Re: Global PKI on DNS?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





Alex Audu wrote:

> Ed,
>
> You made some interesting points which leads me to wonder if
> we can define Trust in such a way that its parameters are verifiable,
> then we can verify that it is transitive. In other words, if Jon gets
> a dollar from Mike, and Jon can verify the parameters of the dollar,
> then Jon doesn't care about the "trustworthyness" of  Mike's source.
> Or should he?

Alex:

We can define trust in many different ways and we can surely
define it in a way that it is 100% transitive. The real question,
however, is how should we define trust such that: (1) it corresponds
to the concept of trust that we humans have developed/learned in
thousands of years of history and commerce; and (2) it makes sense
in terms of a communication protocol that is executed by machines
and exchanges data with humans.

In other words, trust is a word that is commonly applied to many
situations and consequently has many shades of meaning. My work
focuses on one precise set of coherent meanings: the concept of
trust in the context of communication. More specifically, in the
context of the engineering problem of Internet communications. At
the same time, I believe that trust is needed in this context.  We cannot
just wave it off, or reduce it to authorization.  If we do that, we end up
where we are right now ;-)

In the way I see it applied to solve the engineering problem of Internet
communications[ 1, 2], trust is  considered something essentially
communicable, but with specific rules for its communication. The induction
(communication) of trust in heterogeneous environments, from human
to machine, machine to  machine, and machine to human, needs also
to be considered.

This also serves to bring together many different threads that are
discussed on and off-line, regularly. All the talk about the Net being
edge controlled needs to be revised in some new framework. In short,
the Internet does not really have a center or edges. It only has
connection points, each of which can be connected to any other such
connection point for the purpose of packet exchange. One reason that
the Internet does not have an edge is that at any termination
connector, it is possible to extend the Net beyond that point by
relaying packets, or by relaying messages, via dial-up modem, FAX or
channels.

Finally, let me address the last part of  your question. Why can't trust be
something I hand over to someone, and that someone can hand over again
to someone else?  Because that is not how we learned to use trust -- i.e., that
is not what we understand by trust in our social/economic behavior. Trust
is earned. Trust is  the result of a "slow" interaction, of a step-by-step build
up, with multiple channels of information.  The idea is that when trust develops
between machines, or machines and humans, we should essentially have
the same model as when trust develops  between humans. In short,  if we want
"trust"  to be a bridge between these worlds, we need a common model.

Cheers,
Ed Gerck

[1] "Trust as Qualified Reliance on Information", published in The Cook Report
on Internet, January 2002 (copy available upon request).

[2] (draft paper)  http://www.mcg.org.br/trustdef.htm



[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]