On Thu, Aug 22, 2002 at 02:28:36PM +0200, karsten@rohrbach.de said: [snip]
thinking a little bit more about the issue with networked services in general (including SMTP and the spam/abuse problems, as well as filesharing and many more), the conclusive decision would be to define a bullet proof standard on introducer based trust, deriving a certain trust level or metric from a peer-trust based trust chain. this has several (dis)advantages: - no central authority involved, nobody will charge your creditcard for issuing a certificate - somewhat more unsharp but still pretty restrictive method of applying permissions to use resources - follows the basic paradigm behind TCP/IP, delivering a never-lights-out trust model that cannot be compromised easily, if it is good in design and implementation
What you're proposing sounds rather like the PGP Web of Trust <http://www.gnupg.org/gph/en/manual.html#AEN554>. An excellent idea, but difficult to build. Until a trust model of this type reaches a certain critical mass, it has little effect on those outside the model. I've already done my part by signing my friends' keys and having them sign mine, but until a critical mass of users begin to sign mail by default (and then start signing each others' keys), the web of trust doesn't have much weight outside those involved in it. That is to say, we can't exert much pressure on those not in the web. We end up in a situation akin to the much-debated SMTP extensions/rewrite - good ideas that will likely be impossible to adopt with any success.
i am not an expert in this field, but i think that a generic standard for this kind of trust model is long overdue, the only application nowadays out there in the wild using it being pgp's model of the web of trust.
Oop, there you went and mentioned it directly. I hadn't read that far yet. To my knowledge, the PGP web of trust is the only model of its kind that has enjoyed even a limited success to date.
creating such a generally applicable model of introducer trust, starting from design over implementation of a portable library that does it all, up to plug-in extensions to existing software (like hooking it up to SMTP greetings of the major flavours of MTAs, adding it to certain protocols, like HTTP, where it could easily replace most HTTP-Basic-Auth style systems of most community sites, like adding it to say gnutella's protocol, etc.) would solve a whole bunch of problems we all got today. with a certain amount of engineering effort, it might be applicable to IPSEC, too.
The only problem that really bears consideration is adoption. Until the users (in AOL or Microsoft quantities) adopt a thing, it will have little market power (whether your market is financial or technical). Compared with the adoption problem, the engineering details are trivial.
suggestions welcome, tell me what you think, even if you think that it's a moronic idea (in any case, the ``why'' is the important point)
Good idea, but very likely impossible to implement effectively. At any rate, a mailing list for such a thing might not be a bad idea.
regards, /k
-- -= Scott Francis || darkuncle (at) darkuncle (dot) net =- GPG key CB33CCA7 has been revoked; I am now 5537F527 illum oportet crescere me autem minui