[CAP] Decrease milling when increase trust RE: Vol7 #2

[Mick Jagger]

Hi,
	To simplify things from an alert consumers point of view, it might be best to classify any received CAP message as either "verified" or "not verified".
	For a verified message, it would have to be properly authenticated.  Examples would be a message received over a secure transport method or channel, where authentication is already in place, or with a crypto-signature and a key already accepted by the user.  The idea being the user has accepted in advance that messages received in this manner are valid.
	For a not verified message, this fact should be made abundantly clear to the user.  For example, when current CAP alerts regarding earthquakes are issued by the USGS and they haven't been reviewed yet, this is noted in the description.  This lack of verification however shouldn't prevent a message from reaching the consumer.  If a sensor detects and transmits an alert, it shouldn't have to wait for a review.  When it is properly reviewed, an update can be issued with the proper authentication to confirm the initial alert.  Does the initial heads-up cause a problem if everyone is fully informed its not yet verified?

	Is some form of verification information a possible addition to CAP?

> establish the authority of others.  I've heard that in Australia they  
> have a system called "100 points of proof" where various kinds of  
> endorsements have various point values and various thresholds (not  
> always 100) are required for different activities.

	This could work both in a top-down format with established methods of verification by government agencies, and also informal where you exchange a key with your Aunt for automatically verified alerts from her, but when you get an unverified alert from your neighbour, you first look out the window.

-- 
lists at jpw.biz
--