Trust Networks with PGP and RDF



Dave Brondsema

Andy Schamp




Content-based spam filters aren't perfectly accurate, and spammers adapt to them.


Filter with ratings from social trust networks, with digital signatures for authenticity.

existing spam solutions: SPF, domainkeys/IIM -> DKIM; our solution: user-level, very broad applications beyond email (webpages, or non-document statements like finding someone to trust for financial advice)

Network Overview

different purposes of RDF/trust and PGP/identity; give the example of the researcher in Australia with whom you frequently collaborate, but whom you've never met (but your associates have); basic algorithm/traversal overview

Stating trust with RDF

<Relationship> <truster rdf:nodeID="alice123" /> <trusted> <foaf:Person> <foaf:name>Bob</foaf:name> <wot:hasKey> <wot:PubKey> <wot:fingerprint>407CDD8D</wot:fingerprint> </wot:PubKey> </wot:hasKey> </foaf:Person> </trusted> <about> <Item> <topic rdf:resource="#internet-communication" /> <rating>0.95</rating> </Item> </about> </Relationship>
FOAF describes people, WOT (web of trust) describes PGP facts (full fingeprint would be used); created by each person (they state their trusts), either manually or with a GUI tool. topics: internet-communication (could specify wiki edits, email, IM), hierarchy of the sciences for trusting web sources but these ALL need to be accessible easily -> foafserver lead-in

System Architecture

walk through the process of one request/response, explaining each component of the system

Current Implementation

up and running; konfidi.org; python; not many features yet