On 5/14/22 13:14, John Levine wrote:
* Anyone with an introduction from someone I have authorized to give introductionsThat's exactly web of trust, and we have seen why that doesn't scale, because your contacts' preferences aren't yours. ("Gee, he seemed so nice and it would have been rude to refuse.")
Actually it's not quite the same as web of trust in the PGP
sense. People routinely understand that just because Alice and
Bob know each other does not mean that either Alice or Bob should
disclose the other's contact information to a third party without
the other's permission, or at least without a very finely tuned
sense of the other's boundaries. If one of them does disclose the
other's contact information, that's a betrayal of trust that has
consequences, especially if done too many times. Introductions of
this kind have been used for centuries at least. I don't see a
scaling problem with this idea unless you somehow expect that all
legitimate sending of messages between strangers should require
prior introductions.
PHB's proposal adds a layer to that which is Alice must be authorized by Bob to introduce Bob to someone else. Presumably that authorization can be withdrawn by Bob at any time should Alice betray that trust, or should Alice and Bob become more distant.
PGP's web of trust wasn't trying to solve the same problem at all. Among the many problems with PGP's web of trust was that the kind of trust needed to certify strangers' credentials to one another simply isn't transitive. But I don't see how PHB is trying to make his introductions transitive.
Keith
