Re: Problems with anonymous escrow 2--response
Responding to msg by solman@MIT.EDU The skills of an entity without any reputation capital are absolutely worthless. But usually an anonymous entity will come around brandishing all sorts of certifications (reputation capital). .......................................................... Well, I was thinking that certifications & reputations wouldn't mean all that much to me, nor either knowing or being unfamiliar with someone's identity (or pseudonymity). I would be more convinced with a demo. Something which could demostrate facility or ability would be more valuable to me than a second-hand proof. I realize some professions cannot provide such demonstrations, but I myself would rather have a way of making decisions based on the excercise of first-hand judgement whenever possible. This anonymity/identity and certification/reputation business looks to me like trying to have one's cake and eat it, too, as the expression goes. A featureless landscape with remote associations to actual substance so as to both please the aloof-ers & appease the uncertain. It's a bit odd, because for every method which is found by which to hide, another method is found by which to reveal what was heretofore undetectable in Nature. While scientists push back the envelope & reveal what was previously 'invisible' to our eyes, others work to effect stealth techniques against the tools of Consciousness. Kind of strange, though interesting. Blanc
I thought Blanc Weber made a good point when he wrote:
Well, I was thinking that certifications & reputations wouldn't mean all that much to me, nor either knowing or being unfamiliar with someone's identity (or pseudonymity). I would be more convinced with a demo. Something which could demostrate facility or ability would be more valuable to me than a second-hand proof.
This is similar to Tim May's suggestion for a credential-less society (as far as possible). Rather than trying to carry around a lot of baggage in the form of certifications, credentials, reputations, etc. (anonymous or not), people structure their affairs in such a way that transactions can be completed using just the information at hand. Blanc's idea for immediate demos to demonstrate competency could tie into this nicely.
This anonymity/identity and certification/reputation business looks to me like trying to have one's cake and eat it, too, as the expression goes. A featureless landscape with remote associations to actual substance so as to both please the aloof-ers & appease the uncertain.
I didn't quite follow the rest of Blanc's message (a problem I have, I'm afraid, with many of his postings) but I do agree that there are problems with the use of reputations as a catch-all to solve the problems of anonymity. Faced with the ease of unpunished cheating in an anonymous relationship, people introduce the idea of reputations, sometimes called "reputation capital", and assert that cheaters would in fact be punished by damage to their reputations, the loss of reputation capital. What is this stuff, reputation capital? What does it look like? How can it be measured? How much is it really worth? I think this concept needs to be clarified and examined if it is to serve as one of the principle foundations of pseudonymous commerce. (I know there is a concept in modern finance which attempts to measure the economic value of a firm's reputation, called, I think, "good will", but I don't know how similar that would be to what we are talking about.) One question is, to the extent that a "piece of reputation capital" is an actual object, a digital signature or token of some sort, how heavily linked is it to a given owner? If I run two pseudonyms, Bert and Ernie, and Ernie earns a piece of reputation capital, can he securely transfer it to Bert and have Bert show it as his own? On the one hand, we would not want this to be so (or, expressed in less normative terms, people would probably be uninclined to put much value on reputation capital which had this mathematical structure). If the purpose of reputation capital is to, in effect, punish cheaters, this is defeated to a large extent if it can be transferred. Ernie can earn a reputation, cheat, and then have Bert show the good aspects of Ernie's reputation while being unlinkable to the bad. Going back to the earlier discussion of anonymous escrow agents this would seem to make it far too easy for dishonest agents to succeed. On the other hand, untransferrable credentials are undesirable from the point of view of privacy. That was the whole point of Chaum's work on pseudonyms and credentials. If pseudonym credentials are untransferrable we have a problem where information builds up about a pseudonym that is very nearly as bad as a completely identified system. It is true that at least the ultimate linkage between pseudonym and physical body is broken, but to the extent that your on-line activities _are_ your pseudonym, it is no more desirable to allow dossiers to be built up about your on-line personality than your off-line life. Chaum's system worked in large part because it was ultimately grounded in an identity-based system. People could have credentials and transfer them, but there were limits on the types and numbers of pseudonyms you could have. I think these kinds of restrictions could limit some of the problems which arise with transferrable reputation credentials, although the general problem of "negative credentials", which is really another word for the problem of punishing cheaters, was not fully solved by Chaum's approach, at least not in a way that I understood (he wrote as though he had solved it). One final point I'd make is that Tim's idea about avoiding credentials, along with the points Blanc made, is attractive but there do seem to be a lot of situations where credentials are shown in life. When that is necessary it is tempting to fall back on a trusted authority, the anonymous escrow agent or perhaps Jason Solinsky's cyberspace government, but I think you still have the problem of those authorities proving their honesty. So the problems of credentials and reputations are still present. Hal
-----BEGIN PGP SIGNED MESSAGE----- Hal <hfinney@shell.portal.com> writes:
On the other hand, untransferrable credentials are undesirable from the point of view of privacy. ... It is true that at least the ultimate linkage between pseudonym and physical body is broken, but to the extent that your on-line activities _are_ your pseudonym, it is no more desirable to allow dossiers to be built up about your on-line personality than your off-line life.
But is this really true? If a seller is using the pseudonym just to defend himself against uninvited third parties such as tax collectors, it would seem that accumulation of a dossier would be useless as long as the physical seller can't be found. What would be gained by transferring the credential (the evidence of the seller's marketable skills or whatever he's selling) to a new pseudonym? I assume that the seller receives payment by some anonymous method, perhaps electronic cash. Am I missing something? John E. Kreznar | Relations among people to be by jkreznar@ininx.com | mutual consent, or not at all. -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLmmPh8Dhz44ugybJAQHBBgP7BOyYR6qWoR4rM4KKbA/G6zjoGKoyaKuH Xp8VL57VPo+k8h1onolU9MoIpnBKMK45CL7atwRkgtNgSVzINgiCkl5xaeviVd15 +fv/xYdJz8evaINwxTA5AM5KCOxF90CsKlLqgyF/ZoGeMfwTYi4us1dHtJDr8Ot3 84RR3vFdYkk= =oWFz -----END PGP SIGNATURE-----
jkreznar@ininx.com (John E. Kreznar) writes:
Hal <hfinney@shell.portal.com> writes:
it is no more desirable to allow dossiers to be built up about your on-line personality than your off-line life.
But is this really true? If a seller is using the pseudonym just to defend himself against uninvited third parties such as tax collectors, it would seem that accumulation of a dossier would be useless as long as the physical seller can't be found. What would be gained by transferring the credential (the evidence of the seller's marketable skills or whatever he's selling) to a new pseudonym? I assume that the seller receives payment by some anonymous method, perhaps electronic cash. Am I missing something?
Well, there are at least a couple of reasons why a seller might want to do this, one (IMO) good and one bad. The good one would be to allow sellers to do socially or politically unpopular things without being punished for them. For example, someone selling pro-civil rights material during the 1950's, or someone selling homosexual rights material today might find themselves facing a certain amount of prejudice if they also wanted to sell more mainstream stuff. By being able to run two businesses which are unlinkable but to apply their good credit record, good customer response record, etc. from one business to the other, we encourage diversity and a free market in ideas. On the other hand, an unscrupulous seller could open up a string of businesses, be honest for a few months to collect some good credentials like this, then fold the business and keep customer money. He then opens up a new business and uses his old good credentials to get going quickly, only to repeat the process. Both of these kinds of activities happen today, but in the network environment there are a lot more possibilities for records keeping. Today it may be an open secret that "Praise the Lord Publications" and "Hot Sex Novels" are both published by the same guy, but probably most of his customers don't know it. On the net it will be a lot harder to keep this kind of thing secret because of the greater access to infor- mation. Likewise, the fly-by-night boiler-room telemarketing service may have a harder time competing in a network environment where the lack of a track record will be more obvious, but the cryptographic credentials which solve the first problem may also allow this tactic to be more successful as well. Hal
Hal Finney wrote:
I thought Blanc Weber made a good point when he wrote:
I learned a while back that Blanc is a woman. She's never corrected this public misperception, that I recall seeing, so maybe I'm out of place doing it here, but I've gone and done it anyway. (Blanc's point elided)
This is similar to Tim May's suggestion for a credential-less society (as far as possible). Rather than trying to carry around a lot of baggage in the form of certifications, credentials, reputations, etc. (anonymous or not), people structure their affairs in such a way that transactions can be completed using just the information at hand. Blanc's idea for immediate demos to demonstrate competency could tie into this nicely.
Yes, I think "locality" is generally a big win. Locality means local clearing, immediacy, and self-responsibility. Caveat emptor, and all that. Not perfect, of course, but generally better than a non-local, non-immediate system in which contracts are negotiated, credentials must be produced (often demanded by the government--here in Santa Cruz one needs a license to be a palm reader!). There are cases where time-binding is needed, where contracts must be negotiated, but the modern trend to make everything into a non-local, accounting-centered deal seems wrong-headed.
I didn't quite follow the rest of Blanc's message (a problem I have, I'm afraid, with many of his postings) but I do agree that there are problems with the use of reputations as a catch-all to solve the problems of anonymity. Faced with the ease of unpunished cheating in an anonymous relationship, people introduce the idea of reputations, sometimes called "reputation capital", and assert that cheaters would in fact be punished by damage to their reputations, the loss of reputation capital.
I don't think reputations solve all problems. Enforcement of contracts with threats of sanctions (economic, physical, etc.) is often needed. One doesn't pay $20,000 for a new car, not get the car because the dealer welched, and simply say: "Boy, his reputation is mud now." (I won't go into the various common-sense ways of dealing with this, nor point out that such massive frauds are rare, for various reasons.) My main point is a simple one: Let there be no laws which dictate what protocols people use for transactions. If Alice and Bob are content to use each others' "reputations" as a basis for doing business, let no third party step in and force them to use "credentials." How it all works out, with flaws and all, is not something we can predict. I'm not saying Hal's doubts about how reputation will work are unwarranted, or unwelcome...indeed, such questioning is needed.
What is this stuff, reputation capital? What does it look like? How can it be measured? How much is it really worth? I think this concept needs to be clarified and examined if it is to serve as one of the principle foundations of pseudonymous commerce. (I know there is a concept in modern finance which attempts to measure the economic value of a firm's reputation, called, I think, "good will", but I don't know how similar that would be to what we are talking about.)
Economists ought to be thinking about these things, a point economist David Friedman agreed with me on a couple of years or so ago. The study of anonymous markets, in which conventional sanctions are difficult to apply, should be an exciting area to explore.
One question is, to the extent that a "piece of reputation capital" is an actual object, a digital signature or token of some sort, how heavily linked is it to a given owner? If I run two pseudonyms, Bert and Ernie, and Ernie earns a piece of reputation capital, can he securely transfer it to Bert and have Bert show it as his own?
"Webs of trust" are partial examples of this, with Alice signing Bob's key and thus saying "I trust this key, so if you trust me, you should also trust Bob." While this does not yet extend to more substantive issues (such as saying "I vouch for this transaction"), it gives us a hint about how this may work. We've had some good discussions in Cypherpunks physical meetings, with noted agorists Dean Tribble, Norm Hardy, Mark Miller, etc., on this very topic: the transitive properties of reputation capital. It seems to work, based on analogies with criminal markets (where they obviously can't go to the courts), and with comparisons to primitive trading societies. The "Law Merchant," as you'll recall (Benson's "The Enterprise of Law") was extra-national, and only "my word as a captain is my bond" worked to ensure completion of trade arrangements. It worked well, too. (As I've said before, the fallback position of relying on the State has displaced ordinary concepts of trust and honor...it is no longer a "fallback" position, and so trust and honor (= reputation) has become a joke. I am optimistic that crypto anarchy will see a restoration of these concepts, back-stopped of course with cryptographic protocols and unforgeable signatures.)
On the one hand, we would not want this to be so (or, expressed in less normative terms, people would probably be uninclined to put much value on reputation capital which had this mathematical structure). If the purpose of reputation capital is to, in effect, punish cheaters, this is defeated to a large extent if it can be transferred. Ernie can earn a reputation, cheat, and then have Bert show the good aspects of Ernie's reputation while being unlinkable to the bad. Going back to the earlier discussion of anonymous escrow agents this would seem to make it far too easy for dishonest agents to succeed.
An unresolved issue, I suspect. Almost no work has been done here, so we have only our intuitions about how things will work. I have to be honest here, but I feel no shame about not knowing the answers to Hal's good points--this is just an area that has had little study, theoretically or empirically. A clarion call for more work.
On the other hand, untransferrable credentials are undesirable from the point of view of privacy. That was the whole point of Chaum's work on pseudonyms and credentials. If pseudonym credentials are untransferrable we have a problem where information builds up about a pseudonym that is very nearly as bad as a completely identified system. It is true that at least the ultimate linkage between pseudonym and physical body is broken, but to the extent that your on-line activities _are_ your pseudonym, it is no more desirable to allow dossiers to be built up about your on-line personality than your off-line life.
Practically, I see almost no way that credentials would *not* be transferrable. One obvious way is for Len and Mack to share bank accounts, money, etc. Len could have a large bank account (a credential of one sort) and could then "transfer" it (the access codes) to Mack. Voila! Credentials got transferred. More generally, two agents, related or not, can arrange transfers. In one extreme from, Len could transfer *all* of his codes and numbers to Mack, allowing Mack to effectively become Len. This is certainly a transfer of reputation! (And a concern several have raised, a la "But how do you know who you are *really* dealing with?")
Chaum's system worked in large part because it was ultimately grounded in an identity-based system. People could have credentials and transfer them, but there were limits on the types and numbers of pseudonyms you could have. I think these kinds of restrictions could limit some of the problems which arise with transferrable reputation credentials, although the general problem of "negative credentials", which is really another word for the problem of punishing cheaters, was not fully solved by Chaum's approach, at least not in a way that I understood (he wrote as though he had solved it).
I agree that much more work is needed. In fact, it's a situation analogous to the nanotechnology field, where one researcher dominates a field (Chaum in this stuff, Drexler in nanotech) and the great mystery is why no more Chaums or Drexlers have appeared!
One final point I'd make is that Tim's idea about avoiding credentials, along with the points Blanc made, is attractive but there do seem to be a lot of situations where credentials are shown in life. When that is necessary it is tempting to fall back on a trusted authority, the anonymous escrow agent or perhaps Jason Solinsky's cyberspace government, but I think you still have the problem of those authorities proving their honesty. So the problems of credentials and reputations are still present.
Even with the implications not fully explored, my main point is (again) that there be no restrictions on *my* ability to try to deal with other agents on this basis. That there may be some messy situations is not enough reason to outlaw anonymity; we see messy situations in our credential-happy society today, with "permission slips" needed for increasing numbers of transactions. Anonymity and unlinkable, untraceable transactions gives us the opportunity to explore these issues, and probably answer Hal's questions. A fair trade, I'd say. Even if I don't have a credential authorizing me to make that statement. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway."
Just some thoughts (I haven't done much reading or thinking on these issues so possibly this is just to show how little I understand):
One doesn't pay $20,000 for a new car, not get the car because the dealer welched, and simply say: "Boy, his reputation is mud now."
No, one gets a receipt and keys to the car when paying (in whatever way) and drives away in the purchase. The receipt can be one-way anonymous and the car can be paid for in paper cash. (Then there are problems of registration and insurance interfering with anonymity, not relevant to what is discussed here). If necessary I can prove in court that I bought the car, showing the receipt (in theory still anonymously). Now, if I want to pay for the car in on-line cash I guess I could connect to my anonymous bank account with my private key, transfer the money to a bank account of the seller's choice, his bank giving my bank a receipt, and drive away in my new car. So, when buying hardware I only have to trust the digital banking system, not the seller? Well, if the seller is anonymous to his bank also, what can be proved is only that anonX paid anonY the sum Z (or possibly what the purchase was about - a description of the merchandise - if the seller instructed his bank to sign this into the receipt). What if the seller reveales his identity to a court, shows a paper receipt to prove that he has bought the merchandise and claims never to have sold it to me? No one can force him to produce the private key connecting him to the account that received on-line payment. It doesn't help to 'outlaw' paper receipts - still, he can prove that he bought the car by producing the key (password) to an account that paid for it but deny connection to the account that received payment from me. By revealing my connection to my paying bank account I can prove that I 'paid for' the car (possibly time-stamped at a later date) but who is to say that I am not the owner of the receiving account also? Thus, if the seller is identifying himself, an anonymous buyer can use on-line cash to pay for a car and still be 'safe' with a receipt (paper or on-line have similar value in preserving the buyer's pseudonymity). But if both seller and buyer are anonymous, then receipts mean nothing (like in criminal business) but reputations everything. Mats
Hal writes
What is this stuff, reputation capital? What does it look like? How can it be measured? How much is it really worth?
Obviously none of these questions are answerable: So what? If you are arguing that intangibles do not exist, and therefore cannot affect real things, then this is obviously false.
I think this concept needs to be clarified and examined if it is to serve as one of the principle foundations of pseudonymous commerce.
No it should not be "clarified and examined" or you will wind up with the supreme court declaring that such and such an act should dock your reputation thirty points, and that it is cruel and unusual punishment for people to have their reputations docked for acts committed more than seven years ago. We already know what reputations are. "Defining" them is going to make them into meaningless nominalist hot air.
(I know there is a concept in modern finance which attempts to measure the economic value of a firm's reputation, called, I think, "good will", but I don't know how similar that would be to what we are talking about.)
Not that similar, which is why they did not call it reputation.
One question is, to the extent that a "piece of reputation capital" is an actual object, a digital signature or token of some sort, how heavily linked is it to a given owner?
Since a reputation is not a digital signature or token this is not a sensible question. A reputation belongs to a person identified by signature or token.
If I run two pseudonyms, Bert and Ernie, and Ernie earns a piece of reputation capital, can he securely transfer it to Bert and have Bert show it as his own?
No. That is why corporations like to have one logo on all their products.
On the other hand, untransferrable credentials are undesirable from the point of view of privacy.
Life's a bitch, and then you die.
If pseudonym credentials are untransferrable we have a problem where information builds up about a pseudonym that is very nearly as bad as a completely identified system. It is true that at least the ultimate linkage between pseudonym and physical body is broken, but to the extent that your on-line activities _are_ your pseudonym, it is no more desirable to allow dossiers to be built up about your on-line personality than your off-line life.
If your on line personality is selling something, it would seem highly desirable to have dossiers built up about it. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd@netcom.com
James Donald writes: (quoting Hal Finney)
I think this concept needs to be clarified and examined if it is to serve as one of the principle foundations of pseudonymous commerce.
No it should not be "clarified and examined" or you will wind up with the supreme court declaring that such and such an act should dock your reputation thirty points, and that it is cruel and unusual punishment for people to have their reputations docked for acts committed more than seven years ago.
Why not try to clarify and examine such an important concept? Where's the danger in gaining a better understanding? Jumping forward to speculations about what the Supremes might do with such knowledge (were they to subscribe to our list and thus gain this knowledge :-}) and from this concluding that such research should not be done seems unwarranted. To put it mildly.
We already know what reputations are. "Defining" them is going to make them into meaningless nominalist hot air.
James, I can only conclude you were in a bad mood when you wrote this, as surely the study of how reputations work, how they get increased and decreased, etc., cannot be a bad thing.
If I run two pseudonyms, Bert and Ernie, and Ernie earns a piece of reputation capital, can he securely transfer it to Bert and have Bert show it as his own?
No.
My close friend and frequent collaborator, Sue D. Nym, known to you also as S. Boxx, as Pablo Escobar, and as an12070, has been researching this issue very carefully. His analysis of pseudospoofing is precisely on target here, and answers this question affirmatively. (In this paragraph, I have just "spent" some of my "reputation capital" in this praise of Detweiler. Depending on the views you readers have about my reputation, and Detweiler's reputation, and how serious you think I was here, my reputation could get better or worse, and Detweiler's could get better or worse. This is one way the reputation of one agent can be transferred to another. It happens all the time, in reviews of movies, books, restaurants, and pseudonyms.) The study of reputations and how they change is an important one. It is more than just "nominalism" to see how things tick, what the key features are, what the conserved quantities are (if any), and so forth. This I think was the thrust of Hal's questions. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway."
James Donald writes:
We already know what reputations are. "Defining" them is going to make them into meaningless nominalist hot air.
Timothy C. May writes
James, I can only conclude you were in a bad mood when you wrote this, as surely the study of how reputations work, how they get increased and decreased, etc., cannot be a bad thing.
Hal wished to have answers to certain questions about reputations. The questions he was asking have no answers. If one provided answers to such questions, the thing that one is calling a reputation would not be a reputation, it would be something more formal, and more subject to centralized control. Were such a definition generally accepted, this would have consequences radically different to those that we desire. I really do not want to digress onto the issue of nominalism and legal positivism, which is seriously off topic, but a similar approach on other matters has led to the catastrophic collapse of societies in the past, and I would claim that it is having something of that effect in the present. It is legitimate and desirable to ask such questions about credentials. To ask them about reputations is harmful and dangerous. You may ask: How can a mere question be dangerous? Answer: Because some questions imply false definitions, and false definitions are dangerous. To take an extreme example, consider the labor theory of value. The labor theory of value defines what capitalists do (organize labor so as to maximize value and minimize labor) as non existent. It therfore leads to the false conclusion that capitalists can be forcibly eliminated without their functions being taken over by a totalitarian nomenclatura, because the definition defines capitalists to have no function. A nominalist definition of reputation, which was what Hal's questions would necessarily lead to, would lead to analogous conclusions -- the need for a formal system of credentialing in cyberspace -- to serve *in the place of* real reputations.. If such a system was to serve the function that reputations now serve in the real world, it would lead to consequences very different from those intended or desired by Hal.
James Donald writes:
No it should not be "clarified and examined"
Timothy C. May writes
Why not try to clarify and examine such an important concept? Where's the danger in gaining a better understanding?
When somebody wants to "clarify and examine" a concept that is already well understood, this usually means that he wants to change the meaning of that concept. Where the concept is something fundamental to existing social structures, the result can be utterly ruinous (for example Socrates). In Hal's case he wants to "clarify and examine" something that is crucial to the future that we all want to achieve. It is clear from some of the things he said that his "clarified" meaning is in fact substantially different from the correct meaning. For example he asks a number of questions that are not meaningful or answerable if "reputation" means reputation, but are meaningful if "reputation" means credentials. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd@netcom.com
-----BEGIN PGP SIGNED MESSAGE----- James Donald writes:
Timothy C. May writes
Why not try to clarify and examine such an important concept? Where's the danger in gaining a better understanding?
When somebody wants to "clarify and examine" a concept that is already well understood, this usually means that he wants to change the meaning of that concept.
Well understood by *who*? You seem to have a strong local definition for the word "reputation". You seem to believe that freedom itself depends on folks only using that word in a fashion compatible with your own use. That's an interesting notion for a sleepy Sunday afternoon, but you haven't convinced me yet. Perhaps you'd be good enough to describe what you mean when you use the word "reputation"?
In Hal's case he wants to "clarify and examine" something that is crucial to the future that we all want to achieve.
When you say "we", who are you referring to?
It is clear from some of the things he said that his "clarified" meaning is in fact substantially different from the correct meaning.
Who decides what the "correct meaning" of a word is? -----BEGIN PGP SIGNATURE----- Version: 2.5 iQCVAgUBLmoaxH3YhjZY3fMNAQHO/wP8DJhb5eiESy/rmhyv+UwwdA5tLyulZqvH WdqwAMqb4nyOOMnYo9lhI+gvjnIPtPD/Hf8YvnmwAfDDGR72IIDFQ3xrbApOg73W nDPsLBvUFMHx5Zh8PCCcaZjHn05rjCXsaAGiixWAh37OjC7qm3/OqLvh3gEsBJX0 iwEf9BSLKYE= =c8V6 -----END PGP SIGNATURE-----
Would someone care to create a mini-glossary, complete with author-noted alternate definitions of the current topics? I don't think I'm going to get up to speed in to time participate otherwise... Thanks sdw (who has 900 recent messages and 3500 from vacation...) -- Stephen D. Williams Local Internet Gateway Co.; SDW Systems 513 496-5223APager LIG dev./sales Internet: sdw@lig.net OO R&D Source Dist. By Horse: 2464 Rosina Dr., Miamisburg, OH 45342-6430 Comm. Consulting ICBM: 39 34N 85 15W I love it when a plan comes together Newbie Notice: (Surfer's know the score...) I speak for LIGCo., CCI, myself, and no one else, regardless of where it is convenient to post from or thru.
Stephen D. Williams writes
Would someone care to create a mini-glossary, complete with author-noted alternate definitions of the current topics?
No. The problem is that Hal wants a definition of "Reputation" that is more objective, concrete, controllable measurable and well defined, whereupon I went ballistic because reputations do not have the properties that he thinks a good definition of reputation should have. Thus reputations, defined to have the nice properties that Hal would like them to have, would lack the crucial property of enforcing good conduct. Since we want "reputations" to serve in place of state violence, rather than serving in place of drivers licenses, I argued that the kind of definition that Hal was seeking would be catastrophically counter productive. We should propose credentialing systems, rather than define reputations. Of course what Hal really wanted to do was discuss credentialing systems, rather than get involved in a discussion of nominalism and realism etc. My objection was that by calling credentialling systems "reputations" he was obfuscating the crucial part of the process whereby credentials obtain value. This is an error akin to that of "the labor theory of value", and would lead to the same disastrous error that the labor theory of value leads to: We would end up proposing "non coercive" systems that would in reality require a great deal of coercion in order to work. By calling a credential a reputation, we imply that it automatically has value. Of course it does not. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd@netcom.com
jamesd@netcom.com (James A. Donald) writes:
Hal writes
What is this stuff, reputation capital? What does it look like? How can it be measured? How much is it really worth?
Obviously none of these questions are answerable: So what?
If you are arguing that intangibles do not exist, and therefore cannot affect real things, then this is obviously false.
No, my questions were not rhetorical at all. I do think that various people have come up with ideas for what they call reputation capital that are much more formalized and structured than what you are referring to. This doesn't mean that they are right and you wrong, just that there are a lot of different concepts floating around under this umbrella of a term. As one example, consider how signed endorsements could be used to create and validate a reputation. We already see that today with celebrity endorsements in advertising. I once sold a product where the main competitor had (years ago) collected a favorable comment by Dvorak, the well-known computer columnist. I'll bet a lot of people had never heard of that company but when they saw Dvorak's quote the image of that company was improved a great deal. This endorsement could be called reputation capital. In a very real sense, it was one of the principal assets of that company. I believe many conceptions of reputation capital consist of collections of such endorsements, along with an infrastructure to support them (similar perhaps to the PGP web of trust).
I think this concept needs to be clarified and examined if it is to serve as one of the principle foundations of pseudonymous commerce.
No it should not be "clarified and examined" or you will wind up with the supreme court declaring that such and such an act should dock your reputation thirty points, and that it is cruel and unusual punishment for people to have their reputations docked for acts committed more than seven years ago.
There is always the danger of legislative interference in any action but I really don't think our discussions here are likely to bring disaster down on us.
We already know what reputations are. "Defining" them is going to make them into meaningless nominalist hot air.
On the contrary, I think that a pseudonymous/anonymous world calls for a re-examination of the concept of reputations. Today there is no implementation of a transferrable credential, where I could for example prove that company XYZ considers me a good credit risk, without XYZ linking my present nom de guerre with the one I used when with them. Today there is no use made of blind signatures. A few years ago public-key encryption was almost unknown in the private sector. All of these technologies could have significant impact on business relationships. Things are changing, and we on this list are some of the few people who are interested in talking about the effects of these changes.
If pseudonym credentials are untransferrable we have a problem where information builds up about a pseudonym that is very nearly as bad as a completely identified system. It is true that at least the ultimate linkage between pseudonym and physical body is broken, but to the extent that your on-line activities _are_ your pseudonym, it is no more desirable to allow dossiers to be built up about your on-line personality than your off-line life.
If your on line personality is selling something, it would seem highly desirable to have dossiers built up about it.
Right, I did discuss this point. This helps prevent people from certain kinds of cheating. But the down side is that sellers have to give up some (all?) privacy. And, after all, practically everyone is selling something, even if just their labor. Is the solution that we have privacy as consumers but not as sellers? I don't think this is the only possible answer. It is worth considering whether privacy can be provided to sellers as well. As another example, consider the case of someone applying for credit. Here the bank is, in a sense, selling money. OTOH the applicant is selling something, too - his ability to pay. Do we just say that "of course" dossiers of people's credit history and banks' lending history are the desirable and correct way to solve this problem, as we have today? I would prefer to see whether solutions could be derived in which more privacy is provided to the participants. Obviously total anonymity would make such lending virtually impossible, but perhaps there is some middle ground between that and a system of total identification. This is where Chaum is coming from with his credentials. His solutions have problems, granted, but I don't think it is necessarily time to give up and say that the kinds of dossiers we have today are the best way things can work. Hal
Hal's reply to James Donald went out within minutes of mine, and made roughly the same points I made (his "endorsement" by Dvorak example is eerily similar to the example I used, about endorsing Detweiler). Maybe Detweiler was right...maybe we _are_ tentacles! --Tim the Tentacle -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway."
Hal writes
What is this stuff, reputation capital? What does it look like? How can it be measured? How much is it really worth?
jamesd@netcom.com (James A. Donald) writes:
Obviously none of these questions are answerable: So what?
Hal writes
No, my questions were not rhetorical at all. I do think that various people have come up with ideas for what they call reputation capital that are much more formalized and structured than what you are referring to. This doesn't mean that they are right and you wrong, just that there are a lot of different concepts floating around under this umbrella of a term.
No no: What is floating around are proposals for the structured handling of the *information* on which reputations are based, not proposals for the structured handling of reputations. Digital credentials, not digital reputations. Structured handling of *reputations* would be catastrophic. If you *define* reputations to be something formal and explicit, and say that the system will work because people guard their reputations, then reputations become something that can be most efficiently granted and withdrawn by some centralized authority. And then, as with fiat currency, the value of those "reputations" would in the end need to be backed by force in order to make the system work. I am complaining about dangerous carelessness in your use and definition of words. Your use of the word reputation is as fraught with frightful consequences as Marx's use of the word "value". Reputation based systems work for freedom, and coercion based systems work for centralized government, for obvious reasons that all of us agree upon. *Define* reputations to be something other than reputations, and you are kicking the crucial foundation out from under freedom. You are defining the foundation of freedom away, in a way precisely analogous to the way Marx defined the basis of capitalism away, though he did it maliciously and knowingly, and you are doing it accidentally.
As one example, consider how signed endorsements could be used to create and validate a reputation.
True. But signed endorsements are *not* a reputation.
I think this concept needs to be clarified and examined if it is to serve as one of the principle foundations of pseudonymous commerce.
No it should not be "clarified and examined". ... We already know what reputations are. "Defining" them is going to make them into meaningless nominalist hot air.
On the contrary, I think that a pseudonymous/anonymous world calls for a re-examination of the concept of reputations. Today there is no implementation of a transferrable credential, where I could for example prove that company XYZ considers me a good credit risk, without XYZ linking my present nom de guerre with the one I used when with them.
This is an illustration of the danger of redefining "reputation" as you appear to be doing. Obviously a blind signed credential transferable between digital pseudonyms would have no value to support a reputation, but by abandoning the correct usage of the word "reputation" you have obscured that fact from yourself. But what would have value was a credential whereby some authority signed *one* private key that you possessed at a certain time, without knowing either the private key or the public keys associated with that private key. But if you used that key to support multiple identities, you would then be stuffed because it would then create a link between Joe Robertson, software benchmarker, and Mike Hardcase, purveyor of underage Ceylonese virgins. Worse, it might create a link between Mike Hardcase and Joe Whatsyourpleasure, purveyor of Filipina whores, thereby substantially reducing the value of the Ceylonese virgins purveyed by Mike Hardcase, even though both Mike Hardcase and Joe Whatsyourpleasure both had excellent reputations until their reputations became linked.
If your on line personality is selling something, it would seem highly desirable to have dossiers built up about it.
Do we just say that "of course" dossiers of people's credit history and banks' lending history are the desirable and correct way to solve this problem, as we have today? I would prefer to see whether solutions could be derived in which more privacy is provided to the participants. Obviously total anonymity would make such lending virtually impossible, but perhaps there is some middle ground between that and a system of total identification. This is where Chaum is coming from with his credentials.
Exactly so: And Chaum talked of digital credentials, and the reputations of digital credentials. He *did not* talk about digital reputations. Use the word *credentials*, not the word *reputations*. If we were to start using the word *reputations* in the way that you have been using it, we will make errors with vastly more serious consequences that the errors that you have made. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd@netcom.com
participants (8)
-
blancw@pylon.com -
greg@ideath.goldenbear.com -
Hal -
jamesd@netcom.com -
jkreznar@ininx.com -
Mats Bergstrom -
sdw@lig.net -
tcmay@netcom.com