1993-11-20 - Key vs. Signature revocation & Trust Webs

Header Data

From: “L. Detweiler” <ld231782@longs.lance.colostate.edu>
To: cypherpunks@toad.com
Message Hash: 4c6479ed83afe71fb58d46ae1f06f6dfe345b8ec9d096a2fa17aeb14a62bc3ce
Message ID: <9311200628.AA01474@longs.lance.colostate.edu>
Reply To: <9311200257.AA28409@longs.lance.colostate.edu>
UTC Datetime: 1993-11-20 06:32:01 UTC
Raw Date: Fri, 19 Nov 93 22:32:01 PST

Raw message

From: "L. Detweiler" <ld231782@longs.lance.colostate.edu>
Date: Fri, 19 Nov 93 22:32:01 PST
To: cypherpunks@toad.com
Subject: Key vs. Signature revocation & Trust Webs
In-Reply-To: <9311200257.AA28409@longs.lance.colostate.edu>
Message-ID: <9311200628.AA01474@longs.lance.colostate.edu>
MIME-Version: 1.0
Content-Type: text/plain


*key* revocation certificates are in PGP. This an author issues if his
key has been compromised. *signature* revocation certificates are not.
this a signor issues (in theory) if he thinks he has been betrayed
(spoofed or pseudospoofed).

also, notice how keys spread between servers `like a virus'. the
revocation certificates should do so as well. I don't know if key
revocation certificates do so in today's servers. I don't really trust
these servers!

Also, I do not buy arguments that `I cannot ever be fooled, the web of
trust is infallible, key signature revocation is superfluous'. Anywhere
there is trust, there can be betrayal. Believe me, PRZ tried quite a
few of these `I am infallible, I can never be fooled' arguments on me
yesterday! But, PRZ is God. He knows a good idea when he sees one and
will not be influenced by some pseudospoofing campaign by Medusa's
snakes or dangles (double agents) in his `inner circle'.

* * *

I am proposing a completely dynamic, two-way, interactive trust system.
Not something like you inscribe in a book, but something like the Internet.

I was talking to another person at this meeting. I described how today
there is only a one-way, tenuous trust system associated with e.g.
commercial transactions and credit reports. For example: if a company
rips me off, I stop doing business with them, my trust level for them
plunges. But wouldn't other's wish to know of my problem? (Just as if
*I* find that someone is pseudospoofing, shouldn't others be informed?
<g>). Sure, I can send everyone email saying I was ripped off, but this
all happens informally. What about a *formal* system?

Suppose that I put a black mark on the company in the `web of trust' in
a public database -- others may revise their own trust with that
company when they hear they Ripped Off L. Detweiler. Most of the
cypherpunks would probably revise their trust upwards <g>. This
database would be like a yellow pages; anyone can read it when the go
to do business with different companies. This obviously would be a
powerful incentive to a company to mind their p's and q's, eh?
Individuals should be careful though about making specific claims like
`I was unsatisfied with service on date [x]' and not things like
`company [x] rips people off routinely -- I should know'.

Also, consider that a company puts a black mark on your credit record,
erroneously. You contest it, and win. No consequence happens to the
company. What if there was a negative reaction in their `trust level'?
What if there was a public notice entered, `L. Detweiler was molested
by company [x]'? All the trust levels associated with that company's
entries decrease.

Dynamic, two-way systems such as these are what will give consumers
torque over Big Companies. Just as Big Companies make databases about
you to influence their interactions, you can make databases about Big
Companies to influence your own. These are inevitable developments.

Psychopunks would rather fool Big Oppressive Companies into dealing
with fake identities. But this is not acceptable. The company has a
right to know who you are, as much as you have a right to know who they
are. Psychopunk hypocrites, would you do business with an `anonymous
bank'? hee, hee.

Want to get really scared? Public web-of-trust databases will be
developed for *individuals*--e.g., if you post *anywhere* public,
others have a right to tabulate your actions into a central database,
and even comment on them. (hee, hee, next few messages J. Dinkelacker
will pop up and say `this has a very NSA feel to it.'). Others may even
comment on your *private* actions in these databases if they are
particularly offensive or socially dangerous, e.g. `stay away from His
Royal Eminence, while he has made some contributions he is a raving
lunatic, has mailbombed me, harassed my postmaster, and is really
promoting the tax evasion and the collapse of governments and anarchy
under the guise of Liberating Privacy.'

Thanks for letting me talk about this, it all gives me some really
interesting ideas about how to achieve this database. One might set up
a `trust link' in a database whereby each party agrees to a
transaction, and that either can later post a message to that public
`link' regarding the status of that transaction. E.g., individual [x]
can say `I got great service' on the `trust link' or the company can
say `customer [x] failed to pay us'. Links could be cross referenced to
find deadbeats and all that. People would decide who to do business
with based on their trust link policies. But see how this system
benefits *everyone*? You have power over the company, and the company
has power over you. You trust the company, and vice versa. You can zap
their reputation if they betray you, and vice versa.

Another interesting idea is that of `dueling reputations'-- If I have a
high reputation in some area, and I attack someone else in that area,
their trust levels in that area should plummet more than if I had no
reputation in the area. Today, one has to do all this informally, like
posting to newsgroups trying to influence other people that one has been betrayed.

Cypherpunks, this `web of trust' thing is just in its infancy. In a few
years, we will have a Psychopunk's Worst Nightmare. Or an Honest
Person's Civilization.





Thread