Pages:
Author

Topic: One strike web of trust, where a verified personal photo is your ID? (Read 3301 times)

legendary
Activity: 4690
Merit: 1276

It depends a bit on what role I was planning to play in an economy.

I would be (and am) quite sensitive indeed about my identity, and especially facial recognition generally.  Although I am a non-violent person, I only half-jokingly told my co-workers that one of the few things which would induce me to beat someone up would be if they pinned my name to one of the FaceBook 'who is this' queries which I had heard were floating around.  This is not to say that I would flat out not participate, but I would be naturally quite leery.

If I were in a position where I was responsible for dealing with value on behalf of a group of others, now we have a very different scenario.  Not only do I think it would be appropriate to put my face up, but various other details besides in most situations.  Part of this is simply practical...I wouldn't trust a business who's principles wish to remain anonymous unless they had a very obvious and compelling reason to do so.  Even then, it would be not so much a 'trust' thing but more of a gamble thing.

---

As an alternate way to deal with some of the issues which you seem to be thinking about...

I've always thought that there was some role for 'bonds' in securing confidence.  Maybe I keep a bond floating which covers my day-to-day transactions.  If I want to do an unusually large transaction, I might increase my bond on a temporary basis.  This would allow me complete anonymity (excepting perhaps from my bond insurer) no matter what role I played and a counter-party should not care less who I was since they have protection.

full member
Activity: 157
Merit: 100
a blueprint for a free peaceful society with some private mandatory and consistent rules without rulers (i.e. anarchy).

In an anarchy, the group of people that can weild the most force will end up ruling, i.e. will form a government. So you could say that we already live in an anarchy. Just one that has progressed past the violent part.
hero member
Activity: 784
Merit: 1010
Bitcoin Mayor of Las Vegas
Now I
Hazek, how about this:


Now I'm starting to show some interest. I like this.
donator
Activity: 826
Merit: 1060
Hazek, how about this:

A. The private club has a membership fee, and a code of conduct. Send X bitcoins to the club's address to join.

B. Whenever you want to deal with other members under the terms of this code of conduct, use your Bitcoin client to sign a contract (or other document) with the key that was used to pay your membership fee.

C. If there's a dispute, the club adjudicates it. That's what the membership fee is used for. The adjudication process takes account of the club's "code of conduct", and issues a ruling which may include a requirement to make good a failing in a certain way.

D. If a ruling is not carried out, the member is in breach of the code of conduct and can be expelled from the club.

E. An expelled member can apply again by paying a new membership fee. There's no way around this, but they start again from zero reputation, and it gets expensive if they do this too often.

F. Perhaps the members can even choose their own membership fee, since it acts a bit like a security bond. If someone wants to show that they can be trusted, they pay a large membership fee so that others can see that they have a lot to lose if they break the code of conduct.
donator
Activity: 826
Merit: 1060
The private organization in b) is kind of like a one strike web of trust, where a verified personal photo is your ID.
I like your concept, but I can't think of a reliable way to do it with photo ID.

Regarding the OTC web of trust: It's interesting, and it is built on sound principles, but has two drawbacks:

(1) GPG signing is not yet easy enough for everyone and their grandparents to do it.

(2) There's no limit to the creation of new OTC-WOT identities.

For your proposed club, limitation (1) would not be a show-stopper because we are a bunch of geeks. As the usage of Bitcoin broadens, hopefully the use of GPG by Joe Average will become easier too.

I think you also have to accept limitation (2), simply because there's no robust way around this limitation. I think there's a lot that could be done within this limitation - for example someone might start an escrow service where the WOT ID with shortest history has their side of the transaction held in escrow.
legendary
Activity: 1078
Merit: 1003
What would you do with identical tweens, provided that one of them went rogue?

Good question. The solution is probably a live video chat with the twins or real life meeting with them to ensure they actually exist and grant them their spot on the list. If after that they abuse each other's membership ID and get each other removed, they'll only be able to do so once and it's not much that can be done about it I don't think (at least not off the top of my head right now).

Also fake mustaches and wig might be hard to recognize in a video chat.

Just check out The Juice Media | Rap News (http://thejuicemedia.com/) it's all one guy most of the time!
By the way they accept donations in Bitcoin Smiley

Video chat will require some tests to prove it's live real time and perhaps some touching, tugging and pulling of their face to ensure it's not a mask.. Someone like that would need to have his mask on every single time they wanted to use their membership ID in a transaction.. plus I think facial recognition doesn't get fooled by a simple fake mustache and the rap news guy's mask are very obvious.
legendary
Activity: 1078
Merit: 1003
Also, what would prevent a scammer from paying someone to do the video verify and then use that account in some elaborate, long con?

First: anyone could only once scam someone if they didn't care being on the list
Second: it's your responsibility when dealing with someone and receiving their membership ID and being able to see their photo to verify it again for yourself

The initial verification is only for preventing fake photos being used and preventing a new signup by the same person. Preventing someone using a members ID in an identity theft is done by an on the go individual verification.

So say you as a member want to do business with B, you don't know B, B tells you his also a member of this organization's list of members bound to certain rules, he gives you his ID, you give him yours, you each other either meet in RL or meet in a live video chat to make sure the photos match, boom, now you know you both have agreed to the same rules for which you, because you are still both on the list, you are able to know neither of you has broken yet towards any other member. The list will also show for how long someone is being on it..

Of course if you have only 5 people on the list this is pointless, but imagine if you have a huge community of people on it and you as an outsider can't do business with any of them if you aren't on the list, then it becomes much more significant and you will have a huge incentive to stay on the list if you wanted to continue to do business with that community.
hero member
Activity: 784
Merit: 1010
Bitcoin Mayor of Las Vegas
Also, what would prevent a scammer from paying someone to do the video verify and then use that account in some elaborate, long con?
hero member
Activity: 496
Merit: 500
What would you do with identical tweens, provided that one of them went rogue?
Also fake mustaches and wig might be hard to recognize in a video chat.

Just check out The Juice Media | Rap News (http://thejuicemedia.com/) it's all one guy most of the time!
By the way they accept donations in Bitcoin Smiley
legendary
Activity: 1078
Merit: 1003
It would be too easy for a scammer to use a fake photo.

It wouldn't, all photos would need to be verified by either meeting in real life or through live video chat by another member at the threat of getting it wrong meaning the member who verified it would also get removed in case it turned out it was a fake photo. Under this scheme I can't imagine a scenario where someone could get a photo through that wasn't theirs.

bitcoin-otc has two problems. You can create as many "accounts" as you want without getting linked and you aren't bound by any rules when you create an account, all it shows is that in the past you honored your contracts deals. My idea is potentially not just for internet Bitcoin transactions but perhaps also a blueprint for a free peaceful society with some private mandatory and consistent rules without rulers (i.e. anarchy).
full member
Activity: 157
Merit: 100
I don't believe this would serve any purpose as described. It would be too easy for a scammer to use a fake photo.

Also, the bitcoin-otc web of trust seems to have already solved this problem as well as it need to be solved right now.

That said, just to go along with the brainstorming and possibly find a better use for the idea...

The bitcoin-otc WoT could in theory include entries such as "I met X in person and here is a link to his/her picture," or really any kind of information.

You could also have several bitcoin-otc users verify that user X claims a certain picture/set of pictures, which could be useful for establishing real identity if needed in a future in-person interaction.

Claiming a picture could also be useful for providing evidence to link a person to an earlier account if they've lost their private key. For example, a widely trusted user could leave the comment "user Y claims to be user X but to have lost his private key for X. I met user Y in person and verified that he looks identical to the photos claimed previously by User X. Thus, it is somewhat safe to assume that Y is X."
Vod
legendary
Activity: 3668
Merit: 3010
Licking my boob since 1970
I don't want to know someone's identity, I just want a list of people who say they'll obey specific rules, a list that they'll get removed off of if they don't and a list they cannot ever rejoin, that's all.

That's what this forum is.

Can people please stop posting thoughtless comments, it's really annoying.

That's funny.  You think because you have an asshole disclaimer in your signature you can be as thoughtless as you want?  Hope you understand your troll comment (and the responses such a comment brings) is just as much of a distraction as my one liner.   Wink
legendary
Activity: 1078
Merit: 1003
I don't want to know someone's identity, I just want a list of people who say they'll obey specific rules, a list that they'll get removed off of if they don't and a list they cannot ever rejoin, that's all.

That's what this forum is.

Can people please stop posting thoughtless comments, it's really annoying.
Vod
legendary
Activity: 3668
Merit: 3010
Licking my boob since 1970
I don't want to know someone's identity, I just want a list of people who say they'll obey specific rules, a list that they'll get removed off of if they don't and a list they cannot ever rejoin, that's all.

That's what this forum is.
legendary
Activity: 2506
Merit: 1010
The same functionality can be had with current PGP-based trust-rings, just have someone sign their photo file.

This was discussed here as well:

Quote
Why not use key signatures?

A couple of reasons. First, currently the key signatures are used as an indicator that you have verified the other key's identity, building the "pgp web of trust" which is about verifying real life id, rather than being any kind of indicator of trustworthiness. Trying to glom on a trading-trust web into an existing web that's about something completely different would be problematic at best.
Further, key signatures do not provide the flexibility afforded by the design of the contracts system.

 - http://privwiki.dreamhosters.com/wiki/Distributed_Web_of_Trust_Proposal_2#Why_not_use_key_signatures.3F
legendary
Activity: 1078
Merit: 1003
Already exists, no need to reinvent the wheel. See the thing in action here: http://www.startssl.org/?app=11

Notaries verify each other in person with a photo ID. Rogue users risk their certificates being revoked.

Oh wow, thanks for showing me this! EDIT: Although after a quick glance it's not exactly what I had in mind I don't think.

I now completely understand what this is and it's not at all what I had in mind. I don't want to know someone's identity, I just want a list of people who say they'll obey specific rules, a list that they'll get removed off of if they don't and a list they cannot ever rejoin, that's all.
legendary
Activity: 1078
Merit: 1003
The reason I was thinking of using photos is because I want to absolutely prevent someone from ever getting back on the list by creating a new account and it's the only feature of our bodies I know of that can be used for this purpose cheaply and without the need of a device other than your eyes when confirming the identity. Remember this organization would only request your photo, nothing else, no name, no address, no age, nothing, just the photo.
donator
Activity: 2772
Merit: 1019
a) no, that's not anonymous. a photo can be linked to the person.

b) I might be willing to participate depending on what these rules are going to be and how they are subject to change.

It's pretty clear that the photos would probably leak, since they are accessible for members, right? Depending on the conspiracy theories evolving around your private club, people would search the net up and down to identify the members... better not be up to something bad, otherwise the guillotine might be waiting in the end Wink
legendary
Activity: 1078
Merit: 1003
Already exists, no need to reinvent the wheel. See the thing in action here: http://www.startssl.org/?app=11

Notaries verify each other in person with a photo ID. Rogue users risk their certificates being revoked.

Oh wow, thanks for showing me this! EDIT: Although after a quick glance it's not exactly what I had in mind I don't think.
legendary
Activity: 1078
Merit: 1003
Every photo would be manually verified through either real life contact or video chat and yes, the plan would be to use facial recognition of say face.com to prevent someone who broke the rules from singing up with a new account.

And the idea isn't to trust someone because you've seen their photo, the idea is that you trust someone because being able to see their photo on a specific list of a specific organisation means they are following specific rules.
Pages:
Jump to: