- From: Melvin Carvalho <melvincarvalho@gmail.com>
- Date: Mon, 27 Jul 2015 21:40:49 +0200
- To: Steven Rowat <steven_rowat@sunshine.net>
- Cc: Web Payments <public-webpayments@w3.org>
- Message-ID: <CAKaEYhJS156ZHT+ay2oBk0ELgsdrmVqmaZ43=A3s=GuzXGr63Q@mail.gmail.com>
On 27 July 2015 at 21:23, Steven Rowat <steven_rowat@sunshine.net> wrote: > On 7/27/15 1:11 AM, Melvin Carvalho wrote: > >> Is pseudo-anonymity possible (for the payee)? >> >> >> Great question. I havent really thought this through. But possibly >> yes. How would you imagine pseudo-anonymity to work? >> > > I learned the term on this list (or possibly the Credentials) and it seems > a useful function -- both for me, who might use it, and for the benefit of > society. I think it's been described on these lists somewhere, but I'll > recap from my own perspective, because I think it has wide applications: > people in difficult political situations, or people in difficult family or > other social situations, often are prevented from speaking the truth by the > fact that they'll face repercussions locally. > > What I imagine for "pseudo-anonymity" is that a writer, researcher, or > provider of any information for sale online can use a pseudonym, and be > paid for their work without being forced to divulge their legal identity, > at least during standard sale interactions. Legal warrants would be an > exception, hence the use of the meta-layer in the term, 'pseudo'. At a > lower level the legal name would be used, and could be verified -- but not > at the payment level for people buying the work. > > So, to turn to Dante and your example, let's say Dante is living in Rome > and puts one of the Roman Senators, who Dante knows to be corrupt, into the > lowest level of Hell and tells in detail what that Senator's crimes are. > And suppose Dante puts this in an engaging work that people are willing to > pay to read. > > But, if they pay "Dante Alighieri" directly, as part of the online > interaction, then the Senator can easily find who wrote it, and Dante or > his family are visited in the middle of the night by thugs with masks on, > carrying weapons. > > If, however, Dante's work is published by "Luigi M", and the payment for > the work goes to a private account for "Luigi M", which Dante has signing > access to, then Dante is safe, and what he knows gets out into the wider > world, for people to comment on, discuss, and use. Essentially, he's a > protected whistleblower, and the same would hold for all sorts of crimes -- > corporate and personal -- that might be revealed. > > If, on the other hand, the Senator (or corporate CEO, or parent in an > abusive family, or whatever) knows that Dante is lying (or mistaken) about > him (or her), then of course he/she can go to a court, get a charge of > libel, and have a warrant issued. A judge will decide whether there's > enough evidence to do that. If there is, Dante is unmasked and must face a > libel court. If not, "Luigi M" still gets paid and Dante is safe, and the > society finds out about the crimes. > > I apologize if you knew all this and wanted feedback on how to achieve it > in your 402 workflow. > > If so, sorry, can't help you. ;-) > > Except, perhaps, by encouraging you to do it. So I'll add: I think it's > particularly important to have this option (pseudo-anonymity) for those > telling about the most dangerous crimes, the most important truths, because > these are the ones most likely to give rise to powerful attempts at local > revenge and abuse to silence the messenger. If Dante calls the Senator a > couch-potato, the Senator is not likely to do much. If Dante says the > Senator took a million-Lira bribe and had another Senator assassinated, > Dante will need to watch his back for the rest of his life. > > These are the stories society needs most to know about, and it would be a > loss if the teller is silenced by local action. > Thanks. Well I feel this is an admirable goal, but my primary focus for payments is to use it to help open source developers help each other (and themselves) to create code, and maybe make enough of a living to pay some of the bills. In general most people in that community are not anonymous. I can see that your use case is also useful and important. So, I could provide some minimal support, but I'd much rather someone just forked the project and changed the workflow then publish it for all to use. What I think is possible is to fire up a relatively anonymous identity with no real footprint either as an HTTP identifier or maybe as a derivative from a keypair (e.g. RSA X.509 cert). The problem with these newly minted IDs is that they are perfect for spamming. So in general you want a web of trust preventing IDs with little or no reputation from causing havoc, which they do on the web. One way to mitigate this is to try and have someone vouch for a new ID, but then try and "blind" it. Techniques such as "chaumian blinding" and "zero knowledge proofs" could be the way forward here. In essence if you have a trusted group with a key, and that group vouches for a new identity, then you dont know who in that group did it. If the group was big enough or diverse enough making trusted pseudo anonymous identities could be feasible. With the SoLiD platform however, you might not even need to be anonymous because the aim is to decentralize storage. If the person you are working with doesnt care about your identity, you may be safe. I dont know how helpful that is ... maybe not a lot! :) > > SR > > > > > > >
Received on Monday, 27 July 2015 19:41:17 UTC