- Reference: A pointer to an entity (generally a URI, often a
URL). Examples include a physical or virtual object, place, person,
pseudonym, web page or site, opinion, reputation, bias, profile, and
reputation calculation engine.
- Nym: Short for "pseudonym," a nym is a fictitious name that
can refer to an entity without using any of its directly
identifiable characteristics, such as name, location, etc.
OpenPrivacy uses public-key pairs to represent a nym, with the owner
having sole access to the private part and the public part being
published to at least one external party. A long-lived nym is
useful in that it allows for trust (or "reputation") to accumulate
over time and usage. Often, we refer to the public key as the
"nym," as it is how the entity is know in the outside world.
- Principal: An identifiable, pseudonymous, or anonymous
entity. A principal can be uniquely referenced by its public key.
Any static entity that can be referenced can in theory be a
principal, the only requirement being that it can store a private
key and perform signature operations.
- Opinion: A unique description of something (pointed to by a
reference). Uniqueness is satisfied by attaching a hash, generally
created from the pricipal's signature, to the opinion such that no
two opinions are exactly the same. An opinion may be clearly
subjective (as in "openssl is a good cryptography package") or
appear as a statement (as in "I live in San Francisco," where the
reference is "San Francisco" and the description is "where I live").
- Reputation: A value that represents the collective opinion
of some reference. A reputation is really just another name for an
Opinion, as it is the calculated opinion of a Reference by the
issuing Reputation Calculation Engine. Reputations are ephemeral,
and the weight applied to an Opinion representing the reputation of
some Reference is subjectively applied by the end user (person or
program) that requests it. As Principals add their Opinion to a
Reference, it accrues (positive or negative) reputation
capital that has several useful properties:
- Reputations cannot be subverted, and the source of reputation
assertions can always be traced. This provides
non-repudiation as well as the mechanism with which to decide
which reputation information to trust.
- Reputations are transitive (within the constraints of a
well-defined domain). For example, if A trusts B as a
source of local news, and B trusts C for local news, then it
could be determined that A trusts C for local news.
- Bias: While reputations generally reflect the sum of many
opinions of a single reference, a bias is an accumulation of
opinions that represent the views of a single principal. Biases
may be divided by area or type of reference (such as groups of
political or demographically descriptive opinions). A RCE uses
one or more Bias collections in the couse of its calculations.
- Offer Template: A set of seemingly disparate opinions can
be grouped together (in a bias-like structure) for the purpose of
finding best matches in a universe of unconnected data. A
reputation service that receives an offer template may advertise
prizes for parent nyms that can validate ownership of a subset of
- Profile: A collection of pseudonymous opinions (also in a
bias-like structure) that an entity claims that it can prove
belong to a single (parent) entity. (The proof itself is called
Agent: Any individual, organization or electronic entity that
creates, filters, gathers and/or
publishes reputation data. Doing so enables entrance into
the OpenPrivacy system for purposes of joining the anonymous
demographics marketplace. Agents have an internal state and can
initiate communications with peers when set conditions are met.
OpenPrivacy Agents inter-communicate using "Profile Reputation
Objects," based on the XMLDsig standard, providing a secure,
capability-based environment for information sharing.
They form a peer-to-peer network and may simultaneously
function as a client (or "Primary Agent") for a local user and as a
server (or "Secondary Agent") providing reputation and potentially
other services ("facilities") for remote agents.
An end point of communications. Also, an intelligent agent (e.g., a
A Reputation Server is an agent that can respond to reputation
requests such as putReputation() and
In addition, reputation servers provide the communications and storage
platform for Reputation Calculation Engines.
Reputation Calculation Engine (RCE):
In order to make full use of the OpenPrivacy platform, use of and
calculation with reputations is called for. Human users act as
intelligent reputation calculation engines and add value to the system
by adding reputations to entities and objects. An automated
reputation calculation, part of an infomediary agent, has the
- incrementally refine Reputation/Opinion accumulation into a Bias
- use Bias to (pre-)calculate responses
- modify (edit) one's own Bias or create a Bias
- attach confidence quotient to returned results
Broker or Broadcatch
A broker is a reputation server that has added intelligence for some
domain. Generally, a broker is capable of adding value to
profile and reputation information by collecting, sorting, indexing,
matching or otherwise enhancing connections between data.
Note: Brokers are built on top of the OpenPrivacy platform and
therefore are generally outside the scope its requirements.
- Users have access to personal information access and buying habits
Users can collect their own net surfing habits
Users can anonymize themselves from the net
Users can authenticate purchases with
credit card institutions
Authenticating institutions will participate by employing anonymous
PKI exists for authentication purposes
Users will have their systems online 24x7 (e.g., via cable or DSL
modems) for purposes of autonomous local encryption and
P3P and other commercial and home-grown systems will provide
negotiation mechanisms to enable autonomous operations.