RE: Digital Press Passes and Decentralized Public Key Infrastructures

Re: But if a group of press is saying hey this press person is legit and they share a community I then trust that community.

Counter-example: Let say I’m Microsoft, Apple, Google, or IBM and I’ve had a bad experience with a particular member of the Press. It doesn’t matter what his/her peers think, he/she is not going to get a Press Pass to our events.


From: Greg Mcverry <jgregmcverry@gmail.com>
Sent: July 24, 2021 10:33 AM
To: David Chadwick <d.w.chadwick@verifiablecredentials.info>
Cc: W3C Credentials CG <public-credentials@w3.org>
Subject: Re: Digital Press Passes and Decentralized Public Key Infrastructures

Why I like web rings cuz I wanna party like it is 1999.

But if a group of press is saying hey this press person is legit and they share a community I then trust that community.

I follow the VC-EDU group best I can but I can also do the same thing with two ping backs and a third party ledger.

On Sat, Jul 24, 2021 at 11:11 AM David Chadwick <d.w.chadwick@verifiablecredentials.info<mailto:d.w.chadwick@verifiablecredentials.info>> wrote:

I think any solution that requires modifications to browsers is a non-starter in the short term (if not the long term as well) as it could take years for them to agree to making any changes. So you should consider working with today's infrastructures and adding the minimum extra services that are required to build an operational system.

Scott, I dont believe that using existing PKIs provides insurmountable problems. On the contrary, I think it is a solid bedrock on which to build SSI

Kind regards

David
On 24/07/2021 00:47, Annette Greiner wrote:
Scott,
Has there been any discussion with browser makers or others about browsers possibly surfacing this data in their UIs? I could imagine browsers having a control that lists the belongs-to claims that a site makes and indicates whether they are verified by the corresponding domains. I don’t want to specify the UI too much, but it could be something similar to the typical lock icon in most browsers now. So the browser makers or platforms wouldn’t have to decide anything about who to trust; they would just surface the claims and whether they are verified, so that the user can evaluate based on their own context of use.
-Annette


On Jul 19, 2021, at 2:47 PM, Scott Yates <scott@journallist.net<mailto:scott@journallist.net>> wrote:

Adam, (and friends),

I looked really hard at a PKI solution for a long time, and the downsides were insurmountable..

Probably the biggest problem that you can't get around is: Who decides who is in and who is out?

After beating my head against the wall for a couple of years, I came up with trust.txt. It's a text file in the tradition of robots.txt and ads.txt. In that file, press associations list their members, and members list their associations.

For example, the Texas Press Association's file is here: https://www.texaspress.com/trust.txt and the file for a small weekly paper in Hays has its file here: https://haysfreepress.com/trust.txt


With those, anyone can build a crawler and an algo to get confirmation about who belongs to whom.

No one body has to decide who is "press" and who is not. Groups on their own decide who is a member, and it's up to the platforms to interpret the signal and decide that the Hays Free Press is just a bit more trustworthy because they at least know that it belongs to the TPA.

I'm now rolling this out to press and broadcasting associations in the U.S., and hope to go international starting in the fall.

After studying it for a long long time, I think this is as close as we can get to a "digital press pass" that is consistent with the First Amendment and an open, decentralized web.

-Scott Yates
Founder
JournalList.net<http://journallist.net/>, caretaker of the trust.txt framework
202-742-6842
Short Video Explanation of trust.txt<https://youtu.be/lunOBapQxpU>


On Mon, Jul 19, 2021 at 3:23 PM Adam Sobieski <adamsobieski@hotmail..com<mailto:adamsobieski@hotmail.com>> wrote:
Credible Web Community Group,
Credentials Community Group,

I would like to broach the topic of “digital press passes” towards a more credible web.

As envisioned, “digital press passes” could be provided to organizations and individuals utilizing decentralized public key infrastructure.

Webpages could include URLs to their “digital press passes” in link elements (<link rel="press-pass" href="…" />). This information could also be encoded in documents in a manner interoperable with Web schema. News content could be digitally signed by one or more “digital press passes”.

Upsides include: (1) end-users and services could configure which certificate authorities that they desired to recognize, (2) end-users could visually see, in their Web browsers, whether displayed content was from a source with a valid “digital press pass”, (3) news aggregation sites could distinguish content digitally signed by “digital press passes”, (4) social media websites could visually adorn and prioritize shared content which is digitally signed by “digital press passes”, (5) entry for new news organizations and recognition as such by existing services would be simplified, e.g., a new newspaper organization, the new news organization would need to obtain a “digital press pass” from a certificate authority.

Downsides include: impact on citizen journalism, where users other than journalists desire to publish or distribute news content.

Have these ideas been considered before? Any thoughts on these ideas?


Best regards,
Adam Sobieski

P.S.: https://meta.wikimedia.org/wiki/Wikifact





--
J. Gregory McVerry, PhD
Assistant Professor
Southern Connecticut State University
twitter: jgmac1106

Received on Saturday, 24 July 2021 17:51:23 UTC