Can we copy trust?

mheyman at gmail.com mheyman at gmail.com
Tue Jun 3 08:42:33 EDT 2008 

On Mon, Jun 2, 2008 at 12:37 PM, Ed Gerck <edgerck at nma.com> wrote:
> In the essay "Better Than Free", Kevin Kelly debates which concepts hold
> value online, and how to monetize those values. See
> www.kk.org/thetechnium/archives/2008/01/better_than_fre.php
>
> Kelly's point can be very useful: *When copies are free, you need to sell
> things which can not be copied.*
>
> The problem that I see and present to this list is when he discusses
> qualities that can't be copied and considers "trust" as something that
> cannot be copied.
>
Kelly says trust cannot be copied at the top of his missive then
doesn't list it as one of the eight "generatives" (I may be missing
something but I think "generative" is the wrong word for something
that cannot be copied but Kelly makes up his own definition for
"generative" as something generated uniquely in place).
>
> Well, in the digital economy we had to learn how to copy trust and we did.
> For example, SSL would not work if trust could not be copied.
>
After this list has destroyed the as implemented SSL model of trust
over and over again, I'd be wary of claiming that SSL allows trust to
be copied.

Even so, SSL doesn't really copy trust, it works by only trusting the
root. You don't have to trust the target site's self assertions about
its own identity because you trust the root to only validate for sites
that are what they claim to be.

On Mon, Jun 2, 2008 at 3:29 PM, Ed Gerck <edgerck at nma.com> wrote:
>
> A copy is something identical. So, in fact you can copy that server cert to
> another server that has the same domain (load balancing), and it will work.
> Web admins do it all the time. The user will not notice any difference in
> how the SSL will work.
>
Copying server certificates isn't copying trust either. In this case
all servers with the same certificate are the same entity - at least
to whatever needs to trust it.

This whole thing with SSL and certificates is a red herring when it
comes to copying trust.

When I trust a site, that site doesn't have the trust, I do. To copy
that trust, albeit with low fidelity, I merely have to communicate
that trust to some other person.

There are sites on the net that allow me to communicate my trust to
others. eBay is probably making the most money at it with their seller
reputation system. Sellers with a better reputation will attract more
business and sell quicker and at higher prices. eBay makes more money
when more product moves at higher prices but it cannot inflate
seller's reputations because that would instantly be recognized by
buyers and eBay would become a pariah and some other site would take
over. Other sites like Amazon, Bizrate, and Angie's List provide
similar trust distribution services with different underlying business
models.

This is a trust model that appears to work. If a eBayish/Verisigny
company did an OCSP-like service that returned a current eBay-like
"reputation" number for the trustworthiness of the site in question, I
don't think we would need band aids like PetNames or even a
hierarchical PKI. Sites could just use self-signed certificates with a
field pointing to their reputation responder. Instead of trusted root
certificates, browsers could have trusted reputation responder
certificates. Microsoft would charge reputation responders to include
their certificates, reputation responders would charge companies to
maintain their reputations, everybody would make money. When a
reputation responder goes bad, slashdot would have fun, Microsoft
would pull their cert, there will be some vulnerable users that don't
ever get updated responder certificate lists, and the entities that
had trust housed at the bad responder will have to generate new certs
and rebuild their reputation elsewhere.

This, of course, doesn't have a chance of occuring because SSL works
good enough and people will ignore the bad reputation warnings just
like they ignore SSL warnings now.

-Michael Heyman

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list