NetTrust: security and online identity verification

I’m interested in the problem of online identity, in part because of its relationship to trademark. Trademark theoretically verifies identity and source, but as anyone who has seen a phishing email knows, trademark is becoming more and more meaningless in that respect. (Many of the arguments I’ve seen for ‘we need stronger trademark’ really are arguments for ‘we need stronger fraud prosecution’.)

The NetTrust project looks like an interesting attempt to resolve the issue by using your browsing history, your friends’ browsing history, and third party sources (presumably like stopbadware.org) to help verify a website’s identity in the client- i.e., where it can’t be manipulated by the website you’re looking at. Very interesting idea- I’ll definitely be keeping an eye on it, and those who are concerned with ‘software identity’ (Java and Firefox, I mean you) should probably poke at it and think about it too.

I’m not sure whether or not this has formal legal ramifications, but it does seem like it is worth thinking about the utility of trademark in an online context, where other characteristics can be used to verify identity and quality in ways that may or may not be available offline.