Mr. Hociung,
Very nice work - a fairly long but entirely worthy read.
At some point it would be interesting to form an aggregated list of scores
from various individual reputation scoring data, in a way similar to the
way the DShield.Org system works aggregating data on IP problems.
As regards, your remark "the main differentiator of these services will be
who they use as rating agents. I'd be perfectly happy with a service that
uses cisco.com's feedback, but I don't care for one where Dick and Harry
can have a say in." - I have no qualms with any data source, as long as the
data source is disclosed and weighted by appropriate metrics.
If a source is unreliable, a data aggregator should adjust their individual
metrics to show this and bring that source's net influence in the
aggregated trust scoring down. Done properly, Dick and Harry could (and
should) have a say if they are legitimate, but would have a near zero say
if they are not. It is certainly not to say that I don't trust Cisco (I
worked with one of their senior VPs and the wife of another before there
ever was a Cisco - they are great professional people and we love their
products around here), but I think that any trust system should be open to
all parties (not just the biggest ones), weighting each initially the same
and allowing the data from each source to determine future weightings given
to any given data source.
In a world of aggregated trust reporting data, it would probably also be
best to have several data aggregators out there to keep everyone honest in
their reporting.
Best,
Alan Maitland
WebMaster(_at_)Commerco(_dot_)Net
The Commerce Company - Making Commerce Simple(sm)
http://WWW.Commerco.Com/