Comments on: Anonymous Reputation

By: RoGue

RoGue — Wed, 15 Dec 2004 10:31:37 +0000

interesting stuff. this is directly connected to my idea that if an author wants his work to spread and proliferate, he must remain anonymous. check out the blog I’m trying this out on, as a game. the mystery is an adhesive.

By: Caleb Racey

Caleb Racey — Wed, 30 Nov -0001 00:00:00 +0000

Interesting stuff. It seems to me that much of what you are saying could be applicable to the internet2’s shibboleth (shib) project. Shib is federated single sign on similar to the liberty alliance, except it tries to keep user id anonymous by passing an opaque token as an identifier. In event of abuse of a site it can block the user identified and report back to their home site who can then convert the opaque identifier to a user id and take whatever action deemed necessary (in the uni context proabably a stern talking to). The thought of some kind of dynamic “reputation” based system would be interesting especially as “legitimate” p2p file transfer (again in the university context) is being contemplated in the lionshare project (http://lionshare.its.psu.edu/main/info/descript).

By: Ben Hyde

Ben Hyde — Wed, 30 Nov -0001 00:00:00 +0000

The use of opaque tokens is a good tool to pull out of the bag of tricks. Liberty, SAML/2, and Shibboleth are all doing a good job pulling good tricks out of the various bags to try and tackle these problems. What’s hard to see clearly is if they are actually succeeding in solving the problems. They do appear to be one of our best hopes.

By: Ravi

Ravi — Wed, 30 Nov -0001 00:00:00 +0000

Very interesting post! But why should people be wary of providing recommendations unless it in some way impacts them? Why should a recommendation be trusted if it does not have a cost?

In the real world recommendations can be believed since if the person being recommended screws up then it reflects negatively on the recommender. Hence we are careful and recommendations are trustworthy to an extent.

But in this online model, reputations can be built and destroyed on a daily basis with nobody feeling the pinch but the person who’s building and destroying his own reputation – an attractive proposition to spamsters?

I think an implementation of your proposal which has some cost to the recommenders would be trustworthy, that is, a model that keeps track of how trustworthy a community is (maybe a count of how few of its recommendations have destroyed their reputation?).

By: radish

radish — Wed, 30 Nov -0001 00:00:00 +0000

when I dreamt of writing a P2P thingy that crossed Frontier’s data model with POE’s execution model (no, seriously , the best approximation of real life trust networks seemed to be a bidirectional certificate model allowing the resolution of data represented by an opaque token — e.g. the identity represented by an arbitrary username — to take place at any node which knows, or has access to, the content of the token, based on whether the party requesting the resolution is sufficiently “trusted” by the party which has access to the token’s backing data.

this seems like it could apply to the scenario you describe, because the opaque data can just as easily represent reputation as anything else, and the entities in the chain can be collective or singular. i.e. when the home community gets a message from the foreign community saying “your entity #12345 misbehaved,” it can weigh its relationship with #12345 against its relationship with the foreign community, and act accordingly.

just like real life, any time a party shares (e.g.) its identity with another party it runs the risk of that party sharing it with another party. but an arbitrary inquiry can’t resolve the identity associated with a particular token unless it first establishes a trust relationship with at least one of the parties which already knows that identity. meanwhile, #12345 retains the option of never sharing its “identity” data with any other nodes, which forces any party wishing to resolve that token to contact #12345 directly.

I don’t know whether anybody’s actually using that model…

By: Many-to-Many

Many-to-Many — Wed, 30 Nov -0001 00:00:00 +0000

Group sponsorship
Ben Hyde is thinking about an anonymous reputation system, analogous to the proposed K5 user-sponsorship model, where users could get sponsored by groups, in a ‘letter of introduction’ kind of way, so as to be able to operate anonymously (t…

By: we make money not art

we make money not art — Wed, 30 Nov -0001 00:00:00 +0000

Building an anonymous reputation
Ben Hyde is thinking on a new kind of reputation system that allows its participants to remain anonymous. The individual would get sponsored by groups, in a