1996-01-07 - Re: “trust management” vs. “certified identity”

Header Data

From: futplex@pseudonym.com (Futplex)
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Message Hash: 248f58616c41b0afe6f7736d3faee011d2b9d33c2f5d6191e53395f517bc66d2
Message ID: <199601070522.AAA26624@opine.cs.umass.edu>
Reply To: <01BADC99.C7034FE0@dialup-169.dublin.iol.ie>
UTC Datetime: 1996-01-07 05:36:01 UTC
Raw Date: Sun, 7 Jan 1996 13:36:01 +0800

Raw message

From: futplex@pseudonym.com (Futplex)
Date: Sun, 7 Jan 1996 13:36:01 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: "trust management" vs. "certified identity"
In-Reply-To: <01BADC99.C7034FE0@dialup-169.dublin.iol.ie>
Message-ID: <199601070522.AAA26624@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Frank O'Dwyer writes:
[I've adjusted the line breaks for those of us with 80-column displays]
> Privilege is also relative, but identity is not (nyms and that aside).  

That's a pretty large aside !

> I'm Frank O'Dwyer anywhere I go,

I am definitely not "Futplex" in many places I go, and often I am not anyone 
in particular.

"Auuugh! Single personality disorder! No cure!" -Beverley R. White

> but I'm not "loyal bank customer" to all banks. Also, it's easier to 
> securely determine that I'm Frank O'Dwyer than it is to securely determine
> (say) my credit limit. So, a signator's job in signing for my identity is 
> easier (and less risky) than signing for my trustworthiness.  

I am doubtful. I can't vouch for the identities of very many people on this 
list. (I've even met, e.g., Lucky in person and I certainly have no clue
what his verinym might be, nor do I particularly care.) On the other hand, I
am willing to sign onto all sorts of judgements about the trustworthiness of
various people on the list, and other aspects of their reputations. I've
driven hundreds of miles based on trust developed online with people whose
identities I still haven't verified. I've even agreed to loan hundreds of
dollars to someone I knew only as an online pseudonym.   

[...]
> Plus, given secure identity (which might be an anonymous id), you can 
> layer the other stuff on top.  

I am swayed by the view expounded by Carl Ellison that a key, not an
identity, should be the anchor to which attributes are attached. (Sorry if
I am misstating or oversimplifying the position here.) I think identity 
should be hung off the key as just another (optional) attribute.

I think your comments apply pretty well to trust relationships in the flesh,
but don't fully take the net into account.

Futplex <futplex@pseudonym.com>
The Pack Is Back

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMO9YXCnaAKQPVHDZAQHKwwf/UQWZY9X9KV27qePoqPLRdsDN0Yn9v27F
uIDapw0btdS4i9kkGONN/dGMC9EvQJv2ZOemIvqJ/0R09X7tD1bRIrqzDokvZEKw
zMrkZ2xcvgAnq0FGG//awz8bveFyff1U2PL7xtHdvmNi6mtgzNah9L8yZCLqtmAD
Uerh9+Qq9MSq6bidHBadVqwUr2y/7/1IWiYiMFqGZou7Gmwiu4AQDtKi04bVGi4b
/VJHVe1/eyoN6nV7PyOWJsigP01+ZJblPgeg8Q37Mf8x7Hxjz5bWuFraS6jO+aNZ
EduLoSyulblNKIWs3WRP339RJL0kAsPycdSfh6VVVUQRiHv5uaigyQ==
=wcp/
-----END PGP SIGNATURE-----





Thread