The DigID discussion has been continuing via email, and I’m not sure how much I ought to quote—which makes my job harder, since I have been helped by some of today’s mailings.
So I’ll say just a couple of things, and hope that other people’s good ideas show up in their blogs, so I can bounce off them tomorrow or Monday.
I mostly want to signal my approval of Eric’s “protected net” and “dark net” proposal: a digitally-secure protocol-protected net, where high-stakes commerce and medical records and government functions can hide out, as insulated as they imagine they can be from crackers outside, as opposed to a looser, security-free zone where Other commerce and bloggers and no-need-of-security web functions can connect. This makes a good deal of sense to me, especially since I suspect that most customers will end up gravitating toward enterprises that respect their reticence about hard security. Eric’s; plan allows people to find online connections where they want to be, and that’s about right by me.
Probably because he was “.just spitballin over here,” Eric leaves his notion separate into just two congeries of links: the secure zone and the wild zone. I expect that fairly rapidly, many people would be attracted to an alternative that doesn’t pretend to be Absolutely Secure (a pretense subject to disconfirmation the first time a cracker puts a little effort into invading an inviting target) but also doesn’t suggest that everyone involved is an Mysterious Stranger. I think that’s what Doc and David are talking about: a Web which cultivates a distributed index of the people with whom you’re dealing, so that one person’s bad experience won’t blacklist you, so that many people’s bad experience will, so that who you know does matter, and how well they know you, and that these are not housed at/determined by/owned by a central Identity Agency, but are—in some sense—brokered.
In other words, a form of digital reputation, whereby my willingness to say, “Si’s my son, he’s a good kid, but he doesn’t have two hundred dollars to his name” means that Si would have a positive reputation for his sterling character, but would have a low reputation relative to financial transactions. Once he earns a little money, begins dealing with commercial entities and online friends more fully, his financial reputation might creep upward, and his character reputation would increase not in quality (everyone thinks Si’s a good guy) but in depth (now, more people would be saying so). Moreover, the endorsement of someone with a deep, positive reputation (say, Doc Searls) would weigh more heavily than an endorsement from, say, some guy in Illinois: me. A financial endorsement from Boone Pickens would mean a lot; a financial endorsement from me might help you finance a cup of coffee at Starbuck’s (no, not that much).
The point is that this cumulative reputation would reside not in my hands, as the person under assessment, but in the hands of other people who had an interest in giving a true sense of me (since my actions then reflect on their status as endorsers).
Distributed, not foolproof (as David points out, this is a strength of a system, not a weakness), and optional (as Kevin notes, if you put cash in the clerk’s hand, she doesn’t care who vouches for you).
Past my bedtime. Eric, Doc, Bryan (my AIM client still can’t see you), David, blog more tomorrow, so other folks can benefit from what y’all are saying.
[Sunday AM, before church: I know, this is fundamentally like a credit rating (though less centralized. And my suggestion doesn’t incorporate strong security that guarantees that the person claiming my credibility/credit is actually me—I’m counting on PingID to develop that!). But part of what David’s saying is that credit ratings and credit cards generally work pretty well, and I suspect it’s worth building out from there.
Posted by AKMA at December 28, 2002 10:57 PM | TrackBack