Re: Digital Press Passes and Decentralized Public Key Infrastructures from Greg Mcverry on 2021-07-24 (public-credentials@w3.org from July 2021)

From: Greg Mcverry <jgregmcverry@gmail.com>
Date: Sat, 24 Jul 2021 12:32:47 -0400
To: David Chadwick <d.w.chadwick@verifiablecredentials.info>
Cc: W3C Credentials CG <public-credentials@w3.org>
Message-ID: <CAKCYZhwTZZpzO7VjEm5gQ_hR9CFqcsWqOcYaD6nn-fb-tyG4Hg@mail.gmail.com>
Why I like web rings cuz I wanna party like it is 1999.

But if a group of press is saying hey this press person is legit and they
share a community I then trust that community.

I follow the VC-EDU group best I can but I can also do the same thing with
two ping backs and a third party ledger.

On Sat, Jul 24, 2021 at 11:11 AM David Chadwick <
d.w.chadwick@verifiablecredentials.info> wrote:

> I think any solution that requires modifications to browsers is a
> non-starter in the short term (if not the long term as well) as it could
> take years for them to agree to making any changes. So you should consider
> working with today's infrastructures and adding the minimum extra services
> that are required to build an operational system.
>
> Scott, I dont believe that using existing PKIs provides insurmountable
> problems. On the contrary, I think it is a solid bedrock on which to build
> SSI
>
> Kind regards
>
> David
> On 24/07/2021 00:47, Annette Greiner wrote:
>
> Scott,
> Has there been any discussion with browser makers or others about browsers
> possibly surfacing this data in their UIs? I could imagine browsers having
> a control that lists the belongs-to claims that a site makes and indicates
> whether they are verified by the corresponding domains. I don’t want to
> specify the UI too much, but it could be something similar to the typical
> lock icon in most browsers now. So the browser makers or platforms wouldn’t
> have to decide anything about who to trust; they would just surface the
> claims and whether they are verified, so that the user can evaluate based
> on their own context of use.
> -Annette
>
> On Jul 19, 2021, at 2:47 PM, Scott Yates <scott@journallist.net> wrote:
>
> Adam, (and friends),
>
> I looked really hard at a PKI solution for a long time, and the downsides
> were insurmountable..
>
> Probably the biggest problem that you can't get around is: Who decides who
> is in and who is out?
>
> After beating my head against the wall for a couple of years, I came up
> with trust.txt. It's a text file in the tradition of robots.txt and
> ads.txt. In that file, press associations list their members, and members
> list their associations.
>
> For example, the Texas Press Association's file is here:
> https://www.texaspress.com/trust.txt and the file for a small weekly
> paper in Hays has its file here: https://haysfreepress.com/trust.txt
>
> With those, anyone can build a crawler and an algo to get
> confirmation about who belongs to whom.
>
> No one body has to decide who is "press" and who is not. Groups on their
> own decide who is a member, and it's up to the platforms to interpret the
> signal and decide that the Hays Free Press is just a bit more trustworthy
> because they at least know that it belongs to the TPA.
>
> I'm now rolling this out to press and broadcasting associations in the
> U.S., and hope to go international starting in the fall.
>
> After studying it for a long long time, I think this is as close as we can
> get to a "digital press pass" that is consistent with the First Amendment
> and an open, decentralized web.
>
> -Scott Yates
> Founder
> JournalList.net <http://journallist.net/>, caretaker of the trust.txt
>  framework
> 202-742-6842
> Short Video Explanation of trust.txt <https://youtu.be/lunOBapQxpU>
>
>
> On Mon, Jul 19, 2021 at 3:23 PM Adam Sobieski <adamsobieski@hotmail..com
> <adamsobieski@hotmail.com>> wrote:
>
>> Credible Web Community Group,
>>
>> Credentials Community Group,
>>
>>
>>
>> I would like to broach the topic of “digital press passes” towards a more
>> credible web.
>>
>>
>>
>> As envisioned, “digital press passes” could be provided to organizations
>> and individuals utilizing decentralized public key infrastructure.
>>
>>
>>
>> Webpages could include URLs to their “digital press passes” in link
>> elements (<link rel="press-pass" href="…" />). This information could
>> also be encoded in documents in a manner interoperable with Web schema.
>> News content could be digitally signed by one or more “digital press
>> passes”.
>>
>>
>>
>> Upsides include: (1) end-users and services could configure which
>> certificate authorities that they desired to recognize, (2) end-users could
>> visually see, in their Web browsers, whether displayed content was from a
>> source with a valid “digital press pass”, (3) news aggregation sites could
>> distinguish content digitally signed by “digital press passes”, (4) social
>> media websites could visually adorn and prioritize shared content which is
>> digitally signed by “digital press passes”, (5) entry for new news
>> organizations and recognition as such by existing services would be
>> simplified, e.g., a new newspaper organization, the new news organization
>> would need to obtain a “digital press pass” from a certificate authority.
>>
>>
>>
>> Downsides include: impact on citizen journalism, where users other than
>> journalists desire to publish or distribute news content.
>>
>>
>>
>> Have these ideas been considered before? Any thoughts on these ideas?
>>
>>
>>
>>
>>
>> Best regards,
>>
>> Adam Sobieski
>>
>>
>>
>> P.S.: https://meta.wikimedia.org/wiki/Wikifact
>>
>>
>>
>
>

-- 
J. Gregory McVerry, PhD
Assistant Professor
Southern Connecticut State University
twitter: jgmac1106
Received on Saturday, 24 July 2021 16:33:12 UTC