Comments: Tracking Reputation - CACert

I've actually made a lot of good contacts via LinkedIn. As has my girlfriend, who is definitely not on the tech side of things (strategy consultant.) It's an easy way for her to find people in her area of interest; what we seem to forget very often, which is also my beef with your point about reputation-based systems, is that, although they're crap from the perspective of ideal technical perspective, they sort of work and muddle through. Like the Internet as a whole...

Posted by JMS at May 2, 2005 06:34 AM

Reputation for the purposes of credit makes sense if there is value worth stealing then value is assigned to the reputation. Many people have attempted to defraud with phony credit reports which are in the end a record of reputation in regards to re-payment of money borrowed. So the extending of a line of credit is a reputation issue. Basically many folks talk about the line of credit they can draw upon rather than their cash balance because credit is the real method to determine their worth. In my own mind when I hear the figure I think of the monthly payment they are required to make on the amount stated as their line of credit. To put it simply reputation must have some bragging rights assigned to it and be desirable. So if a system of assigned value ie reputation is based on identity and past history then it must also have credit assigned to it. If reputation does not provide some leverage over the situation then the unknown situation or future event can not be addressed by people with a reputation for handling that event. So reputation can be assigned by event and identity such as a credit event.

Now take the future event of global war and the ability to trust a third party's information or a real life instance of _Curve Ball_, a German spy that provided information on Iran's Atomic weapons program. The review was conducted on the character of Curve Ball and not the information he provided in the past and its truth. So we had within the intel world people that looked at Curve Ball's moral virtues or the lack thereof and those that looked at his past informational record.

The two schemes of determining reputation conflicted and exposed a weakness across various national intelligence schemas for reputation. But if the intel community had a means of betting upon the reputation of Curve Ball the track record of the bettors might have allowed for a determination to be had without exploring every nook and cranny of his past. So the application of monetary worth to an arbitrary situation of conflicting values creates a reputation on the fly without long winded standards for reputation. It is the money that means something; as with credit, people value money and applying that or figuring out how to apply that to anything is all that matters.

The Former Admiral Poindexter wanted to create just such a system and was soundly trashed in the press. Poindexter knew that narrative discussions are meaningless when dealing with asymmetric attacks and arbitrary schemes of determining reputation. People know what they are willing to risk of value to something and the aggregated choices of people may be telling for the purposes of reputation, and allows a choice to be made and adjustments when it is wrong to be made more easily. Who really cares about other people's standards for reputation, all that matters is how much you are willing to spend on it based on a future unknown event. Now all that really needs to be done is assign money to various participants and allow them to place bets on the reputations of others.

Posted by JN at May 2, 2005 07:43 AM

I think what most people coming up with reputation-tracking systems forget is that reputation is not absolute. It's something that is unique to each person's vantage point; different facts of the past have different meanings and different impications on a person's reputation depending on who is interested in it. Any reputation system that presents the same "repuation" to everyone is broken.

I do believe that good reputation-tracking is possible. After all, what we do with our brains should be possible with our computers and tracking more reputations than our heads can carry can be beneficial. However, it requires that the reputation system is based purely on the user's judgement. Noone should make reputational decisions for me unless I have explicitly or implicitly assigned trust to the other guy's judgement.

This is why OpenPGP works great. While its scope is at the moment limited to the question of identity and reputation of making judgements about other people's identities, the protocol has, IMHO, a lot of potential beyond this. I have actually started setting up a system here: http://alien.epointsystem.org

In order to bring costs down, I have introduced passphrase-based keys for those who cannot be bothered with doing it the good old-fashioned two-factor way: http://pgp.epointsystem.org

The key-management app is in the writing (and so is the article to FC++, sorry for being tardy), and at that point the thing is ready for prime-time.

I think, the costs can be brought down to the point where the benefits of being able to check up on other people becomes beneficial. The technology is not there yet, but almost.

Posted by Daniel A. Nagy at May 2, 2005 01:56 PM

Are government-issued id cards really all that strong? CACert's web of trust is quite prone to attack, in that you can take the same (potentially forged) id to many different assurers, become an assurer yourself and start assuring bogus identities after that. You can build up your own bogus web of trust.

I do not think the use of government id really makes it more strong than some other reputation systems, especially OpenPGP. People using OpenPGP also use government id in the same way, for establishing trust between people who don't know each other personally. Thus OpenPGP's web of trust can probably be considered just as strong as CACert's.

Still, getting assured means I can issue assured certificates that last much longer than unassured certificates, which *is* a strong incentive to join the system, but only if you are a server admin.

Posted by Mike Gratton at May 3, 2005 10:16 AM

Mike,

thanks for your comments!

It's important to keep in mind what it is that is being compared with. With CACert, their identity card choice is stronger than other CAs because CACert does face-to-face meetings and checks 'government issued ID' whereas most other CAs take paperwork that is faxed to them. Faxes are easy to forge, as are notary sigs. Government Ids are a bit more of a barrier (a higher 'cojones' level required). Also, because CACert has multiple checkers, who each use different senses, in person, this can help to mitigate against the one time attack.

When it comes to OpenPGP's web of trust, it is not correct to say that people check strong Ids. People _may_ use them or maybe not. In fact there are two communities which swear opposite things, one group swears by government Ids and the other group swears not to look at them. So for any reliance on OpenPGP you can't tell a priori what a signature means, you have to resort to the signer's convention. (I for one do not check the ID, only the verbal FP.)

Posted by Iang at May 3, 2005 02:59 PM

LinkedIn knew what it was and presented itself in that manner - it is a mechanism for economic networking. Orkut is the Internet before AOL joined - topical asynchronous chatting. However the Internet has since moved on. Orkut is dating and jobs and interests and thus nothing. LinkedIn is professional only and thus something.

Relocating to place X? You will find a relocation consultant within three links on LinkedIn. Is this guy a spammer who will demand money upfront? No. So you don't have to go thru all the dreck that comes with Monster.com

LinkedIn works because it is a reputation system in context.

In terms of secure government IDs - a fishing license is an state-issued identification document. Can I use it to board a train? Or, and speaking of train wrecks check out Real ID
http://releases.usnewswire.com/GetRelease.asp?id=46902
Just approved. Aren't we all safer now?

-Jean

Posted by Jean Camp at May 5, 2005 05:08 PM
Post a comment









Remember personal info?






Hit Preview to see your comment.
MT::App::Comments=HASH(0x557e8f5ddfa8) Subroutine MT::Blog::SUPER::site_url redefined at /home/iang/www/fc/cgi-bin/mt/lib/MT/Object.pm line 125.