Re: [decentralization] [oreilly] peer to peer, economic effects
- At 12:11 AM 8/13/2001, Farez wrote:
>Todd wrote:There are a number of solutions for this, technically and the one I like best
> > Yes but what is the protection against entirely fictitious nyms? Raise
> > 5 or ten in nym kennels, feed them regularly with bunches of transactions
> > and dealings to fatten up their reputations then harvest them in one big
> > fraud.
>This is a tough one as it really is an old social problem. I would hope that
>technology can help with this but at the moment I don't see how this can be
is the signing device. The classic signing device keeps its keys and
in silicon and simply has no path in silicon where they can never be directly
read, or modified, nor do they ever leave the machine. When you run out of
spares you discard the device.
That being the foundation any contract can be submitted to the window of
the signing device, and whoever has the PIN for the device and perhaps a
biometric can affix the digital sig. into the doc and send it back the same
place it came from (TCPIP, bluetooth, USB, IRDA whatever. It doesn't
have to be secure or even private because you can't crack the sig. )
Now answering your question why couldnt a reputation scheme be employed
in which it is simply impossible to get enrolled without physically
connecting with another of these signing devices in person, i.e., even
your friend could not admit you to the network without a physical
meeting. Why couldn't this special protocol work as follows. The
standard signing device is based on a thumbprint. To get your reputation
initiated on the Reputation Server you have to visit somebody else
with a device and put your thumbprint and furthermore, they have
to agree to the orange screen "Warning: your reputation may be
affected by the future acts of Aaron P. Aardvark: are you sure?"
This is certainly not foolproof but it *tends* to equilibrium rather
than tending to spiral out of control.
http://www.innoventry.com/products/rpm/index.html has been featured lately
in the press, they seem to be doing OK with their completely automated,
unattended service in check cashing, normally a very tough business. I
understand they use biometrics for authentication and take every measure
that's possible for a Kiosk including high-definition digital photographs.
I'll admit, with the margins they probably scam off the check cashers,
their Kiosk may be a poor example... because it doesn't demonstrate
security any more than the financial success of VISA or MC demonstates
that credit cards are secure.
> > Nyms must be anchored to a physical body. The reputation network
> > must allow the inquirer to not only check my references by asking
> > my trading partners etc. but, it must have a way for my trading partners
> > to indicate "Knows me personally". Then furthermore it needs measures
> > to detect fake communities who all claim to know each other but
> > none of whom are known by anybody in the real world.
>The way I see it, these are all factors or options that the reputation
>can take into account but shouldn't necessarily be prerequisites for a
>reputation system. If you're only talking about buying and selling stuff then
>nyms bound to a physical body _may_ be essential to certain trading parties,
>but it doesn't make a difference which physical body it is when I'm reading
>postings on this mailing list for example. My feeling on this (which has
>my own research) is that we need a core underlying reputation protocol to
>exchange of reputational data but keep the processing side fully
>- this includes identifying which properties of the nym is required for which
> > Start with Richard Lethin's chapter in the O'Reilly P2P book.
> > or look up agoric systems in Google
> > or http://openprivacy.org/reputations/
> > or (from OpenPrivacy's link page):
> > http://www.freehaven.net/doc/oreilly/accountability.txt
> > In the reputation model, for each exchange, a server risks some amount of
> > resources that is proportional to its trust that the result will be
> > satisfactory. As a server's reputation grows, other nodes become more
> > to
> > make larger payments to it.
> > The main difference between reputation-based trust systems and
> > micropayment-based trust systems is that, in reputation-based trust
> > parties base their decisions in part on information provided by third
> > http://www.mojonation.net/docs/technical_overview.shtml
> > Each Broker maintains its own local database of reputations for other
> > including a list of others with which it has done business and information
> > about
> > those transactions.
> > http://www.realcommunities.com/newsandevents/newsletteroct.htm
> > Reputation Manager ... will alert members about the hierarchy and
> ratings of
> > other members, providing visitors with a way to sort high quality
> > member-generated content from less useful contributions and highly-rated
> > members
> > from less highly-rated ones.
> > http://www.advogato.org/trust-metric.html
> > The goal of the trust metric is to accept as many valid accounts as
> > while also reducing the impact of attackers.
> > http://www.idiom.com/~arkuat/consent/Anarchy.html
> > The whole area of digitally-authenticated reputations, and the "reputation
> > capital" that accumulates or is affected by the opinions of others, is an
> > area
> > that combines economics, game theory, psychology, and expectations.
>Good list of references. I would also add:
>Reputation Research Network. Quite low traffic but has links to interesting
>papers on reputation and trust, including analysis of eBay's reputation
>Trust: Making and Breaking Cooperative Relations, edited by Diego Gambetta.
>Good range of ideas on trust (a concept closely related to reputation) in
>edited book, now completely available online.
>Trust and Reputation Research
>To unsubscribe from this group, send an email to:
>Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/