A usable reputation web service

Tuesday

Apr152008

Tuesday, April 15, 2008 at 09:34AM

With the rise of social networking, the advent of provable identities, and ways to authorize access, there is a growing need for a reputation system to recognize good content and good people.

I have been working on this and my principles have been that the system needs to:

be simple and available as an API,
be decentralized and accept other systems to participate,
contain security measures that prevent gaming and abuse,
be transparent to users so that you know the hows and whys of the score (the correct level needs to be found here to prevent gaming)
accept reputation for any provable identity (including other systems),
collect explicit scoring from users,
implicitly derive reputation of identities by observing current and past behavior,
associate multiple identities. This means that http://alice.example.com should be able to associate her good karma with her secret http://timerider.example.org identity. This association must be kept hidden for others,
recognize different categories. A person may be highly rated in some areas, and not in others,
use a voting model that matches the real world. This model must be limited and untraceable between all parties. Positive behavior should be rewarded.

APIs needed:

Signup. A user signs up by proving to the system that she own a URL. In exchange, the system creates some shared secret that can be used to authenticate (and possibly encrypt) API requests and responses.
Bind. Binds an identity to a user’s existing identity.
Lookup. Looks up the reputation for a specific category. The set of categories is intentionally kept small for simplicity.
Vote. Submits a reputational vote for a user and a specific category.
Some security related APIs with a simple way to handle the life cycle of keys and trust.

There could be some possible APIs for user’s profile management, and perhaps statistics.

For the back-end, there are other APIs that needs to be implemented to handle decentralized sharing and calculation of scores. More on that in a later post.

Hans |

3 Comments |

Reader Comments (3)

Wow, what a lucid overview, Hans! There is definitely a need for this kind of thing, and it makes a natural successor to OpenID and OAuth, like you mention. Looking forward to the next post on this topic.

Nice blog.

April 30, 2008 |

Benjamin Kudria

Thanks, Ben. I will hopefully get to update this soon.

May 2, 2008 |

Hans

Hans, I think you are spot on here. An API like this definitely needs to be open (like OpenID and OAuth) and not reinvent the wheel (like XRI). I also think it is key that the algorithms which distill both the explicit opinions and implicit activities which make up Whuffie are themselves able to mutate and evolve.

And of course reputation is complex, as hinted at by your "recognize different categories. A person may be highly rated in some areas, and not in others". There is a great quote in Down and Out in the Magic Kingdom:

"He had a lot of left-handed Whuffie; respect garnered from people who shared very few of my opinions. I expected that. What I didn’t expect was that his weighted Whuffie score, the one that lent extra credence to the rankings of people I respected, was also high — higher than my own. I regretted my nonlinear behavior even more. Respect from [Tim] would carry a lot of weight in every camp that mattered."

I've done a longish post on this myself — Collaborative Filtering and Social Capital (at http://bit.ly/cf-whuffie) — which I would welcome your feedback on.

All the best.

November 26, 2008 |

Peter Ferne

Post a New Comment

Enter your information below to add a new comment.

Author:

Author Email (optional):

Author URL (optional):

Post:

↓ | ↑

All HTML will be escaped. Hyperlinks will be created for URLs automatically.