TriNetre - Archive for February 29, 2004

(no longer updated)

« February 28, 2004 | Main | March 01, 2004 »

February 29, 2004

"Point of Trust" for bloggers?

[Technology] @ 01:00 AM

Phil Ringnalda in his post Web(logs) of trust gives a good summary of the dilemma facing the use of signed comments in weblog context. However, his views set me questioning whether we are putting words where it does not belong, and in the process spoilt my wife's nice dinner by blabbering about it all throughout! Phil says (emphasis added)

If I see a signed comment from someone named Mark Pilgrim, I don't really have any interest in whether or not someone else has verified that the person who signed it is (one of possibly many people) actually named Mark Pilgrim. What I want to know is whether or not it was Mark Pilgrim of diveintomark.org.

The portion emphasised in the quote does not gel in with the concept of web of trust. A web of trust as applied to any sort of signed messages can be built only when we have a set of people who are signing each other's keys because they can physically verify the identity of the other person.

That said, the model that Phil and Jacques Distler lays down is indeed a practical way to look at comment signature verification in the context of weblogs. But the problem is in the usage of "web of trust" to describe what is going on. "Point of trust" would be a better name for the approach, the domain that the commenter controls being the point of trust.

Of course the Point of Trust model does have practical limitations, but it in a unique way gets around the web of trust requirements of key signing to create the trust.

In short "Web of Trust" and "Point of Trust" can co-exist as separate concepts without stepping on each other's feet.

Link | Comments (0) |