However, having recently tempted fate by noting on MDV's blog that my blog was spam free, it was inevitable that last night a few spam comments would get through which they did. It was nothing to worry about as they were noticable and easily removed but it did get me thinking about possible anti-spam solutions.
One of the thoughts that I had was that it may be possible to leverage the Gravatar infrastructure as part of a comment whitelisting system. I generally dislike comment moderation as it tends to throttle discussions. Unless the comment is spam, I generally allow anything to go through, even stuff like this.
However, comment spam is likely to become more of an issue and thus additional spam throttling systems are likely to eventually become common-place. However, what I do not want to do is to mis-identify any real commentors and that is where the Gravatar infrastructure comes into place.
What I propose
When user A first places a comment on a Gravatar enabled site B, there is an implicit connection between that site and the Gravatar servers. The Gravatar servers does a lookup on the provided email address and uses that to return the corresponding gravatar. Now the key thing is that we've established a communication channel between 2 parties with Gravatar as the mediator. This creation of a social link between user A and site B implies that there is a trust relationship formed from A to B. What the Gravatar system could do is store this relationship in it's system.
Nothing particularly special has gone on as yet. However, because of this trust relationship, if B now goes and comments on A, this relationship could be used to automatically whitelist B and allow B to skip any spam filters regardless of how agressive it is. Likewise, a trust relationship has now been formed in the other direction and the whitleisting is reciprocated. These relationships can, of course, be revoked by logging into the Gravatar site.
What needs to be done
There's a few minor things that we need Gravater to do to faciliate this. Most obviously, it'll need to store the relationships. Now this does bring in a potential issue, though surprisingly it's not technical. The issue is instead one of privacy. What we're proposing may be seen as a form of user tracking. Right now, we're trusting Gravatar to not store out usage pattern yet this is exactly what we're asking them to do. To stem any concerns, Gravatar can do the following. First, state upfront what is being stored and how this is used. It'll need to make a strong enough statement that there will be no ambiguity on the user's front. Secondly, it will need to make this relationship handling opt-in. If people feel that the potential benefits outstrip their concerns, then they can opt in. Otherwise, they can maintain their anomynity.
The other thing that Gravatar needs to do is technical. It needs to allow us to link our Gravatar with our website. Currently, the only two pieces of information is the email address and the gravatar itself. Unfortunately, this isn't sufficient for the system to work.
There's also a number of secondary benefits and potential developments. The storage of relationships mean that we now have a centralised log of where we commented. This can also act as an informal bookmarks list storing a list of the sites which we have deemed important enough that we've commented on them. What's more, we now have the basis of a conversation manager. The system can, potentially, check up on the RSS comment feed for that conversation and see if there have been any developments since our last comment.
However, going back to the original theme, we can see another potential (and possibly even more significant) enhancement. We can allow the ability for users to share/add the trust relationships of a trusted party to their relationship list. If A trusts B and B trusts C, there is a possible loose form of a trust relationship between A and C. Here as in the physical world, networks are key. If we already trust the opinions and judgement, why allow technology to leverage and make our lives easier.
Of course, everything that I've spoken about are only ideas, and ones which are dependent on Gravatar making changes to their infrastructure. However, ideas beget ideas and I hope that, even if none of this comes to pass, that it will be a springboard for other people to see beyond Gravatar as simply a centralised store of avatar but as a possible means to change social discussions.