Changes between Initial Version and Version 1 of Ticket #18361, comment 104


Ignore:
Timestamp:
Feb 23, 2016, 9:44:44 PM (4 years ago)
Author:
ford
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #18361, comment 104

    initial v1  
    1212
    1313- Anonymous credentials that can attest with even higher certainty that they represent "one and only one real person", e.g., credentials derived from pseudonyms distributed at physical pseudonym parties (see [http]//bford.info/pub/net/sybil.pdf and [http]//bford.github.io/2015/10/07/names.html).  No one would be "required" to participate in such a system, but those that do might be able to get an even bigger pile or faster flow of tokens on the basis of demonstrating with higher certainty that they're one and only one real person.  Further, this seems like ultimately the only kind of basis that might provide a legitimate "democratic foundation": e.g., a basis that would allow Tor to hold online polls or votes and be reasonably certain that each real human got one and only one vote.
    14  
     14
    1515- Anonymous credentials based on reputation scores that users exhibiting "good/civil behavior" can build up over time.  Basically, use a "carrot" approach rather than the "stick" approach that blacklistable credentials tend to represent.  We're also starting to explore ideas in this space; see our upcoming NSDI paper on AnonRep ([http]//dedis.cs.yale.edu/dissent/papers/anonrep-abs).
    1616
    1717At any rate, the problem is definitely not at all simple; we need to start with baby steps (e.g., the CF+Google looping bug, then maybe a simple CAPTCHA-based credential scheme).  But in the longer term we need an architecture flexible enough to deal with abuse while allowing well-behaved users to demonstrate as such in multiple different ways based on multiple different trust foundations.
    1818
    19 P.S. To underscore the problem, I had to rewrite parts of this post twice already, because of trac.torproject.org deciding it looks like spam and rejecting it.  Pot, meet kettle.
     19P.S. To underscore the problem, I had to rewrite parts of this post twice already, because of trac.torproject.org deciding it looks like spam and rejecting it - and making me solve CAPTCHAs to prove otherwise.  Pot, meet kettle.