Jim McCoy wrote:
But if creating a new identity is as easy as creating a pseudonym and a PGP key pair then everyone could create several identities, one they use for "honorable" work and others that they use when attempting to hack in to AT&T or rob the digital bank...the lack of a link between the pseudonymns means that "dishonorable" pseudonyms are disposable and without a means for attaching a negative value to a reputation the reputation system as a whole has a major flaw.
Yes, "negative reputations" alone are not adequate, just as they aren't in real life. (A negative reputation system is one in which only negative movements are possible, only downgrades. It's like assuming everyone is honorable, even strangers, and lending them money.) Positive reputations are essential. And are common, even on the Net. I don't know about others, but I don't automatically given all newcomers the 'benefit of the doubt' and thus give them "maximal reputation," only to be downchecked later. Rather, newcomers start out, in my mental ledger book, at a "nonentity" or "neutral" level. Call it "zero" for simplicity. Stupid or wrong comments cause their "reputations" (to me, of course) to move into negative territory. Positive comments boost their reputation. (And this rep business is multidimensional, of course. For example, I might dislike someone's opinion, but still have a high regard for their "reputation for honesty commentary," or somesuch.) It does little good to create zillions of "new pseudonyms," as they are *not* automatically given a high reputation. Think of credit ratings. Would any of you lend money to brand new pseudonym, or a stranger in your town?
That is not to say that a system that provides for reputations with anonymity is impossible, but it is not possible given the tools that are currently available on the net. If you want to take a look at a system
But I've just given an example of how this already works. Take "Pr0duct Cypher" as an example. Good code, rapidly written. The result: a postive reputation system that produces (for many of us) a net positive reputation.
that would offer a workable base for a reputation system I would recomment that you start with some of the credential systems of Chaum, Evertse, and Damgard. This would provide a foundation of unique identities and a method for exchanging information linked to pseudonyms without giving up user privacy.
I certainly agree that better tools, including the credentials-without-identity sort of stuff, may help even more. I just disagree that we don't already have a workable positive rep system. Postive reps--not just negative reps--are how we learn of good restaurants, good crypto books (Schneier, for example), and on and on. Histories of repayment of past bills (aka "credit ratings") are a classic manifestation of this. (I don't plan to get into a metaphysical debate about whether TRW Credit is doing the rating, or prospective lenders are, etc. In simple terms, a modern credit rating report is a composite summary of how many loans were repaid, how many bankruptcies and the like occurred, etc. No guarantees of futrue performance, but some strong indications. A Bayesian model that the future is likely to look like the past.) So, postive reputation systems are needed...and they are already in common use. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo@toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay