Sunday, April 01, 2007

rfi User-Centric Identity and Reputation


What's the intersection of user-centric identity and reputation? I've been reading Phil Windley's many great blog postings on the topic of reputation. I've also doubled back and read my own past musings on the topic (a year-plus ago...). I was commenting on some reputation proposals by Marco Barulli and Giulio Cesare Solaroli. Still processing.....

Taken to a logical extreme, wouldn't user-centric identity require some concept of "self-asserted reputation"? But isn't that, on the face of it, absurd and conceited? Sounds like someone walking around shouting "trust me" and "I'm the best" and so forth. Of course, it's not totally outside the pale. This is what we pay agents (ie., PR and marketing) to do for us: stoke up a wished-for reputation by vouching for our magnificence.

Reputation lacks assurance if it doesn't seem to spring organically from collective evaluation, by others, of our character, deeds, trustworthiness, and so forth. In other words, it must (at least appear to) be "other-asserted." It's not "trust me" but "trust them" (with "them" being others who seem to know whereof they speak, and aren't in fact our surreptitiously paid spokespersons).

But here's the rub: the "unreliable narrator." If I'm a relying party (RP) who wants to know if you can be trusted, I can't necessarily ask you your opinion (each of us is assumed to be the most unreliable narrator/voucher of our own life story, since we have every vested interest in distorting it to our advantage). And I can't necessarily trust others either, unless I have some special access to their heads, hearts, backgrounds, personal agendas, and relationship to you. They--IdPs, attribute authorities, reputation authorities, circles of reputational trust, or what have you--are also unreliable vouchers of our trustworthiness until they can prove otherwise.

That latter concern--who you trust to tell your life story--is what motivated this prior post:
  • "Reputation feels anti-governance, hence unfair. It feels oppressive. It’s the collective mass of received opinion, good and ill, weighing down on a particular identity. It feels like a court where the judge, jury, prosecuting attorney, jailer, and lord high executioner are phantoms, never showing their faces, but making their collective force felt at every turn. It feels like outer appearances, not inner character, ruling our lives."
Earlier in this thread I asserted that, in user-centric identity systems, the user is the sovereign of their identity, having total control over which of their identities, credentials, and attributes are disclosed to which relying parties. But where reputation is concerned, I would switch that focus around 180 degrees. Reputation is never user-centric; rather, it's always RP-centric. The RP can factor any, all , or no third-party assertions (from yourself, peers, reputation authorities, etc.) into their decision to transact or not transact with you.

So, in reputational systems, the RP, not the user, is sovereign. Actually, I came pretty close to arguing that point in those words a year or so ago, per this excerpt:

"Reputation isn’t an identity, credential, permission, or role. It isn’t exactly an attribute, in the same sense that, say, your birth date or hair color are attributes. And it isn’t something you claim any privacy protection over—it’s the exact opposite: the court of public opinion over which you have no sovereignty and little direct control.

In the identity management context, reputation is more of an assurance or trust level—an evaluation of the extent to which someone is worthwhile to know and associate with.

Reputation is relying parties’ evaluation of our reliability, of their liabilities, and of the degree to which associating with us makes them ill at ease.

Relying parties —- the ultimate policy decision and enforcement points in any interaction —- need many levels of assurance if they’re going to do business with us. They gather assertions and data from many “authorities” (authentication authorities, attribute authorities, etc.) before rendering their evaluations and opening their kimonos."

Again with the kimonos. I have to find new metaphors. Anyway, I was thinking about the notion of reputation springing up organically in user-centric identity systems through negotiations between sovereign entities: user and relying party (forget about intermediaries such as authentication and attribute authorities--they're not necessary in the pure model). What's the mutuality-enabling "conversation model" (to borrow a phrase from the Ping paper) in which reciprocal reputational assurance can emerge in a world without "other-asserted" reputation? Windley had a really good statement on the stakes of reputation:
  • "To have social value, reputation has to be the basis of trust in the society and there has to be reciprocity. Reputation is a measure of an entity’s past actions and factual attributes. Trust is an expectation of future behavior. Reciprocity is the idea that 'good' actions will be met by society with positive results and 'bad' actions with negative results....To really function, social systems have to have reputation, trust, and reciprocity baked in. Without it, there’s no real social contract and no real society."
So what's the conversational model for reputational assurance in a non-intermediated, negotiated dual-sovereign system (user and RP)? It's fairly close to Hobbes' "state of nature." In that case there's no "society," no "social contract," and no third-party "vouching," just interacting parties transacting for their mutual benefit, and abrogating at the risk of mutually assured destruction.

The conversation model is terse and to the point: a shuffle of sharp words, done deeds, and big sticks.