
On Sunday, January 07, 1996 12:22, Futplex[SMTP:futplex@pseudonym.com] wrote:>Frank O'Dwyer writes:
[I've adjusted the line breaks for those of us with 80-column displays]
Apologies - this mailer doesn't give me any indication where the margin is. [...]
a signator's job in signing for my identity is easier (and less risky) than signing for my trustworthiness.
I am doubtful. I can't vouch for the identities of very many people on this list. (I've even met, e.g., Lucky in person and I certainly have no clue what his verinym might be, nor do I particularly care.) On the other hand, I am willing to sign onto all sorts of judgements about the trustworthiness of various people on the list, and other aspects of their reputations. I've driven hundreds of miles based on trust developed online with people whose identities I still haven't verified. I've even agreed to loan hundreds of dollars to someone I knew only as an online pseudonym.
I'm not saying that trust requires identity (it obviously doesn't, since we all make trusted cash transactions all the time without having to produce any id.). But it is usually easier to determine (and vouch for) who a stranger is than how trustworthy they are, if only because there are quick and easy real-world mechanisms for this (driver's licence, passport,etc.). That's all I meant. (BTW, can you lend me a few bucks? :-) [...]
I am swayed by the view expounded by Carl Ellison that a key, not an identity, should be the anchor to which attributes are attached. (Sorry if I am misstating or oversimplifying the position here.) I think identity should be hung off the key as just another (optional) attribute.
That's an extremely useful way of looking at it, I agree. But the lifetime of a key is often less than that of some attribute. It's easy to imagine one email address having a succession of keys. But then again, one might acquire and discard email address more often than keys (I've gone through three addresses in the last year or so). So perhaps a better model is just a loose assocation of attributes, with "key(s)" and "identity(s)" being two very interesting ones, but no one attribute being primary all the time. (I'm thinking out loud here -- I'm actually trying to come up with some C++ classes for this sort of stuff, so this discussion is pretty interesting to me. Thus far, I'd got to the model you describe - a key has a bunch of attributes, one them identity. But now I'm thinking that this maybe isn't enough, and an 'identity-centric' view is also needed. Perhaps there should be multiple views into the same data?).
I think your comments apply pretty well to trust relationships in the flesh, but don't fully take the net into account.
Right. I was only talking about 'verinyms', really. Cheers,Frank O'Dwyer fod@brd.ie http://www.iol.ie/~fod