computer Society, Sir Tim Berners-Lee criticizes software patents, speaks out on US and ICANN control of the Internet, proposes browser security changes, and says he got domain names backwards in web addresses all those years ago."
Finally! (Score:5, Funny)
Re:Finally! (Score:2)
Sir Tim (Score:5, Insightful)
I found this amusing, along the lines of "there are those who call me.... Tim."
Seriously though, I thought he had some great things to say about professionalism in IT. We all need to absorb and remember this:
Re:Sir Tim (Score:2)
Re:Sir Tim (Score:2)
I found this amusing,
I found it saddening against the recent UK Honour scandal [bbc.co.uk].
If Sir Tim [w3.org] was viewed as a member of traditional sphere such as Law, Economics, Education he would be Lord Tim [parliament.uk].
His work [w3.org] has changed the world in all of those traditional spheres.
The whole interview content, our agenda would, would gain real traction in the second house of a G8 Nation.
Looking back... (Score:4, Funny)
I would have skipped on the double slash - there's no need for it. Also I would have put the domain name in the reverse order - in order of size so, for example, the BCS address would read: http://uk.org.bcs/members [org.bcs]. The last two terms of this example could both be servers if necessary."
He could do anything differently and he would drop a slash?
Re:Looking back... (Score:2)
Har har.
C//
Re:Looking back... (Score:5, Interesting)
Re:Looking back... (Score:2)
Re:Looking back... (Score:2)
Re:Looking back... (Score:5, Insightful)
Re:Looking back... (Score:5, Insightful)
Re:Looking back... (Score:2)
Please tell me no-one actually writes like that.
Re:Looking back... (Score:2)
Very confusing for people from other countries (although when the middle date is >12 at least you get to wonder something might be wrong).
Another problem I've had is signs with things like "Parking prohibited between Nice Friday and President's Holiday" (or whatever vacation days they have over there and expect that everyone have comitted to memory). Apparently using plain dates is a big no no, even in middle-endian format.
Re:Looking back... (Score:2)
Re:Looking back... (Score:2)
Re:Looking back... (Score:2)
road signs (Score:2)
Each state has its own convention for road signs and traffic systems (loosely based on federal standards.) Some states are downright awful (Massachusetts, New Jersey) and other states are really good. (My Ohio for instance goes out of its way to make road signage detailed and clear.)
Depends where you go.
Re:Looking back... (Score:2)
You can't use dates for many holidays because they're not observed on the same date every year.
Re:Looking back... (Score:2)
Ah well, I guess every country is entitled to its little weirdnesses...
Re:Looking back... (Score:2)
So it's even more convenient to use those as delimiters for a time period instead of dates ! Briliant !
Well, I suppose in some cases the reason for having the restrictions is related to the holidays, so using specific dates wouldn't work. I can't think of an example, but that's okay, because I've never seen any signs like that, either.
Re:Looking back... (Score:3, Interesting)
Re:Looking back... (Score:3, Funny)
Re:Looking back... (Score:2, Funny)
Re:Looking back... (Score:4, Insightful)
I wish more apps had a "web ordering" mode for sorting directories, files, or bookmarks. I think there was a version of Firefox with that, but the current build I'm using doesn't seem to have it.
One reason is that it's easier to sort, since right now the server name goes from most detailed to least, while the directory structure behind it goes from least detailed to most. If you're a programmer, it's much easier to work with consistent ordering.
Another is that it makes organization of sites with many subdomains easier, especially sub-sub-domains. Imagine sorting through
africa.news.search.com
americas.news.search.com
art.some.edu
asia.news.search.com
cs.some.edu
europe.news.search.com
linux.cs.some.edu
linux.search.com
ms.cs.some.edu
news.search.com
news.some.edu
physics.some.edu
search.com
store.search.com
store.some.edu
As
edu.some.art
edu.some.cs
edu.some.cs.linux
edu.some.cs.ms
edu.some.store
edu.some.store
edu.some.physics
com.search
com.search.store
com.search.linux
com.search.news
com.search.news.africa
com.search.news.americas
com.search.news.asia
com.search.news.europe
Re:Looking back... (Score:2)
the key problem (Score:2)
HTTP urls are essentially formatted as a file path with a dns name as one component so the top level name ends up somewhere in the middle and if the hostname is long potentially quite hard to spot.
Re:Looking back... (Score:2)
org.dotslash? org.slash?
Re:Looking back... (Score:3, Funny)
Re:Looking back... (Score:5, Funny)
There is a reason for the double slash. The double slash says it's the traditional format. The single slash signifies the domain name extension should go first. In the new-Berners-Lee format...
For example.
http://slashdot.org
http:/org.slashdot
Should both be allowed addresses. They aren't. But, because he did a double slash in the beginning we could actually flip the extention order and drop the slash and it wouldn't be confused with the original format. See, Sir Tim is such a foward thinker he added a worthless slash to save the day years later!
Least specific to most specific (Score:2)
Why not no slash? http:org/slashdot [org]. Much like mailto:foo@example.org [mailto] (or would that be mailto:foo@org/example [mailto]). Or aim:do_something_really_annoying, bittorrent:linux.iso.torrent, irc:freenode.org/#debian.
The good thing about going from least specific to most specific is that it's easy to chop off unnecessary data. In dates for example, "the 25th of March, 2006" is a mouthful to say. But saying just "the 25th" is sufficient because one can assume the month is March. Or if not, "the 25th of March" is enough for an entire year. You can keep adding more information as needed.
That wouldn't seem to work very well with on the web though... you could type "some_unique_webpage" and be taken there immediately. Or you could type "some_non-unique_webpage/slashdot" which would take you to slashdot's version of that page. Or "very_non-unique_webpage/joesblog/org" for a complete specification. I wonder if that would work well or be horribly awful if you integrated a search engine with DNS... there would need to be a different separator between the DNS stuff and the webpage (although some cleverness could probably guess most of the time) "pic_001/niagra_falls/picture:joesblog.org".
Since there are so many websites, this probably wouldn't save much typing in practice... The browser could perhaps limit its domain to sites often visited, unless explicitly taken to a new site or an explicit search requested. If you typed in something unique, it could take you there. Something non-unique, and it would show a list of more specific choices. In both cases, there would be a search button to expand the domain to the entire web (or maybe specific subsections of the web much like google.com/linux etc.).
And of course, this doesn't map directly onto a filesystem.
domain name... (Score:2)
From the Article... (Score:2, Funny)
But how could you make a jingle out of ... (Score:5, Insightful)
But how could you make an advertising jingle out of
"com dot expediAAAAAAHHH!"
A true Brit. (Score:5, Informative)
So the idea that he started off having trouble with the Berkeley naming convention doesn't surprise me at all.
(I'd prefer a more heirarchical system, myself, where an organization can ONLY have one domain name and have all their actual addresses inside of that. It would make the namespace a lot less cluttered and would reduce trademark abuses. On the other hand, names would be a lot longer. However, if you're using a search engine, a portal or bookmarks most of the time anyway, that's no big deal.)
Re:A true Brit. (Score:3, Interesting)
If you're going to use bookmarks, portals and search engines anyway, why not leverage them fully and make all names/identifiers collision-free cryptographic names. Trademark problem: solved permanently.
Re:A true Brit. (Score:5, Funny)
In fact, every machine on the internet could be given a unique 32 bit number. Then you could connect to it using that number as the name. That would be awesome!
Re:A true Brit. (Score:3, Funny)
*gasp* 128-bits? Is that wise?
What's the matter, Colonel Sanders? Chicken?
(No, I have no idea why that popped into my head)
Re:A true Brit. (Score:2)
the trouble with using ip addresses directly is they are too close to the physical network infrastructure and as such not very portable (unless you own a very large private block.....).
also combined with name based virtual hosting using domain names allows sites to be combined onto one server and later split up again if nessacery without huge wastage of IP space.
Finally one dns name can map to multiple machines at once either in a round robin fassion or based on the network location of the users dns resolver (which is usually quite close to the user).
Re:A true Brit. (Score:2)
Re:A true Brit. (Score:3, Interesting)
The X25/X29 PAD addressing thing was very much akin to using the Internet without a DNS, that's all. A PAD was merely a terminal server which gave you a command line access. I've used TCP/IP terminal servers which were very similar.
The naming convention used in the UK for e-mail (which was supported long after the transition to TCP/IP) was purely that, an e-mail address convention. At the time it was decided upon the ARPAnet were making their own decision and opted for the opposite to the UK (and New Zealand). C'est la vie.
Before JANET transitioned to TCP/IP it was "interesting" keeping the mail system up to date. You had a special version of the Sendmail config called UK-Sendmail which had a list of every JANET mail server address. What fun!
Anyway, I always thought that ARPAnet got it the wrong way around for the domainnames as it's easier to parse a big-endian address. e.g. uk.ac.ucl.ts means, it's in the UK.. ok.. look that up and pass the message on.. then once in the UK, it's an "ac" academic address, pass it to the mail server which deals with that, and so on. Just like routing packets.
Heh! (Score:2)
DNS often sucks because the databases are too big, too flat and powered by too small a system. Flat naming systems are evil and inefficient.
Re:Heh! (Score:3, Insightful)
Who remembers it? Just Google the movie title. If it doesn't come up in the first 5 hits, add "IMDB" or "Tomatoes" to the search string, which should get you the IMDB and Rotten Tomatoes pages on the film respectively, either of which will have the link to the "official" site. The whole reason Google is successful is that the name of the most relevant website is rarely predictable.
But the problem with the seemingly logical idea of always using a subdomain of a studio is that movies are often made by independent companies, who will start their site very early in the process, to help market and gain awareness, long before they make a distribution deal with a major. And a few years later when it's on video that could be sold to another studio or network; not to mention having different companies in different countries. Of course, if you know the studio they're likely to have links to current movies on their home page. What is more irritating is when you find an old DVD or see something on TV and would like to check out the website, to find it redirects to a porn or phishing site.
Re:But how could you make a jingle out of ... (Score:2, Interesting)
Re:But how could you make a jingle out of ... (Score:5, Funny)
Re:But how could you make a jingle out of ... (Score:5, Funny)
It's fun, it's naughty! Catholic.org! Nun.org! Starving-Panda.org!
Re:But how could you make a jingle out of ... (Score:2)
Re:But how could you make a jingle out of ... (Score:2)
But how would:
com.ebay/
com.amazon/
org.slashdot/
have been easier to remember? Or really easier technically overall?
On a second thought, it would have been:
org.dotslash/
But still.
TLDs (Score:5, Insightful)
at least someone realises this.
If i had my way i'd redo the whole domain system; the distinctions between TLDs are totally irrelevent these days.
That or enforce the distinctions, so that only ISPs can have
Won't work (Score:5, Insightful)
at least someone realises this.
If i had my way i'd redo the whole domain system; the distinctions between TLDs are totally irrelevent these days.
That or enforce the distinctions, so that only ISPs can have
The purpose of a domain name is to make it easy for poeple. Computers don't care, they use IP addresses and the DNS is simpy a way to make easy to rememeber names that are automatically converted to IP addresses by software.
There is no taxonomy or more correctly, ontology, behind domain names. They're arbitrary strings of characters. There is no meaning whatsoever in the TLD, that's sad articfact of the way things were; they should not ideally have any meaning.
NSI under the original Internic cooperative agreement tried for many years to enforce the
TLDS should be meaningful, but arbitrary. And pretending any sort of classification system can me made out of it belies two decades of expereince with the way we name computers on the network.
Sir Tim may be a Sir but he's dead wrong about this expansion of tld space. Would you find it easier to remember (and yes, there are times you'll rememeber and type in, instead of looking something up in a search engine) company.biz or perhaps company.info because that was available when perhapes the only thing available in
Typically the internet solves problems of scarcity (.com names) by creating new resources, not by regulating old ones.
Re:Won't work (Score:2)
? um, yes, there is. it's just that no-one adheres to it (myself included).
Before you answer, wonder if there's any non-arbitrary relationship between the proposed
"Would you find it easier to remember...."
I think what STBL is suggesting is a complete rewrite of the way DNS works, according to his semantic web vision. Perhaps search engines would be a thing of the past, perhaps URLs would (though that's unlikely, given that he invented them (or more accurately URIs)).
But the important thing to note is that he (and I in my comment above) isn't suggesting a fix to make DNS better. He's suggesting a whole reorganisation of the way the web works, which will also involve a new DNS system. He's said several times that he's not entirely happy with the way the web has come together.
You can't apply his potential solution to the current web. His solution would only work in a web that's fundamentally different to the one we're using now.
Re:TLDs (Score:2)
I wouldn't want it taken away because I'm not able to use it for its intended purpose at this time. There's no guarantee someone else would be as nice about it.
Re:TLDs (Score:2)
Re:TLDs (Score:2)
Re:TLDs (Score:2)
Re:TLDs (Score:2)
Oh, man. My boss got sucked up in the hype around that and had me (over my objections) enter the lotteries, sometimes several times through different domain name services, for a dozen variations on our company name, plus a bunch of other words somewhat related, for both .info and .biz. All of the ones that we won he has now let lapse.
Thousands of dollars spent for nothing.
The only thing I got out of it was my email address on every domain-name spam list in existence. Repeated several times for each domain name I applied for. Big mistake not to use a temporary address for that.
A sad case of marketing anti-genius (Score:5, Interesting)
The following story is true, though extraordinarily sad.
At the company where I used to work, they registered all TLDs for their name. We had .com, .net, .org, .biz, etc.
One day, our chief marketing goober decided that .biz was going to be the next "in" thing on the Internet, and we would be one of the first companies to capitalize on it. So we had all of our business cards chaged, our mailers, our letterhead... everything. We were explicitly told never to use the .com domain name in our business dealings, it was .biz. We, the IT gurus, begged and implored them not to do this, that it would cause more trouble in the end than it was worth, and that the only companies that use .biz are fly-by-night companies that grab the .biz equivalent of famous .com names so that they can rip people off.
Who do you think they listened to?
Long story short: Within a few months, after our customers, suppliers, vendors, and lots of other really, really important people started complaining that their e-mails to us were bouncing back and e-mails from us were not being received because spam blockers were automatically assuming that our .biz address either weren't valid, our chief marketing goober decided to "spend more time with his family," our old business cards, letterhead, etc. was dug out, and we were instructed never to use the .biz domain name again.
Re:A sad case of marketing anti-genius (Score:3, Interesting)
Sorry, I forgot, they're management. Survival of the skinniest and hardest-working, then. Yanno, like the fable of the ant and the grasshopper.
Already exists (Score:2, Funny)
Re:TLDs (Score:2, Funny)
Aw shucks, they noticed!
just a question here (Score:2)
What am I missing?
Do joo mean the symantec web? (Score:2, Funny)
startkeylogger
Re:just a question here (Score:2)
The beauty of having the entire framwork built on top of XML is that it allows you to parse through documents that your application may only partially understand and still manage to extract some relevant data. This means that if your ChairBot application is crawling around the semantic web and comes across several overlapping definitions of a chair it may not be able to recognize every single property of every single chair but its still much better than blindly following HTML hyperlinks around and trying to guess if something is a chair or not.
Re:just a question here (Score:2)
I search for things and would like to be able to specify 'ignore pages with abstract only' and metadata could help there, but on other things, simple things, its still seems like a 'pot luck' search result.
Re:just a question here (Score:2)
Oh yeah, and tag spam.
'Duh' Browser security (Score:5, Interesting)
"Most browsers have certificates set up and secure connections, but the browser view only shows a padlock - it doesn't tell you who owns the certificate."
I still can't believe that, to this very day, there is no major browser that displays the right information about a certificate by default! This is the whole point of a certificate: it tells you that paypal.com actually belongs to a real-world entity named "PayPal Inc."
At the very least, when connected via SSL to a site with a valid cert, the browser address bar should have an extra line that names the real-world entity. A yellow padlock and location bar tell you nothing about who you're really talking to. You shouldn't have to manually examine the certificate to find out this information.
Does anyone have any idea why even Firefox, with all its other great usability and security innovations, still gets this basic thing wrong??
Re:'Duh' Browser security (Score:2, Informative)
Re:'Duh' Browser security (Score:2)
Re:'Duh' Browser security (Score:2, Informative)
Re:'Duh' Browser security (Score:5, Insightful)
This makes it a major pain when you just want to encrypt data without claiming to be anyone in particular, since you have to jump through a lot of hoops both on server and client side to get it working. The browser gets bitchy about a certificate that isn't signed by any of its roots, even though it may very well be the case that nobody cares.
If we clearly thought about these two aspects, and separated them, it would become clear that A: we need a better way to just say "secure the damn connection" without claiming to be anybody and B: When a site is claiming to be somebody, it hardly makes sense to not show the claim clearly to the user. But since the concepts are all mushed up, you get a lock icon that sort of covers half the situation, mostly, and few people really realize there's a problem.
Re:'Duh' Browser security (Score:3, Insightful)
It is no point in having a secure connection to a person you do not know who is.
You cannot know if you are talking to a man in the middle or you are actually talking to the man you want to be communicating with.
To get the ww2 version of this:
You got an ubersecure connection with a german spy which got an ubersecure connection to the man you think you are communicating with. Then the german spy can listen in and you nor the person you want to communicate with will know about the spy. All the spy has to do is to relay all information.
yea, you need a secure path of transmission (Score:2)
But the parent is somewhat right too, because actually you would first have to make sure that you have correctly established the identity of the root key-signing enitity over a secure handshake, which often is not the case.
On the other hand, with an extended web of trust, man in the middle attacks become somewhat hypothetical, it is more likely you would be tricked into using bad keys instead.
Re:'Duh' Browser security (Score:3, Informative)
We made a mistake back in the day.
We made many mistakes, but this wasn't one of them.
Certificates are serving two purposes: One is to encrypt the data, one is to verify identity.
Those two purposes are the *same* purpose. There is a distinction here, but you're drawing it in the wrong place.
SSL-sytle secure connections do two things: Encrypt data and authenticate data. After establishing session keys, the data that is sent both directions is encrypted and has cryptographic authentication codes (MACs) attached. Those two things are different, and the two parties communicating may each require one or both.
If either side is sending sensitive data that should not be revealed to others, then that data should be encrypted. But if the data is sensitive and should not be revealed to others, why would you send it to a random stranger? Verification of the recipient's identity is crucial. If the client is sending the sensitive data, this verification is generally accomplished via SSL validation of the server certificate. If the server is sending it, it's usually provided by performing a username/password authentication within the SSL tunnel, though it can (and more often should!) be done with client side digital certificates.
If either side is sending important data that doesn't necessarily need to be encrypted, but does need to be authenticated, then that data should be MACed. SSL does that, as well as encryption. But if the data is important and its provenance must be verified, then the identity of the sender must be identified. For the identity verification needed for data authentication, we use the same verification mechanisms: cert to identify the server when it's the sender, and username/password to identify the client when it's the sender.
There is no point in encrypting data to strangers, or authenticating data from strangers. Identify verification is absolutely essential to all of it.
There is some point in separating encryption from data authentication, because sometimes you need the latter but not the former. Even in those cases, though, encryption never hurts (especially since IP communications are all point-to-point anyway, since multicast doesn't work), and encrypting unnecessarily doesn't cost anything, so it's simpler just to do both.
*With* identity verification. Keeping in mind that DNS does not provide any identity verification, and that even if it did, the multi-hop routing of IP packets means there are plenty of opportunities for men in the midddle [wikipedia.org].
Re:'Duh' Browser security (Score:5, Insightful)
That's a good explanation and it's accurate. It does have a hidden assumption though.
A lot of security analysis takes as an axiom that the threat is an intelligent and determined adversary who will crawl in through any weakness. That axiom may seem self-evident because of infosec's military heritage: if your opponent is willing to hire Alan Turing and invent the digital computer in order to read your ciphertext, you daren't leave any chink in your armor.
If you're a civilian and willing to gamble that you'll only be a random target and that your opponents will always go for the softest targets, then you might decide on a self-signed certificate. You might believe that sniffing Internet traffic is so much easier than running a man-in-the-middle attack that you could just take your chances on MiTM.
You'd be wrong in today's environment, though. Phishing means you really have to worry about who a public key really belongs to. Not that certs are helping very much.
Quite a few people are proposing a compromise trust model like ssh has, where the browser UI would change so as to warn you when you're about to encrypt to an unexpected public key.
Re:'Duh' Browser security (Score:2)
Quite a few people are proposing a compromise trust model like ssh has, where the browser UI would change so as to warn you when you're about to encrypt to an unexpected public key.
This model has some good things going for it, but I don't see it as very useful for stopping phishing.
Phishers don't use the same domain name as the legitimate site. So the browser won't warn you "the key for paypal.com has changed! danger!" If the phisher bothers to self-sign at all, at most the browser will say "you're talking to a site you haven't visited before." Which is exactly the message the user got when she visited paypal.com for the first time, and for every other new site she visits. The user will become completely innoculated to these kinds of messages. (The model works better for ssh, because most people only ssh to a few boxes in their life.)
Even worse, the user only gets these warning if the phisher uses self-signed certs in the first place, which he has little reason to do. He can make his site look like "the real thing" in almost every way (except for the tiny browser or yellow location bar), and that's the root of the problem.
Re:'Duh' Browser security (Score:2)
Re:'Duh' Browser security (Score:2)
mod down -1 wrong (Score:2)
right so you've got yourself a nice encrypted connection to the man in the middle. You need some mechanism to tell you that the person you think you are linked with is the person you are really linked with or the encryption isn't a whole lot of help.
theres the web of trust system but that has problems of its own (e.g. that you have to trust people between you and the target who don't have any legal contracts to uphold and could well be corrupted).
also i'm not sure why the padlock icon is insufficiant, it means that provided the root CAs are doing thier job properly and there aren't nasty browser issues (e.g. the long username url trick) the site i'm talking too really is the legitimate owner of paypal.com. Do i really need to know any more than that?
Re:'Duh' Browser security (Score:2)
Yeah, but that's the job of the CA: to filter out bogus domain names and entity names. Granted, the CAs don't do their jobs too too well, but I think they would refuse such a blatant fraud.
Re:'Duh' Browser security (Score:2)
Bloody spreadsheets (Score:2)
Tell me about it.
well, he got it wrong again (Score:5, Interesting)
if the server name isn't going to be the name of a server, then you can do this:
http://uk/org/bcs/members
and now everything is a hierarchical pathname that is resolved to a fqdn internally and nobody needs to worry that bcs.org.uk is a node on the network and members is a service on that node...
add it to the pile of big-woops! ideas along with ken thompson's anally elided 'e' in "creat()"...
Re:well, he got it wrong again (Score:2)
And now the browser can't figure out which server to contact to get the content without recursing down the tree asking stupid questions. And you can't contact the subsidiary sites if the top-level site is down.
-scott
Re:well, he got it wrong again (Score:2)
Basically that proposal means you're not sure whether
http://com/a/b/c/d
means you're looking for
Or
So what do you query the DNS server for? Or do you make multiple queries to the DNS servers?
You can disambiguate things by adding some stuff, but really its a waste of time.
As for Tim's proposal, while that could work, I like being able to copy part of a hostname, modifying it a bit and then using ping, ssh etc on the rest of the name.
While the web is a significant part of the internet it's not the only part.
Even if everyone else (telnet, ssh etc) has got it "wrong" it's not too bad so there are probably more important things to fix.
Re:well, he got it wrong again (Score:2)
And it would be extremely useful. You could add a new server for each directory with very little effort.
With Slashes we could drill down... (Score:2)
(p.s. please ignore that slashdot finds links for these
examples)
http://co/tld [co]
http://tld/co [tld]
for example, calcula might be found at:
http://us/org/pentamino/home/pentalive/calcula/in
(and as it is currently "/index.html" is the default and might be omitted)
Mix of Complex and overly simple (Score:2)
... which is? (Score:3, Insightful)
Comment removed (Score:2)
Re:Just think - there would be no "Dotcom Industry (Score:2)
Re:JACK ASS (Score:5, Funny)
Re:JACK ASS (Score:5, Funny)
Doesn't make Henry Ford a good driver...
Re:JACK ASS (Score:2)
Re:JACK ASS (Score:2)
Ya know, I just had this discussion with someone. The person was basically trying to justify something an elementary school teacher said to the students that she knew was incorrect. I was really offended by the fact that a teacher knowingly misled her students, and it turned into this big argument. Unfortunately, this seems to be the case a lot - like in the case of the henry ford misconceptions, which we probably both learned from some teacher many years ago.
Re:JACK ASS (Score:5, Insightful)
Comment removed (Score:2, Funny)
Re:JACK ASS (Score:2)
Re:Finally! (Score:2)
Sorry, for that address, I'm either thinking of walmart or electronics first, and com is definitely last.
Search is a better match for how we think. Which is to say that we don't think in an hierarchy like "Hmm, a company
-scott
Re:Finally! (Score:2)
Good example, and that is why I disagree (Score:2)
Then http://electronics.walmart.com/ [walmart.com] makes a lot more sense, because you see that you are where you are looking for.
Now:
http://com.walmart.electronics/ [com.walmart.electronics]
Most people don't really care whether it is com or org. It also doesn't play nice with autocompletion
Moreover,