Distributed Identity Escrow

I’ve managed to jump through all the publication clearance hoops at my day job to finally get out my paper, “Distributed Identity Escrow: Toward a Scalable, Privacy-Preserving Reputation System.”

The paper describes what I hope to be a central activity of the Foundation in the future: enrolling members in a distributed reputation system that will provide both privacy and accountability for their electronic communications.  Administration of the pseudonym database would be centralized and under the control of the Chair (these would simply be DNS TXT records of the form yourdomain.com._vouch.fofnd.org), but enrollment of users would be a distributed operation with a network of “proxy registrars” recording identifying information and storing it locally to be retrieved in case of abuse by the user.  If a member sends an abusive message (such as spam or advocating violence) then, at the discretion of the Chair, the user’s identity would be retrieved and all of his pseudonyms would be removed from the reputation database.  (At this point, he would also be expelled as a member beneficiary of the Trust.)  His photograph would be placed on a blacklist and distributed to all proxy registrars so that he couldn’t register any more pseudonyms.  The scheme also supports a “remote registration” which allows you to get a new pseudonym without showing up in person at a proxy registrar, provided you already have at least one existing pseudonym in the system.  I also outline in the paper how payments for pseudonym registration and other message processing could be handled in a privacy-preserving way.

Please read the paper, and if you have any questions send me an e-mail or post comments here on the blog.  We can also use fof-discuss to hash out any issues you may have.  The paper includes an extensive survey of related work that might not make much sense to some readers, so feel free to skip to the section on the registration protocol.  Be sure to check out the section entitled “Resource Allocation,” which describes a settlement and payment system.

Comments welcome!