Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This is an incomplete thought, but a friend of mine has this idea around reputation built through a sort-of key signing. You get a key, your friend gets a key, you sign each other's keys. The key can serve as an indicator of trust, or validity that an individual's contributions are meaningful (or something). And if your friend suddenly turns into a corporate shill, you could revoke that trust. And if the people haven't established their own trust with that person, their trust goes when yours does. Transitive trust.

It obviously has some flaws, and could be gamed in the right circumstances, but I think it's an interesting idea.



Isn't this just a standard pgp web of trust?

https://en.m.wikipedia.org/wiki/Web_of_trust


Sounds like following people on a social media platform and only reading posts from in your network. Which is exactly how most people I know use Bluesky.

It works better than Twitter's algorithmic feed but it's still not foolproof because not everyone has the same idea of what sort of content they are willing to trust/ track.


Anything that requires the end user to internalize PKI is dead on arrival.

A) The interface won't get intuitive enough.

B) The asshats will still find a way in.

C) Ain't nobody ever met someone in the real world and gone "Yo dawg, what's your public key?"

Encryption is just a machine that turns already hard problems into key management problems.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: