Re: Digital Press Passes and Decentralized Public Key Infrastructures from Scott Yates on 2021-07-26 (public-credentials@w3.org from July 2021)

From: Scott Yates <scott@journallist.net>
Date: Mon, 26 Jul 2021 12:00:08 -0600
To: "public-credibility@w3.org" <public-credibility@w3.org>, "public-credentials@w3.org" <public-credentials@w3.org>
Message-ID: <CAJcW4ANnOV+0mfmFK4pKK0UAy9kz7fMu=RdH7rSCd8s0Ld-Z8g@mail.gmail.com>
Annette (and gang),

I can envision that browsers could use trust.txt in general, but I can't
quite picture it specifically.

The most important thing for me right now is to get publishers and
associations to start using it. Once we have some broad adoption, I imagine
there will be a lot of utility for researchers and others working on
disinfo issues.

-Scott Yates
Founder
JournalList.net, caretaker of the trust.txt framework
202-742-6842
Short Video Explanation of trust.txt <https://youtu.be/lunOBapQxpU>


On Fri, Jul 23, 2021 at 5:47 PM Annette Greiner <amgreiner@lbl.gov> wrote:

> Scott,
> Has there been any discussion with browser makers or others about browsers
> possibly surfacing this data in their UIs? I could imagine browsers having
> a control that lists the belongs-to claims that a site makes and indicates
> whether they are verified by the corresponding domains. I don’t want to
> specify the UI too much, but it could be something similar to the typical
> lock icon in most browsers now. So the browser makers or platforms wouldn’t
> have to decide anything about who to trust; they would just surface the
> claims and whether they are verified, so that the user can evaluate based
> on their own context of use.
> -Annette
>
> On Jul 19, 2021, at 2:47 PM, Scott Yates <scott@journallist.net> wrote:
>
> Adam, (and friends),
>
> I looked really hard at a PKI solution for a long time, and the downsides
> were insurmountable..
>
> Probably the biggest problem that you can't get around is: Who decides who
> is in and who is out?
>
> After beating my head against the wall for a couple of years, I came up
> with trust.txt. It's a text file in the tradition of robots.txt and
> ads.txt. In that file, press associations list their members, and members
> list their associations.
>
> For example, the Texas Press Association's file is here:
> https://www.texaspress.com/trust.txt and the file for a small weekly
> paper in Hays has its file here: https://haysfreepress.com/trust.txt
>
> With those, anyone can build a crawler and an algo to get
> confirmation about who belongs to whom.
>
> No one body has to decide who is "press" and who is not. Groups on their
> own decide who is a member, and it's up to the platforms to interpret the
> signal and decide that the Hays Free Press is just a bit more trustworthy
> because they at least know that it belongs to the TPA.
>
> I'm now rolling this out to press and broadcasting associations in the
> U.S., and hope to go international starting in the fall.
>
> After studying it for a long long time, I think this is as close as we can
> get to a "digital press pass" that is consistent with the First Amendment
> and an open, decentralized web.
>
> -Scott Yates
> Founder
> JournalList.net <http://journallist.net/>, caretaker of the trust.txt
>  framework
> 202-742-6842
> Short Video Explanation of trust.txt <https://youtu.be/lunOBapQxpU>
>
>
> On Mon, Jul 19, 2021 at 3:23 PM Adam Sobieski <adamsobieski@hotmail..com
> <adamsobieski@hotmail.com>> wrote:
>
>> Credible Web Community Group,
>>
>> Credentials Community Group,
>>
>>
>>
>> I would like to broach the topic of “digital press passes” towards a more
>> credible web.
>>
>>
>>
>> As envisioned, “digital press passes” could be provided to organizations
>> and individuals utilizing decentralized public key infrastructure.
>>
>>
>>
>> Webpages could include URLs to their “digital press passes” in link
>> elements (<link rel="press-pass" href="…" />). This information could
>> also be encoded in documents in a manner interoperable with Web schema.
>> News content could be digitally signed by one or more “digital press
>> passes”.
>>
>>
>>
>> Upsides include: (1) end-users and services could configure which
>> certificate authorities that they desired to recognize, (2) end-users could
>> visually see, in their Web browsers, whether displayed content was from a
>> source with a valid “digital press pass”, (3) news aggregation sites could
>> distinguish content digitally signed by “digital press passes”, (4) social
>> media websites could visually adorn and prioritize shared content which is
>> digitally signed by “digital press passes”, (5) entry for new news
>> organizations and recognition as such by existing services would be
>> simplified, e.g., a new newspaper organization, the new news organization
>> would need to obtain a “digital press pass” from a certificate authority.
>>
>>
>>
>> Downsides include: impact on citizen journalism, where users other than
>> journalists desire to publish or distribute news content.
>>
>>
>>
>> Have these ideas been considered before? Any thoughts on these ideas?
>>
>>
>>
>>
>>
>> Best regards,
>>
>> Adam Sobieski
>>
>>
>>
>> P.S.: https://meta.wikimedia.org/wiki/Wikifact
>>
>>
>>
>
>
Received on Monday, 26 July 2021 18:01:33 UTC