Trustmark: Difference between revisions
Jump to navigation
Jump to search
Line 19: | Line 19: | ||
#The mark is cryptographically bound to an [[Identifier]] of the current web site. | #The mark is cryptographically bound to an [[Identifier]] of the current web site. | ||
#The [[Identifier]] of the site has a signed certificate of membership in the framework that issued the [[Trustmark]]. | #The [[Identifier]] of the site has a signed certificate of membership in the framework that issued the [[Trustmark]]. | ||
#The companies that report on web site safety (Microsoft, Google, Apple, etc.) are informed of the conditions under which the [[Trustmark]] is issued. | |||
#The W3C is encouraged to standardize on the method to validate trust marks and encourages members to mark any misuse of the mark as unsafe. | |||
==References and Coordination== | ==References and Coordination== | ||
*Much more detail is on the page [[Trustmark Evolving Design Pattern]], which may not be fully up-to-date. | *Much more detail is on the page [[Trustmark Evolving Design Pattern]], which may not be fully up-to-date. | ||
*[https://tcwiki.azurewebsites.net/index.php?title=Trust This page] is dedicated to collecting information about Trust in a digital environment. | *[https://tcwiki.azurewebsites.net/index.php?title=Trust This page] is dedicated to collecting information about Trust in a digital environment. |
Revision as of 22:22, 30 October 2018
Full Title
The purpose of a Trustmark is to give the users of a web site sufficient information to make an informed decision about whether the site is trustworthy.
Context
The internet is currently a cesspool of malcontents and criminals that is little different from the wild west of the US in 1870.
The goals of this effort is to enable:
- The user can unambiguously determine the real-world identity of any web site that has any pretense to be trustworthy.
- The user knows the context that the site operates by the federation(s) to which the site has subscribed.
- The user can clearly determine the purpose of the web site, especially in regard to the intent of the site to use their personal information.
- The user can stipulate their own conditions on which they are will to interoperate with the site.
Problems
- Users do not pay attention to existing Trustmarks.
- Existing Trustmarks are trivial to copy on sites that are not trusted.
Solution
The following are the current characteristics of the new Trustmark:
- The mark is cryptographically bound to an Identifier of the current web site.
- The Identifier of the site has a signed certificate of membership in the framework that issued the Trustmark.
- The companies that report on web site safety (Microsoft, Google, Apple, etc.) are informed of the conditions under which the Trustmark is issued.
- The W3C is encouraged to standardize on the method to validate trust marks and encourages members to mark any misuse of the mark as unsafe.
References and Coordination
- Much more detail is on the page Trustmark Evolving Design Pattern, which may not be fully up-to-date.
- This page is dedicated to collecting information about Trust in a digital environment.