Can we copy trust?

IanG iang at systemics.com
Tue Jun 3 07:33:26 EDT 2008 

Ed Gerck wrote:
> Bill Frantz wrote:
>> edgerck at nma.com (Ed Gerck) on Monday, June 2, 2008 wrote:
>>
>>> To trust something, you need to receive information from sources 
>>> OTHER than the source you want to trust, and from as many other 
>>> sources as necessary according to the extent of the trust you want. 
>>> With more trust extent, you are more likely to need more independent 
>>> sources of verification.
>>
>> In my real-world experience, this way of gaining trust is only
>> really used for strangers. For people we know, recognition and
>> memory are more compelling ways of trusting.
> 
> Recognition = a channel of information
> memory = a channel of information
> 
> When you look at trust in various contexts, you will still find the need 
> to receive information from sources OTHER than the source you want to 
> trust. You may use these channels under different names, such as memory 
> which is a special type of output that serves as input at a later point 
> in time.


It is useful and efficient to get trust from third parties, 
but not essential, imho.  If you find yourself meeting 
someone for the first time in random circumstances, you can 
get to know them over time, and trust them, fully 2nd 
party-wise.

Trust comes from events of risk and reward, not from 
channels.  It just so happens that the best expressions of 
risk and reward are over independent therefore 3rd party 
channels.


> The distinguishing aspect between information and trust is this: "trust 
> is that which is essential to a communication channel but cannot be 
> transferred from a source to a destination using that channel".


Trust is an expression of something you may rely on.  It has 
risks, liabilities, obligations, etc.  Information does not 
(yet).


> In other 
> words, self-assertions cannot transfer trust. "Trust me" is, actually, a 
> good indication not to trust.


Well.  Actions speak louder than words.  The *act* of a 
third party is to put their own reputation at risk if they 
say "trust this 2nd person."  This works if the two people 
are independent, but not if the two people are dependent (or 
the same).  If they are independent, the costs incur to one 
party and the benefits incur to another party.

So the independent cost of placing the reputation at risk is 
a significant event.  You can rely on someone who will incur 
cost on your behalf.  Saying "trust me" carries no risks 
because the benefits cancel out the risks.


>> We can use this recognition and memory in the online world as well.
>> SSH automatically recognizes previously used hosts. Programs such
>> as the Pet Names Tool <http://www.waterken.com/user/PetnameTool/>
>> recognize public keys used by web sites, and provide us with a
>> human-recognizable name so we can remember our previous
>> interactions with that web site. Once we can securely recognize a
>> site, we can form our own trust decisions, without the necessity of
>> involving third parties.
> 
> Yes, where recognition is the OTHER channel that tells you that the 
> value (given in the original channel) is correct. Just the value by 
> itself is not useful for communicating trust -- you also need something 
> else (eg, a digital sig) to provide the OTHER channel of information.


Attempting to cast trust as a aspect of channels is a 
technological approach, and will lead one astray, just as 
PKI did;  trust is built on acts, of humans, and involves 
parties and events, risks and rewards.  The channels are 
incidental.

You can see this better in the study of negotiation.  It is 
possible using this theory&practice to build trust, or to 
prove that no trust can be achieved.  Negotiation is 
primarily a paradigm of two parties.

(Economists will recognise it as game theory, prisoner's 
dilemma, perhaps agent-principal theory, etc.)

Your comment that someone who says "trust me" is in fact 
signalling that they cannot be trusted ... is more clearly 
explained in negotiation.  Often, someone will state up 
front that they want to find the win-win;  which is a signal 
that they are in the win-lose, because real win-win is about 
actions not words, and words in this case would lead to a 
false sense of security.



iang

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list