[cap-talk] Define petname

Ian G iang at systemics.com
Wed Feb 23 12:10:39 EST 2005 

Tyler Close wrote:

>
> We have a fundamental disagreement over what a petname is.
>
> A petname is a mnemonic for a trust relationship. A petname is *not* a 
> mnemonic for an entity.


Well!  And there was I thinking a petname was a
local and private name for a local and private
resource.

Could you define relationship, and define trust?

I for one generally try and eliminate trust from
serious conversations as it quickly slips into a
definition of "what I want it to mean" which then
means we've moved over to selling, not building.

People build these things, and if we do not know
what a thing is, this will slow us down.  I think as
a practical issue, a petname can only name a
local resource, and that resource may hopefully
raise relationship information in the human's
mind, but there is a difference.  This is more or
less the point that Nick brought out.

> When the user is deciding how to evaluate information or actions 
> presented by a web page, only the trust relationship is relevant. In 
> fact, the user should actively ignore the site's identity. The key 
> question is whether or not the user has built up enough trust to 
> authorize the site's use of a given personal detail.
>
> The situation is analogous to the way a capability OS implements 
> access control. When deciding whether or not to grant a request, a 
> capability OS does not consider the identity of the requestor, only 
> whether or not the requestor possesses the required capabilities. 
> Similarly, when deciding how to react to a web page, the user should 
> not consider the identity of the website, only whether or not the 
> trust relationship warrants the action. Think of a trust relationship 
> as being like a C-list. A petname refers to a trust relationship in 
> the user's brain in the same way as a pointer refers to a C-list in 
> the kernel's RAM.


Well, maybe.  We want the petname to refer to that
relationship, but we cannot guaruntee that it does.
About all we can do is guaruntee that a petname
refers to a key, and a key has been used before.
And even that is challengable at the margin.

> The goal of the petname toolbar is to get the user to start thinking 
> about his trust relationships and making effective use of them. To 
> this end, we want the user to tell the browser about his trust 
> relationships, so that the browser can remind the user about them as 
> appropriate. For these reminders to be most effective, untrusted sites 
> must not have an associated petname. The absence of a petname makes it 
> clear that there is no trust between the user and the website.


I don't see why the user can't type in "dodgy porn site"
as the petname?  This is the essence of relationship;
she has worked something out about that site in the
past, and may decide she's seen it a few times and wants
to set that 'trust' in negative form as well as positive form.

> I made this point to you when reviewing your article, but you never 
> responded and it seems the point didn't fully stick. Petnames are not 
> about naming websites. Petnames are about remembering and applying 
> trust relationships.


Well, we all need to go back to class and learn again.
AFAICS, the system I'm working on now uses petnames,
and they are not totally for the purpose of trust.

Can we get an objective definition of petname, one that
does not use the word 'trust', which lacks objectivity?

iang

-- 
News and views on what matters in finance+crypto:
        http://financialcryptography.com/

More information about the cap-talk mailing list