Web of Trust

From BC$ MobileTV Wiki
Revision as of 14:03, 17 August 2011 by Joe (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Web Of Trust (commonly referred to as WOT Schema) is more than just a catchphrase. It is a policy and schema enabling security by determining the author of a given section of an RDF document through PGP and Digtial Signatures.



What is WOT?

WOT, short for "Web of Trust," is a community whose members exchange knowledge of websites: Can they be trusted? Are they safe to use? Do they deliver what they promise? If a site has a bad reputation, WOT will warn you - and save you a lot of trouble. By joining the WOT community you can protect yourself and help others. Our mission is to make the Internet safer by giving our users a way to share their experience of websites and the services they offer. WOT is a powerful tool - and it's free! We have information on 21 million sites. Join us today and make the Internet safer for us all.

Who is behind WOT?

Aside from the community, there is a hard-working team behind the WOT service. Headed by serial entrepreneur Esa Suurio, Against Intuition Inc. focuses on developing and providing software and services for the WOT community and promotes the community's goals of Internet security for everyone.

AgainstIntuition is a company founded in 2006 by two visionary graduate students, Timo Ala-Kleemola and Sami Tolvanen, who now are developing the WOT system further with the aid of a group of talented software developers, designers and database administrators.


Web-o-Trust

The Web-o-Trust is a smaller more minimalistic approach which suggests each webmaster, hosting provider, application owner or site operator simple include a text file (similar to the way robots.txt works), which shows a whitelist of that domain's trusted 3rd party domains. By aggregating the entire web's whitelists a sort of de facto "Web Of Trust" could be gleaned across the entire web.

Some security experts have pointed out an obvious weakness in this approach in that if the "bad guys" or those who wish to get around the Web Of Trust and earn people's trust falsely happen to owned more servers and domains than the "good guys" or those who are actually trustworthy and conduct normal business, they could simply pad their rankings in the Web Of Trust by referring to one another's sites, reciprocal mirroring, etc.

A further concern is the number of hosts or servers unknowingly compromised such that determined attackers could turn the server into a bot for attacks or, more innocently, pollute an entire hosting provider or server's set of domains' Web-o-Trust file. All these concerns aside, it is still one viable approach worth the small time investment, and works quite well when used in unison with a Blacklist and list of known Spam/Malicious attacker sites.[1]


Abuse

Abuse.net is a known-SPAMMER email lookup service and database.



Tools

API

A link/website Reputation API provided courtesy of WOT is now available.[2] The RESTish XML WOT API can be accessed as follows:

http://api.mywot.com/0.4/public_query2?target=<URL>

EXAMPLE:

http://api.mywot.com/0.4/public_query2?target=youtube.com

RESPONSE:

 <?xml version="1.0" encoding="UTF-8"?>
 <query target="youtube.com">
   <application name="0" r="93" c="85"/>
   <application name="1" r="94" c="83"/>
   <application name="2" r="92" c="80"/>
   <application name="4" r="84" c="67"/> 
 </query>

The newly released JSON API can be accessed as follows:

http://api.mywot.com/0.4/public_link_json?hosts=<URL#1>/<URL#2>/&callback=<CALLBACK_FUNCTION>

EXAMPLE:

http://api.mywot.com/0.4/public_link_json?hosts=youtube.com/google.com/&callback=displayTrustLevel

REPSONSE:

 {
  "youtube.com": {
    "target": "youtube.com",
    "0": [
      93,
      85
    ],
    "1": [
      94,
      83
    ],
    "2": [
      92,
      80
    ],
    "4": [
      84,
      67
    ]
  },
  "google.com": {
    "target": "google.com",
    "0": [
      94,
      90
    ],
    "1": [
      95,
      90
    ],
    "2": [
      93,
      85
    ],
    "4": [
      93,
      85
    ]
  }
}



Resources

External Links


References

  1. Not Just Another Blacklist (NJABL): http://www.njabl.org
  2. WOT - Reputation API: http://www.mywot.com/wiki/API


See Also

Trust Hierarchy | E-Commerce | SOA | Semantic Web | E-Security