Hello, I am currently refactoring the WoT plugin to allow per-context trust values.
Lets first explain how WoT currently works so you can understand what I mean: - There is a set of Identities. An identity has a SSK URI, a nick name, a set of contexts (and a set of properties). An "own identity" is an identity of the user of the plugin, he owns the SSK insert URI so he can insert the identity. - Each identity can offer a Set<String> of contexts. A context is a client application, currently there are: "Introduction" (the given identity publishes captchas to allow other identities to get known by the web of trust by solving a captcha - if you solve one, you get on the publisher's trust list) and "Freetalk", which is the messaging system based on WoT (comparable to FMS) which I am implementing. - Identities currently can give each users a trust value from -100 to +100. Each trust relationship is stored as a object of class Trust in the database. - From all Trust values an identity has received, from the trust values the trusters have received, etc. the WoT calculates and stores a "Score" object for each identity in the database. The score is the calculated rating the which identity receives from the whole of the other identities. Not only one Score object is stored - for each pair of [OWN identity "treeOwner", identity "target"] a score object is calculated. The reason is that the score of an identity depends on what trust the treeOwner gives to the identity itself, what trust its trusters have received, their trusters, and so on. .... Considering the fact that there will be many more client applications (for example: Search indexing, files haring, web of trust based code review (image Freenet compiling its updates itself as soon as all code has received enough "review trust")). we came to the conclusion that it must be possible to assign a trust value which is only valid in the context of a single client application and does not affect any others. If someone publishes crap in the file sharing that does not prove that he is not able to produce nice messages in Freetalk, and vice versa. Therefore, I will implement per-context trust and score now. I will not wait with the implementation until Freetalk even though Freetalk is important because the per-context trust values change the database model very much and writing code to convert legacy databases is possible but not guaranteed to not have any bad side effects. Having a "finished" database model before deploying stuff is a good idea. Now the question is: Which logic should be used to decide when to ignore an identity, i.e. when to NOT download it anymore and not add the identities which it trusts to the database? Several ideas: - Have a global "trust list trust" as in FMS which is a rating of whether the identity as a whole is trustworthy and should be downloaded, only decide upon the score value there whether to download it or not, ignoring all scores from client apps. - Download it as long as ONE client app has positive score for that identity: Not possible because then someone could create zillions of spam identities to spam the WoT and keep every WoT-plugin downloading them by writing good posts in Freetalk but not adding the Freetalk context to the spam identities so Freetalk users might not notice them. In general, this attack could be used with any other client app where it is easy to gather positive trust. - Download as long as ALL client apps have positive trust: Not possible, the whole goal of per-context trust was to prevent identities from being judged as a whole just by their misbehavior in ONE client app. - Any other ideas by anyone? - Because I do not have any other ideas, I came to the conclusion that it is necessary to have a separate "global" trust context (could be called "TrustList" or "WoT" or whatever) which is used to judge whether an identity should be downloaded or not. This means that each client app will need UI to manage 2 trust values per identity. This sucks in terms of usability and I'd like to prevent it, yet IF we want to prevent it someone must come up with a smart idea for the "download decision". So does anyone has an idea which prevents the need of a "global" trust context? If not, I will implement it with the global context and call it "TrustList". Greetings, xor -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part. URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20090506/cb5621a8/attachment.pgp>
