(TL;DR at bottom).
I feel that it will become cumbersome to repeatedly ask the community to re-certify when the community grows quite large and many people are quite rapidly asking to be certified.
If one is able to (perhaps using a special transaction) link a uniquely-identifying, formatted piece of data to his identity then it could be much easier to have certification be given to him in the future.
This linking of information to an identity could permit a much easier means of requesting certifications: a user simply requests that PublicKey A sign his identity (I
) by sending an appropriate request to the network. Once PubKey A declares that it sees identity I
as valid, the certification request message is pruned from the database. And if PubKey A publicises its refusal to certify identity I
, then the request will also be pruned from the database in this case.
Overview of Hypothetical Protocol:
Linkage of Information to Identity
A user is a member of the community. Let us call him m
.
The user has a piece of uniquely-identifying information/data to connect to his account. Let us call it D
.
The user publishes a request, R
, with the information needed to verify the integrity of D
signed with his PrivKey.
R
contains a proof of his (m
) identity, a hash (H
) of the original data (D
), and a PGP-encrypted version of D
using his PrivKey, Pr
. (The data, D
, is verified by decrypting the signed data with the PubKey (Pb
) of m
and using the same hash function on it to check against H
.)*
* Perhaps using a hash function with the PubId as a salt could provide collision-prevention, though could be easily spoofed.
Requesting of Certification
Member m
is a valid member of the community. His identity is I
.
Member m
sends a request, R
, to the network that an identity (say, V
) verify his own by signing it.
R
has the information needed to specify the participants of the request: the PubId of V
and his own identity, I
.
If V
decides that I
is a valid identity, then he signs the identity and the request is removed from the request-cache.
If V
decides the I
is not a valid identity, then he signs a message/transaction to himself stating that ’I
is not a valid identity according to me’, and the request is removed from the request-cache.
TL;DR:
- allow linking of a uniquely-identifying piece of information to a unique identity. (Perhaps a Keybase.io URL or verifiable PGP PubKey.)
- implement a protocol which allows the requesting of certifications from specific PubIds. (The PubId should be used to prevent spamming by searching in the UI.)