[OpenID] Trust + Security @ OpenID

Martin Paljak martin at paljak.pri.ee
Mon Jul 16 08:28:17 UTC 2007


On 16.07.2007, at 9:15, tom calthrop wrote:
> We will soon have two products; a personal OP with social networking
> functionality and our current group collaboration tool (called
> AROUNDMe). It will be possible for only people who have been  
> vouched for
> to enter an AROUNDMe collaborative space. So we authenticate person A,
> then lookup from person B that they confirm trust with person A.
>
> One could argue that this is crackable (person A and person B are both
> from http://spam.com) however we like this model because it follows a
> de-centralized approach. One possible approach to this is adding  
> person
> B to a verification blacklist if it is found that person B verifies  
> for
> spam ID's

As the subject of the thread talks about trust and social networks  
etc I believe it is a really interesting as well as educating video  
to watch:

http://video.google.com/videoplay?docid=-5092930485716426869

Title: Open Source Developers @ Google Speaker Series: Lessons From  
Advogato

"... Thus, the main lesson is that trust metrics do work, but they  
need to be applied with care ..."

-- 
Martin Paljak
http://martin.paljak.pri.ee





More information about the general mailing list