[foaf-dev] FOAF-based whitelisting project

Kjetil Kjernsmo kjetil at kjernsmo.net
Wed Mar 14 07:24:39 UTC 2007 

On Tuesday 13 March 2007 00:55, Tom Heath wrote:

> > Yes, but how do you relate a 0-1 score with a foaf:knows that has
> > no value in it?  Do we have some setting that equate foaf:knows to
> > 0.8 trust and foaf:interest to 0.4 and foaf:spouseOf to 0.9 (as
> > examples)?
>
> I'm sure Kjetil will correct me if I'm wrong (quite possible ;), but
> my understanding was that the trust metric(s) would be based on
> network distance - the further away in the network, the lower the
> score. 

Yup! That's the idea. I suspect that someone has a better idea than me 
how much the value will decline for every hop, and if there are 
multiple paths, that'd be good. 

However, among the things that are out there is the Relationship 
vocabulary: http://vocab.org/relationship/
I think it makes sense to support it somehow, if not for v1, so for 
v1.1. All relationships there are defined as rdfs:subPropertyOf 
foaf:knows. Thus, a simple RDFS reasoner could do the job, but since 
the semantics of some of the properties clearly implies different 
levels of trust, I think it makes sense to grab some numbers out of 
thin air and use them to compute the trust metric. 

Again, ideally, grabbing numbers out of thin air, based on properties 
that has a dubious connection with trust is evil, but then, we have a 
very narrow goal here, just letting legitimate email through more 
easily.


> So, someone three foaf:knows away may have a score of 0.2 (or 
> whatever), whereas someone I foaf:know could be 0.9 by default. I'm
> very dubious about the value of refining/defining relationships at a
> more fine-grained level, as apart from something like a family
> history application where the nature of the relationship is *the*
> most important feature, it's not actually clear what we'd do with the
> information. 

Well, if it hadn't been done allready, and been in use, I would probably 
not take it as seriously, but given that it is, just a modifier to the 
decline by hops is fine.

> I envisage something very simple whereby the system uses a common
> heuristic to compute the trust metrics, but that users set the trust
> threshold that the senders of incoming messages must exceed if their
> messages are to be delivered. This threshold setting could be done in
> terms of 0-1, or in terms of hops in the network, depending on which
> is most usable, and what metrics are developed in the end. Kjetil or
> others might well have more to add.

Actually, I will personally not DENY messages based on this. Rather, 
high trust metrics will make it pass through the SMTP server untouched 
by spam filters. Lower trust metrics will cause it to be subject to 
computationally cheap spam scanning, if little or nothing is known 
about the origin, I may subject the message to very intensive spam 
scanning, including optical character recognition in images, etc. 

But these will be configuration options. I've got that part implemented 
allready! :-)


Cheers,

Kjetil
-- 
Kjetil Kjernsmo
Programmer / Astrophysicist / Ski-orienteer / Orienteer / Mountaineer
kjetil at kjernsmo.net
Homepage: http://www.kjetil.kjernsmo.net/     OpenPGP KeyID: 6A6A0BBC

More information about the foaf-dev mailing list