1992-12-18 - Positive reps.

Header Data

From: Hal <74076.1041@CompuServe.COM>
Message Hash: 04acf38a8fc97454dc2db6a266cfa07ba6d15e33f436e152d13411abd974aa48
Message ID: <92121806471474076.1041_DHJ46-1@CompuServe.COM>
Reply To: _N/A

UTC Datetime: 1992-12-18 06:53:06 UTC
Raw Date: Thu, 17 Dec 92 22:53:06 PST

Raw message

From: Hal <74076.1041@CompuServe.COM>
Date: Thu, 17 Dec 92 22:53:06 PST
Subject: Positive reps.
Message-ID: <921218064714_74076.1041_DHJ46-1@CompuServe.COM>
MIME-Version: 1.0
Content-Type: text/plain


I was thinking about the idea of positive reputations and thought I'd
mention a few thoughts while waiting to see Dean's notes.

As I understand it, a positive reputation is basically some kind of
recomendation or endorsement of a person by someone else.  It might
be fairly specific, like "so-and-so paid a debt of $50 to me within
the agreed-upon two-week period."  Or it could be more general, like
"so-and-so is, in my opinion, an honest person."

I was thinking of positive reputations that might be relevant to the
problem mentioned of anonymous posting to mailing lists and newsgroups.
As Dean mentions, we can envision a system which uses the opposite of
kill files. Instead, messages would only be displayed from people who
met certain criteria in terms of their reputation credentials.

What would I want to see in the way of such credentials that would help
me decide whether I wanted to read the message?  (The issue of judging
the validity of credentials is discussed below.)  Maybe recommendations
in favor of the poster's intelligence, knowledge, judgment, temperance
(i.e. reluctance to flame), etc. would be useful.  Imagine a system in
which a person was rated from 1 to 10 in each of these categories.  A person's
positive reputation would consist of (digitally) signed statements from
various "endorsers" (or "introducers"), each giving their numeric judgements
about the person in question.

With this system, I could set my ideal mail/news reader to only display
postings from people whose scores met some standards.  Maybe I would
average them; maybe I would weight the different categories according
to my own tastes.  But this would let me filter out time-wasters like
the random poster who was causing problems.

Now, this still leaves open the problem of judging the validity of
various credentials.  This problem is very similar to the problem of
accepting key signatures in PGP.  If I receive a PGP key loaded with
signatures, that doesn't mean much unless I know at least one of the
people involved (either directly, or through the net).  Only then can
I judge how valid the signatures are.

In the same way, if a new person posts on a newsgroup, and includes his
credential loaded with 10/10/10/10's, that doesn't mean anything unless
I know some of these people who are vouching for him.  In the most
extreme case, he could have created a bunch of false identities and had
them provide all the endorsements.  So an endorser unknown to me is
not useful.

It's interesting that the PGP key "web of trust" may have application
to this more general problem.  I wonder if the PEM folks will push for
a centralized "email posting quality" hierarchy in which agencies rate
each person's quality of postings and assign them an official score. :-)
This would be the analog of their solution to the key-signature problem.

That's about as far as I've gotten.  A few more general comments:
Such a system requires an infrastructure of public-key encryption and
digital signatures.  Only in that way will signed credentials be secure
enough to be meaningful.  Since so few people use these tools today,
a positive-credential system would filter out almost everyone, throwing
out the baby with the bath water.

But, remailers are springing up everywhere.  It is an idea whose time
has come, it seems.  So the problem exists today, but the solution can't
be practically applied for at least another year or two, even assuming
rapid acceptance of PGP, RIPEM, PEM, or some other cryptographic standard.
That means that there may be some political pressure against remailers
during this interval.  Perhaps we can turn this to our advantage by describing
the advantages of a credential system, and using that to further encourage
widespread use of cryptographic programs.

Hal Finney

Version: 2.1