IdentityOnTheNet
Created Tuesday 15 July 2025
20250715 @ 23:41 (BST) : Re-written / re-drafted
This remains a speculative sketch. There are a lot more details in my head.
The problem
Recently I've seen a flood of vile posts, comments, and replies from an individual who is clearly deranged or mentally unbalanced, directed at a specific individual. We've put various technical measures in place to try to limit their posting, but they've been using multiple IP addresses and multiple email addresses, so it's basically impossible to block them.
So we detect the incoming posts and delete them. The problem is that, like spam emails, the attacks cost the individual effectively nothing, and the defence costs us time, energy, attention, and computing resources.
It's easy to say: We need a "Real Names Policy" to prevent this, so people are directly identifiable.
That's a Bad Thing.
A huge part of the value of the internet is for people to be able to remain anonymous in order to allow them to participate while remaining safe.
Today I had an idea. It's half-baked, and probably full of nuts, but maybe there's a service here that can be implemented to help fix this problem.
Outline
Broadly, the idea is to have a service that costs a very small amount for a reader, who then gets a "Magic Token" to identify themselves to a blog, or other site. That "Magic Token" is a kind of "pass code" to let them comment, etc.
The blog site (or other service) can verify that the Magic Token is genuine and paid for and accept any posts or comment. If the posts made using that Magic Token are deemed inappropriate, then the blog/whatever can subsequently refuse to accept that token.
The Flow
This is a rough outline of the flow.
- Have a service called P4ID (Thinking "Paid For ID")
- There may be competing services
- Person C (think "customer" or "commenter") connects to P4ID and:
- Pays a small fee ... think £1 or $2
- Uses any payment system they like (within reason)
- Personally identifiable information not needed
- Or possibly is needed
- This could be used for age verification
- That's another rabbit hole ...
- This could be used for age verification
- Or possibly is needed
- Receives a magic token that is their "ID"
- Creates in collaboration with P4ID another magic token called "PKEY"
- Think "Private Key"
- P4ID has the associated "Public Key"
- These could be negotiated by DHMW
- These are for potential future repudiation and re-issue, etc.
- Pays a small fee ... think £1 or $2
- When C wants to post, they provide their ID
- If the ID is blocked on that site ... ignore
- Otherise the destination site checks with P4ID that it's a valid ID
- If not ... ignore
- If so ... allow the post
OK, so as it stands this cannot work, and is vulnerable to DDOS and other attacks, but the basic idea is that a person can obtain, for a small fee, an immutable (up to a point) identifier that they can use everywhere. If they misbehave then that ID gets blocked, and they have to pay to get another.
So that's the starting point. It won't work, but maybe it's not too far (under some metric) from something that will work.
Thoughts?
- Prev: MonostableTetrahedron
- Next: ...
Backlinks: index MonostableTetrahedron