Re: Digital Press Passes and Decentralized Public Key Infrastructures from Annette Greiner on 2021-07-23 (public-credentials@w3.org from July 2021)

From: Annette Greiner <amgreiner@lbl.gov>
Date: Fri, 23 Jul 2021 16:47:37 -0700
To: Scott Yates <scott@journallist.net>
Cc: Adam Sobieski <adamsobieski@hotmail.com>, "public-credibility@w3.org" <public-credibility@w3.org>, "public-credentials@w3.org" <public-credentials@w3.org>
Message-Id: <9DB60517-31CD-433C-92A7-6C8F0391F897@lbl.gov>

Scott,
Has there been any discussion with browser makers or others about browsers possibly surfacing this data in their UIs? I could imagine browsers having a control that lists the belongs-to claims that a site makes and indicates whether they are verified by the corresponding domains. I don’t want to specify the UI too much, but it could be something similar to the typical lock icon in most browsers now. So the browser makers or platforms wouldn’t have to decide anything about who to trust; they would just surface the claims and whether they are verified, so that the user can evaluate based on their own context of use.
-Annette

> On Jul 19, 2021, at 2:47 PM, Scott Yates <scott@journallist.net> wrote:
> 
> Adam, (and friends),
> 
> I looked really hard at a PKI solution for a long time, and the downsides were insurmountable.. 
> 
> Probably the biggest problem that you can't get around is: Who decides who is in and who is out?
> 
> After beating my head against the wall for a couple of years, I came up with trust.txt. It's a text file in the tradition of robots.txt and ads.txt. In that file, press associations list their members, and members list their associations.
> 
> For example, the Texas Press Association's file is here: https://www.texaspress.com/trust.txt <https://www.texaspress.com/trust.txt> and the file for a small weekly paper in Hays has its file here: https://haysfreepress.com/trust.txt <https://haysfreepress.com/trust.txt> 
> 
> With those, anyone can build a crawler and an algo to get confirmation about who belongs to whom.
> 
> No one body has to decide who is "press" and who is not. Groups on their own decide who is a member, and it's up to the platforms to interpret the signal and decide that the Hays Free Press is just a bit more trustworthy because they at least know that it belongs to the TPA. 
> 
> I'm now rolling this out to press and broadcasting associations in the U.S., and hope to go international starting in the fall.
> 
> After studying it for a long long time, I think this is as close as we can get to a "digital press pass" that is consistent with the First Amendment and an open, decentralized web.
> 
> -Scott Yates
> Founder
> JournalList.net <http://journallist.net/>, caretaker of the trust.txt framework
> 202-742-6842
> Short Video Explanation of trust.txt <https://youtu.be/lunOBapQxpU>
> 
> 
> On Mon, Jul 19, 2021 at 3:23 PM Adam Sobieski <adamsobieski@hotmail..com <mailto:adamsobieski@hotmail.com>> wrote:
> Credible Web Community Group,
> 
> Credentials Community Group,
> 
>  
> 
> I would like to broach the topic of “digital press passes” towards a more credible web.
> 
>  
> 
> As envisioned, “digital press passes” could be provided to organizations and individuals utilizing decentralized public key infrastructure.
> 
>  
> 
> Webpages could include URLs to their “digital press passes” in link elements (<link rel="press-pass" href="…" />). This information could also be encoded in documents in a manner interoperable with Web schema. News content could be digitally signed by one or more “digital press passes”.
> 
>  
> 
> Upsides include: (1) end-users and services could configure which certificate authorities that they desired to recognize, (2) end-users could visually see, in their Web browsers, whether displayed content was from a source with a valid “digital press pass”, (3) news aggregation sites could distinguish content digitally signed by “digital press passes”, (4) social media websites could visually adorn and prioritize shared content which is digitally signed by “digital press passes”, (5) entry for new news organizations and recognition as such by existing services would be simplified, e.g., a new newspaper organization, the new news organization would need to obtain a “digital press pass” from a certificate authority.
> 
>  
> 
> Downsides include: impact on citizen journalism, where users other than journalists desire to publish or distribute news content.
> 
>  
> 
> Have these ideas been considered before? Any thoughts on these ideas?
> 
>  
> 
>  
> 
> Best regards,
> 
> Adam Sobieski
> 
>  
> 
> P.S.: https://meta.wikimedia.org/wiki/Wikifact <https://meta.wikimedia.org/wiki/Wikifact>
>  
>

Received on Friday, 23 July 2021 23:47:54 UTC