1994-09-10 - reputation credit 3/3

Header Data

From: Adam Shostack <adam@bwh.harvard.edu>
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Message Hash: 018139865b598f6bbc62410a8b3b3e3e9f25cc17762bfa566cfd2502e722ed2e
Message ID: <199409101958.PAA01656@bwh.harvard.edu>
Reply To: N/A
UTC Datetime: 1994-09-10 19:58:50 UTC
Raw Date: Sat, 10 Sep 94 12:58:50 PDT

Raw message

From: Adam Shostack <adam@bwh.harvard.edu>
Date: Sat, 10 Sep 94 12:58:50 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: reputation credit 3/3
Message-ID: <199409101958.PAA01656@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain



	Assume the distribution problem to be solved, in that people can now 
easily and reliably get the complete reputation information on an 
identity that interests them.  What extensions to the basic system can be 
made to make it more useful?  What will these extension do to the 
usability of the system?

	I think the most interesting extension would be to make
reputations that apply only in one realm, a realm being some online
community, whether that community consists of a single mailing list
(Cypherpunks) or several lists, newsgroups (firewalls, bugtraq,
comp.security.unix), or even a larger area, perhaps compromising mail,
news, www, other interactive service.  Clearly, there is some overlap
between some realms (security, cypherpunks, hackers).  A good
reputation in one area might carry over into another, or it might lead
to a negative reputation.  This effect will probably arise
spontaneously from the webs of interaction.  Initially, I was going to
propose that it be somehow formalized, but now I see that it will
arise on its own accord, given a sufficiently flexible and strong
system of distributing digital reputation capital on the net.

	This does require that negative opinions be made possible, not
just low opinions.  If Charlie can say "I disrespect David 90% of the
time.  /s/ Charlie 1 sept 94" and those opinions can spread the same
way as positive ones, then most of the useful interaction between
groups is possible in a decentralized, out of control sort of way.
I've sort of assumed in other places that negative opinions were
possible, I just wanted to explicitly state it.

	Another potential extension would be the addition of more
varying formalized opinions than the formalistic "I
respect/disrespect..." that I've been basing this on. This also has
the possibility of just taking way too much work, but has the
possibility, with careful design, to be a very useful tool. What if
Alice can say "I think David is a fanatic. I also think David is a
windbag." and she says these things in such a way that they can be
automatically responded to by software? This would require a carefully
chosen list of opinions that the system would support. If you had too
many opinions, then the system would be worthless, because, in all
probability, people would pick different descriptors, and the
information would not correlate into anything useful. The list could
probably be fairly short, allowing for terms like windbag, funny,
fanatical, reasonable, knowledgeable, trustworthy.  That would greatly
expand what you could say (or hear) about someone in a simple digital
format for automatic scanning and filtering.  The inclusion of terms
like trustworthy or reliable could act as the basis for some business.
A set of 'reliable' endorsements stretching back 20 years would make
me much more comfortable with a remailer business than one that sprung
up yesterday and is now well respected by 300 federal agents.

	None of these endorsements need be formal "I'd do business
with them again" statements, the objective is to give an idea of who
is thought of well, and who is not.

	With the addition of an encrypted open books protocol then
people could automatically get an idea of what businesses are stable,
and liked by their customers.

	I've toyed with the idea of being able to rate personalities
this way, which would be useful at times, since there reputations do
exist in the personal world as well as the professional.  But any
system of personal reputations would fail, because bad mouthing
someone with a digital reputation is an open act.  Very few people
would talk about Alice in a negative light if they know she will hear
about it.  And even if they do want to, there doesn't need to be an
automated system to make it easier.

	However, this does raise the interesting idea of a private
reputations system.  If a group for one reason or another wants to
build a reputation service that is closed; in who may add to it and
who may access it, would they be able to?  It would probably be fairly 
simple.  The slander program could be modified so that no one who didn't 
already have some reputation capital could be discussed.  Using a system 
that

	 A useful bit of reputation capital can not be anonymous,
although it can be pseudononymous.  If it is anonymous, there is no way
to give it weight.

	Cooperative protocols for undeniable digital signatures could
probably be designed and made workable.  However, I would expect that
it would be far too much work to run.  I prefer to design a system
that requires much less effort.  If you want to protect your privacy
while participating, work under a nym.

	There you have it, an outline of a system for possibly
efficient, decentralized digital reputation capital.  A bunch of
extensions that may or may not work.  How to distribute is addressed,
but needs more work, and probably a prototype.  The big question in my
mind is how to get people to feed enough information into it to seed
the system?  Once it gets started, it will run for a while on slow
growth, and then explode at some random point.  (Probably right after
a serious design bug is discovered. :)  After it explodes in terms of
use, it will be self-perpetuating because of its usefulness.  Please
feel free to comment on what wouldn't work.  How could the system be
extended to make it more useful?  It might be that building something
would be the best way to answer these kinds of questions. 






Thread