On the other end of the scale, though are blog hosts like Blogger and LiveJournal that host millions of blogs under one domain. What good does a signed ping do for Blogger.com? Knowing it came from Google may be nominally useful, but that really wasn’t a part of the problem in the first place.

Signed pings from blog hosts are valuable because they enable pings to be delivered with extra metadata that can be used by syndicators and aggregators to separate the signal from the noise. For example, if a blog host signs a ping that carries with it the following tag:

<splog_filter link=89, content=63/>

consumers of this ping can then apply local policy in processing this ping. Since the blog host signed the ping, they can be confident about the information supplied in the tag above (confident, that is that the information is unchanged and really came from the blog host).  If the consumer in question here has a policy of accepting pings that exceed scores of 50 on both the link and content analysis, this ping would be accepted for distribution. If the policy requires that the content analysis scores a 75 or better, this ping would be rejected.

So the signature is important. If the spog_filter scores are going to drive processing policy for aggregators and other ping consumers, then there will be significant interest from the black hat crowd in “spoofing” these values for a submitted ping. Signing a ping based on a private key with a matching public key published as part of a DNS zone file makes this kind of spoofing impractical for the bad guys.

For “branded domains” that have editorial control over everything that is published from that domain – like the washingtonpost.com, for example – the ability to sign a ping for submitted content provides immediate and tangible value; WaPo signed pings will be easily identified and trusted as sourced from the Washington Post, no matter where their pings get routed in the cloud. For service providers that host all manner of content from their domains, the signature of the service provider provides confidence in the integrity and source of the ping from the host, including supplied scores and metrics that can assist in filtering out authentic blogs from splogs.

Over time, additional authentication can be applied where appropriate to publishing domains. Publishers who use the Yahoo! platform to publish, for example, may see value in submitting to an additional authentication process whereby Yahoo vets the identity and attributes of the publisher/blogger. In this case, the investment in this authentication can be leveraged by signed pings. If Yahoo! then asserts (with digital signatures) that pings for this publisher are now backed by Yahoo!’s authentication assertions, those pings can be confidently accorded the appropriate status in terms of trust by aggregators and consumers.

Signed Pings aren’t the solution, then, but an enabling technology that provides the basis for delivering any of a number of possible solutions and applications related to identity, authentication and trust in the blogosphere.