Sean Shen wrote:
I just read the draft and feels not sure about some point:
In the last paragraph of section 1, you said:
" In order to permit useful reputation accrual, the value of the
reputation tag will typically need to be stable over a relatively
long period of time. The use of a tag which is independent of other
identifiers (such as email address) supports this need by providing
continuity, even when other identifiers change. "
After reading this paragraphy, I found I was not sure about to whom the tage
belong. You said it's independent of email address. From the first example
case in section 1, it looks like each tag belongs to a user. But a user
might have both premium and free accounts which have different potential of
abuse, as you mentiond in the section example case.
The purpose of such a tag is to provide a finer level of granularity than a
domain, but it's not clear which level it is.
The use cases given in the draft are examples of how the r= value can be
applied. I intentionally picked use cases that make use of different
levels of granularity to describe a range of ways that r= could be used.
Different domains business models, and will therefore suggest different
ways of doing finer-grained reputation. Some domains may put the email
address, or part of it, in the r= tag, and that's OK for them to do.
Others will probably put something else, perhaps not quite that
fine-grained, in r=. It's up to them. The useful thing is that the
reputation algorithm or service doesn't need to know what the business
model is in order to use the r= value; it's just a suggestion on the
part of the signer.
NOTE WELL: This list operates according to