[foaf-dev] FOAF-based whitelisting project
kjetil at kjernsmo.net
Mon Mar 12 20:23:28 UTC 2007
On Monday 12 March 2007 04:49, Dave Brondsema wrote:
> foaf:knows does not have the semantics of "trusts".
Well, that's true, but pragmatically, the fact that spammers tend to use
random addresses, and that most people would realistically say that
they know people whom they also trust to some extent means that for
now, it is useful.
> Yes, there are a
> LOT of foaf:knows relationships that we need to take advantage of,
> but we can't assume that it means they trust somebody (and on what
> topic?). Konfidi uses separate trust relationships to denote this
> (and to allow for trust topics and numerical trust values).
Yes, I know konfidi is superior in this respect. However, I have a
requirement for this project that is that the system must be usable
with the data that is allready out there. I think that is absolutely
critical for the project's success, and the fact that I trust my
climbing buddy with my life while climbing doesn't prompt me to give
him my root password, doesn't change the situation, that foaf:knows is
most likely quite sufficient as a relationship for at least a few
months, possibly much longer.
> Then, we can have a way for individuals to say "all my foaf:knows (or
> foaf:interest) statements at http://foo.com/bar are to be interpreted
> as trust relationships on topic X at value Y". We could also
> consider allowing system-wide default interpretations of foaf:knows,
> but that should not be the preferred way to declare trust, since
> that's not what it means.
Ideally, yes, but I think that the subset of the people who would
declare their trust explicit is so small, it won't reach critical mass.
foaf:knows will have to do, but if possible, we should reward people
wishing to make clearer statements.
> "supernodes"? See my earlier email about hierarchical vs. peer
I refer to natural supernodes, not artificial supernodes, like a CA. I
too think that peer trust is superior, and that trust values should be
computed as seen from the recipient. Natural supernodes are people who
are known (and trusted) by a large number of people.
> How about accepting triples asserting relationships from anyone, iff
> they are the truster in the relationship. E.g. I provide a triple
> saying http://brondsema.net/dave# trusts http://example.bar/baz, and
> the http://brondsema.net/dave# foaf:person is identified by a PGP
> fingerprint or a OpenID, then I must PGP-sign my document or provide
> it to a trust server after authenticating with OpenID.
Drop an 'f' from the iff, and I'm with you! :-) I think that we can
reasonably accept data from sites like my.opera.com and LiveJournal (in
fact, I think we have to, to reach critical mass) without requiring a
signature, however, it could be a method to allow data from smaller
providers into the graph.
Programmer / Astrophysicist / Ski-orienteer / Orienteer / Mountaineer
kjetil at kjernsmo.net
Homepage: http://www.kjetil.kjernsmo.net/ OpenPGP KeyID: 6A6A0BBC
More information about the foaf-dev