Network Working Group Q. Tao Internet-Draft Independent Researcher Intended status: Informational 31 March 2025 Expires: 2 October 2025 HGCP: A Voluntary Signing Framework for Human Expression in the Age of AI draft-taoqiwen-hgcp-01 Abstract In an era where AI-generated content has become indistinguishable from human writing, the Human-Generated Content Protocol (HGCP) proposes a voluntary signing framework that enables human authors to publicly acknowledge their expressions. Rather than detecting or classifying content origin, HGCP allows individuals to declare, in a structured and verifiable format, that they take responsibility for a specific piece of content. The protocol is platform-neutral, identity-flexible, and suitable for both real-name and pseudonymous use. It does not evaluate accuracy, originality, or quality; it simply enables people to say: “This is mine, and I stand by it.” By providing a lightweight, human-first declaration format, HGCP aims to preserve the visibility of human agency within an increasingly synthetic information ecosystem. About This Document This note is to be removed before publishing as an RFC. Status information for this document may be found at https://datatracker.ietf.org/doc/draft-taoqiwen-hgcp/. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." Tao Expires 2 October 2025 [Page 1] Internet-Draft HGCP March 2025 This Internet-Draft will expire on 2 October 2025. Copyright Notice Copyright (c) 2025 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 2. The Problem of Expression Trust . . . . . . . . . . . . . . . 3 3. The Philosophy of HGCP: Responsibility Over Provenance . . . 4 4. Signature Declaration Structure . . . . . . . . . . . . . . . 5 4.1. Required Fields: . . . . . . . . . . . . . . . . . . . . 5 4.1.1. Optional Fields: . . . . . . . . . . . . . . . . . . 5 4.1.2. Example Signature (Markdown): . . . . . . . . . . . . 6 4.1.3. Versioning: . . . . . . . . . . . . . . . . . . . . . 6 5. Identity Types and Expression Context . . . . . . . . . . . . 7 5.1. Common identity_type values . . . . . . . . . . . . . . . 7 5.2. Statement Responsibility Tags . . . . . . . . . . . . . . 7 5.2.1. Example Values: . . . . . . . . . . . . . . . . . . . 7 6. Platform and Tool Integration Suggestions . . . . . . . . . . 8 6.1. For content platforms: . . . . . . . . . . . . . . . . . 8 6.1.1. For authoring tools: . . . . . . . . . . . . . . . . 8 6.1.2. For reader tools and browser extensions: . . . . . . 9 7. Social and Ethical Considerations . . . . . . . . . . . . . . 9 8. Example Use Cases . . . . . . . . . . . . . . . . . . . . . . 10 8.1. Use Case 1: Personal Blog Post . . . . . . . . . . . . . 10 9. Criticisms and Responses . . . . . . . . . . . . . . . . . . 11 9.1. Criticism 1: “Signing doesn’t stop misinformation.” . . . 11 9.2. Criticism 2: “Malicious actors can sign too.” . . . . . . 11 9.3. Criticism 3: “Why not require real names?” . . . . . . . 11 9.3.1. Final Note: . . . . . . . . . . . . . . . . . . . . . 12 10. Scope and Limits of Human Responsibility . . . . . . . . . . 12 11. Why We Need HGCP Now . . . . . . . . . . . . . . . . . . . . 12 12. Future Extensions and Evolving Use Cases . . . . . . . . . . 13 13. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 14 14. Security Considerations . . . . . . . . . . . . . . . . . . . 14 14.1. Identity Impersonation and Signature Forgery . . . . . . 14 14.2. Mass Signature Automation (Sybil Behavior) . . . . . . . 14 14.3. Content Hash Evasion via Trivial Edits . . . . . . . . . 14 14.4. Revocation Misuse and Responsibility Evasion . . . . . . 15 Tao Expires 2 October 2025 [Page 2] Internet-Draft HGCP March 2025 14.5. Absence of Native Trust or Scoring Mechanisms . . . . . 15 14.6. Final Note . . . . . . . . . . . . . . . . . . . . . . . 15 15. Informative References . . . . . . . . . . . . . . . . . . . 15 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 16 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 16 1. Introduction In the rapidly evolving digital world, a flood of content from countless sources fills our screens—much of it now automatically generated and detached from genuine human intent. As artificial intelligence becomes increasingly proficient at mimicking human expression, the boundary between real thought and algorithmic generation is blurring. This rise in synthetic content presents a fundamental question: if we can no longer know who wrote something, can we know whether anyone is willing to stand behind it? The Human-Generated Content Protocol (HGCP) is a voluntary signing structure that addresses this problem—not by detecting or filtering AI-generated content, but by giving human authors a minimal and declarative way to say: “This is my expression, and I take responsibility for it.” HGCP is not a detection algorithm, classification tool, or identity system. It is a responsibility declaration format. It enables any writer—regardless of identity type or platform—to attach a timestamped, verifiable statement of authorship to their content. HGCP is intentionally minimal, non-intrusive, and flexible. It does not require real names or centralized verification. It does not replace content evaluation or moderation. It simply offers a signal: someone, somewhere, chose to stand behind this piece of expression. That signal, once made, can be interpreted and used however communities choose. 2. The Problem of Expression Trust The internet was originally built to foster human connection and communication. Yet in a world where content creation, duplication, and distribution now approach zero cost, the origin of information has become increasingly obscured. Tao Expires 2 October 2025 [Page 3] Internet-Draft HGCP March 2025 We once inferred authorship and trust from domain names, writing style, and user profiles—but now, all of these can be simulated by AI. This leads not only to an explosion of noise, but also to a subtle erosion of meaning: readers hesitate to believe; authors hesitate to take credit; platforms hesitate to accept risk. Many recent proposals have focused on "AI detection"—using classifiers to guess whether a given text was machine-generated. These tools are probabilistic, easily evaded, and often fail as models advance. HGCP shifts the question entirely. It does not ask, “Was this content human-made?” It asks, “Is any human willing to say: this was me?” This seemingly small act—a signed statement of responsibility—may become the most important signal of authorship in an increasingly synthetic information ecosystem. Not because it proves truth, but because it records ownership. 3. The Philosophy of HGCP: Responsibility Over Provenance The core idea of HGCP is not to verify originality, authorship, or human origin of content—but to offer a voluntary, structured way for a person to publicly acknowledge their expression. Whereas most systems ask, "Who created this?", HGCP asks something simpler and deeper: "Are you willing to say: I said this?" Signing under HGCP does not mean the content is accurate, valuable, or unique. It only means: “This came from me, and I stand by it.” This transforms the act of signing into a declaration of presence—not a claim of authority, truth, or expertise. To speak is not only to express; it is to be willing to be recognized as the speaker. HGCP is not anti-AI. It does not reject AI assistance. If a human chooses to sign something—even if AI helped—they are choosing to take human responsibility for the final output. HGCP does not care what tools you used, or what identity you chose. It only cares that someone—a person—was willing to leave their mark and say: “I won’t deny this is mine.” Tao Expires 2 October 2025 [Page 4] Internet-Draft HGCP March 2025 That act of responsibility is not a signal of trust. It is the beginning of traceable expression. 4. Signature Declaration Structure HGCP provides a minimal and consistent way for individuals to attach a human-responsible declaration to their expression. The purpose of this signature is not to validate the content's origin or truth, but to acknowledge authorship responsibility. 4.1. Required Fields: * *signer_id* A stable identifier such as a pen name, public key fingerprint, or platform username. (Example: "tao_qiwen", "0xDEADBEEF...", or "@user42") * *timestamp* The UTC time when the signature was created, preferably in [RFC3339] format. (Example: "2025-03-29T14:22:00Z") * *content_hash* A cryptographic digest of the content, using a standard function (e.g., SHA-256 as per [RFC6234]). This ensures the signature applies to a specific version of the content. (Example: "c9a7f99bca40...f3b8eaa1") * *hgcp_version* The HGCP structure version. This enables future compatibility. (Example: "0.2") * *declaration* A plain statement of expression ownership. Example: "I acknowledge that the above content was written by me and I take responsibility for it." 4.1.1. Optional Fields: * *tools_used* Any relevant tools involved in content creation, such as AI assistants or translation software. (Example: ["ChatGPT", "DeepL"]) * *identity_type* Free-form label indicating the signer’s identity nature (e.g., "real-name", "anonymous", "org"). Tao Expires 2 October 2025 [Page 5] Internet-Draft HGCP March 2025 * *revocability* Indicates whether the signed content can be revoked or updated by the signer. Suggested values: immutable | revocable-with-proof | time-limited-editable * *id_format* Describes the format of signer_id. Example: "PGP fingerprint", "platform handle" * *gpg_signature* (optional) Optional OpenPGP signature block (see [RFC9580]) for cryptographic verification. 4.1.2. Example Signature (Markdown): markdown Author: Tao Qiwen Timestamp: 2025-03-29T14:22Z HGCP Version: 0.2 ID Type: anonymous Tools Used: ChatGPT + manual edits Content Hash (SHA-256): aGVsbG8sIHdvcmxk... Revocability: editable-until- locked Declaration: I confirm that the above content was published by me, and I take responsibility as a human author. Example HGCP Signature (JSON, v0.1): json { "signer_id": "qiwen2025", "id_type": "anonymous", "timestamp": "2025-03-29T14:22Z", "hgcp_version": "0.2", "content_hash": "a732c8dffe34aabbcc...", "tools_used": ["ChatGPT", "Notion AI"], "revocability": "editable- until-locked", "declaration": "I confirm that the above content was published by me, and I take responsibility as a human author." } Optional cryptographic signature(if used): json { "gpg_signature": "-----BEGIN PGP SIGNATURE-----\n...\n-----END PGP SIGNATURE-----" } 4.1.3. Versioning: HGCP signatures are versioned only for compatibility of the structure, not for software or protocol identity. * *v0.1*: Basic signature fields (signer_id, timestamp, hash, declaration) * *v0.2*: Adds optional cryptographic signing (e.g., PGP) Future versions may support richer metadata, but core responsibility semantics will remain unchanged. Tao Expires 2 October 2025 [Page 6] Internet-Draft HGCP March 2025 5. Identity Types and Expression Context HGCP allows any signer—whether real-name, pseudonymous, anonymous, or organizational—to declare responsibility for content. Identity types help contextualize the expression but do not imply any ranking or evaluation. HGCP does not require real-name verification. It encourages consistent signer identifiers to help communities interpret expression history over time. 5.1. Common identity_type values * *human* A human individual taking responsibility for the expression. * *human+ai* A human-led expression assisted by AI tools. * *organization* A collective statement made on behalf of an organization or group. * *anonymous* An identity without public naming, but with persistent usage. * *ai* Clearly marked as AI-generated; signed only for transparency. These labels provide transparency about the nature of authorship. They are *not* intended to reflect credibility, authority, or trustworthiness. 5.2. Statement Responsibility Tags The optional statement_level field helps describe how the signer relates to the content. These tags are purely descriptive and allow for greater nuance in signature interpretation. 5.2.1. Example Values: * *HGCP-H* Human-only authored. Signer affirms full authorship. _Use Case:_ Essays, personal posts * *HGCP-H+AI* Human-led with AI assistance. Final expression reviewed and accepted by signer. _Use Case:_ AI-assisted drafts, edited outputs Tao Expires 2 October 2025 [Page 7] Internet-Draft HGCP March 2025 * *HGCP-O* Organizational statement. Signed on behalf of a group or institution. _Use Case:_ Press releases, policy updates * *HGCP-AI* Fully AI-generated. Signed for transparency only. _Use Case:_ System messages, bot content * *HGCP-C* Curated or recombined content. Signer takes responsibility for editorial framing. _Use Case:_ Compilations, reworded citations, summaries Platforms and readers may use these labels to better understand the signer’s intended relationship to the content. HGCP itself does not judge or verify authorship claims. 6. Platform and Tool Integration Suggestions HGCP is platform-neutral and decentralized. It defines a minimal declaration format, not a service or network. However, platforms and tools can improve expression traceability and user empowerment by supporting HGCP signatures. The following integration suggestions are non-normative and optional: 6.1. For content platforms: * Support HGCP signature generation (e.g., automatically add timestamp, content hash, and declaration block) * Display HGCP declarations visibly alongside content * Allow users to export signed content with metadata (e.g., JSON-LD or plaintext blocks) * Provide a "verify signature" button or endpoint to validate content hash and structure * Optionally allow flagging of clearly forged or mismatched signatures 6.1.1. For authoring tools: * Markdown, word processors, or note apps can include local HGCP signing plugins Tao Expires 2 October 2025 [Page 8] Internet-Draft HGCP March 2025 * AI-assisted writing tools may offer HGCP signature prompts as part of the editing interface * Submission systems can provide “voluntary signing” options for human-generated content 6.1.2. For reader tools and browser extensions: * Detect and visually highlight HGCP-signed content (e.g., badges, overlays) * Enable readers to inspect signature structure and metadata * Optionally support comparison between content and signed hash HGCP does not define any reputation system or trust score model. Any further interpretation of signature patterns or signer behavior is up to the platform or community. 7. Social and Ethical Considerations HGCP is not a replacement for content governance or moderation systems. It is a voluntary declaration format designed to restore visibility to human-authored expressions in an increasingly hybrid and synthetic content landscape. HGCP does not: * Detect or classify AI-generated content * Track real-world identities or require de-anonymization * Evaluate the truth, originality, or value of signed content * Prevent unsigned content from being published or shared HGCP does protect: * The right of anonymous or pseudonymous authors to claim authorship * The right of each signer to define their identity level * The right to revoke, edit, or update previously signed expressions * The right of platforms to adopt or extend HGCP support in their own way Tao Expires 2 October 2025 [Page 9] Internet-Draft HGCP March 2025 HGCP offers a decentralized path to expression responsibility. Not by enforcing rules or judgments, but by providing a way for individuals to say: “This is what I said. I stand by it.” Those who sign are not guaranteed to be believed. But they are present. They are accountable—not because a system judges them, but because they are willing to be named. HGCP does not create trust. It creates traceable ownership of speech. It gives those who choose to acknowledge their words a way to be recognized—not as authorities, but as responsible authors. 8. Example Use Cases The following examples illustrate how HGCP declarations may be voluntarily applied in real-world settings. These are non-normative, and serve only to demonstrate the flexibility of identity and responsibility expression. Each example shows how a signer may combine identity_type, statement_level, and an explicit declaration to visibly acknowledge authorship. 8.1. Use Case 1: Personal Blog Post identity_type: pseudonymous statement_level: HGCP-H A long-form blogger writing under a pseudonym adds a signature to the end of each post. While their views are subjective, they accept personal responsibility for the expression. json { "signer_id": "silentvoice", "id_type": "pseudonymous", "statement_level": "HGCP-H", "timestamp": "2025-03-29T16:12Z", "tools_used": [], "declaration": "I wrote the above post entirely on my own and stand by it as a human author." } ### Use Case 2: Anonymous Discussion Post identity_type: anonymous statement_level: HGCP-H Tao Expires 2 October 2025 [Page 10] Internet-Draft HGCP March 2025 An anonymous commenter in a public thread wants to show they are a real person and take responsibility for their words. json { "signer_id": "anon321", "id_type": "anonymous", "statement_level": "HGCP-H", "timestamp": "2025-03-29T17:35Z", "tools_used": [], "declaration": "I stand by this statement as an individual human participant in this conversation." } 9. Criticisms and Responses As a voluntary protocol, HGCP is not without its skeptics. The following are common concerns and clarifications based on HGCP's minimal scope: 9.1. Criticism 1: “Signing doesn’t stop misinformation.” Response: Correct. HGCP is not a content moderation tool, fact- checking system, or truth validator. It simply allows someone to say: “I said this, and I acknowledge it.” Whether a statement is correct or misleading is a separate question—to be handled by public debate, platform policy, or legal frameworks. HGCP does not seek to replace those. 9.2. Criticism 2: “Malicious actors can sign too.” Response: Also true. HGCP is structurally neutral—it permits anyone to claim authorship. But just as speech is not inherently good or bad, signing is simply a visible act of association. HGCP does not prevent manipulation or abuse. It only makes authorship claims visible and timestamped, enabling others to observe and respond accordingly. Communities or platforms may choose to interpret signing behavior over time, but that is outside HGCP’s protocol scope. 9.3. Criticism 3: “Why not require real names?” Response: HGCP affirms the importance of anonymous and pseudonymous expression. In many contexts, forced real-name use can threaten safety, chill dissent, or suppress marginalized voices. Responsibility does not require identity disclosure. It only requires someone to say: “This is mine.” Tao Expires 2 October 2025 [Page 11] Internet-Draft HGCP March 2025 9.3.1. Final Note: HGCP enables voluntary, declarative authorship acknowledgment. It complements—but does not replace—other systems of fact-checking, moderation, or trust. It is not a gatekeeper of credibility. It is a container for responsibility. 10. Scope and Limits of Human Responsibility HGCP affirms an ethical gesture of responsibility, not a legal or contractual obligation. Signing indicates that the author: * Is a human (or self-identifies as such), * Chooses to claim the expression, * Accepts the potential social consequences of that claim. However, the scope of “responsibility” must be clearly understood: * HGCP does not confer legal liability, unless such liability is enforced by separate laws or agreements. * HGCP does not guarantee truth, originality, or moral correctness. * HGCP permits revocation, and platforms may optionally record and display revocation history. Over time, a signer’s patterns—such as frequent revocation or contradictory claims—may shape how others interpret their expression history. Such interpretations are entirely up to readers and platforms and are not part of HGCP's protocol logic. HGCP is a signal of authorship, not a system of judgment. It is a flag of presence—not a badge of truth. 11. Why We Need HGCP Now In an era where synthetic content floods our screens and truth feels elusive, what we are losing is not just facts—but responsibility. Expression has never merely been about information. It is about standing behind what one says. Tao Expires 2 October 2025 [Page 12] Internet-Draft HGCP March 2025 HGCP is a quiet signal. It is not a firewall, not a detection engine— It is a torch, held by those willing to say: “This is what I said. And I am willing to be remembered for it.” Those who sign are not necessarily perfect, but they are present. They are not hiding. They are willing to be named. HGCP does not stop AI, nor does it determine the truth or value of content. It offers a decentralized, human-first way to make authorship claims visible— not for control, but for clarity. Just as HTTPS makes communication verifiable, HGCP makes expression attributable. Not by enforcing identity, but by inviting responsibility. In an age of artificial voice, what will stand out is not who speaks loudest— but who is willing to say: “Yes, this is mine.” 12. Future Extensions and Evolving Use Cases HGCP is intentionally minimal. Its current version focuses on text-based, single-signer declarations of human responsibility. However, real-world expression scenarios are far more diverse. Future optional extensions may include: * Multi-signer declarations (e.g., co-authorship or joint statements) * Partial responsibility claims (e.g., hybrid paragraph-level tags) * Multimedia content hashing (e.g., for audio, images, or video) * Publisher-disclosed AI content without human attribution * Role-specific identity declarations (e.g., editor, curator, translator) * Richer metadata for context, disclaimers, or editorial framing Tao Expires 2 October 2025 [Page 13] Internet-Draft HGCP March 2025 These extensions are not part of the current protocol and remain exploratory. Any future evolution of HGCP should remain faithful to its core principle: Responsibility, voluntarily claimed, should be made legible. New features must enhance this clarity—not obscure or overcomplicate it. 13. IANA Considerations This document has no IANA actions. 14. Security Considerations HGCP does not introduce new network protocols or data exchange layers. It poses no direct technical threats such as injection, eavesdropping, or man-in-the-middle attacks. However, HGCP introduces indirect risks, rooted in the potential misuse or misinterpretation of voluntary signature declarations. These risks are primarily social and structural, not cryptographic. 14.1. Identity Impersonation and Signature Forgery Without optional cryptographic signing (e.g., OpenPGP), malicious actors may forge declarations using arbitrary signer IDs. To mitigate impersonation, platforms may support cryptographic binding, identity verification mechanisms, or identity attestations. 14.2. Mass Signature Automation (Sybil Behavior) In the absence of rate limits or friction, automated agents could mass-generate content with fake signature blocks to simulate presence at scale. To reduce such noise, platforms may implement rate controls, account friction, or signature frequency thresholds. 14.3. Content Hash Evasion via Trivial Edits HGCP uses cryptographic content hashes to bind the declaration to a specific text version. Even minor changes (e.g., punctuation, emoji) generate different hashes, allowing close but unsigned derivatives to circulate unchallenged. Platforms may address this via: Tao Expires 2 October 2025 [Page 14] Internet-Draft HGCP March 2025 * Content snapshot storage alongside signature metadata * Optional use of fuzzy hashing or similarity checks * Encouraging authors to sign canonical versions of their work 14.4. Revocation Misuse and Responsibility Evasion HGCP supports editable or revocable declarations, which enhances flexibility. However, it may also allow strategic withdrawal or denial of public expression. Platforms are encouraged to: * Retain and display revocation timestamps or signature histories * Clearly indicate altered or withdrawn declarations * Offer viewers transparent context about change history 14.5. Absence of Native Trust or Scoring Mechanisms HGCP intentionally avoids any native trust or scoring system. All interpretations of signature consistency, credibility, or intent are left to the discretion of platforms or communities. Protocol-level neutrality ensures freedom, but also delegates responsibility for risk assessment to the surrounding ecosystem. 14.6. Final Note HGCP’s security lies not in enforcement, but in visibility. It offers no guarantees—only a format in which authors can voluntarily say: “This is mine. I said this.” Whether others choose to believe, contest, or ignore such declarations is beyond the protocol’s scope. HGCP’s minimal structure invites participation, not control. 15. Informative References [RFC3339] Klyne, G. and C. Newman, "Date and Time on the Internet: Timestamps", RFC 3339, DOI 10.17487/RFC3339, July 2002, . Tao Expires 2 October 2025 [Page 15] Internet-Draft HGCP March 2025 [RFC6234] Eastlake 3rd, D. and T. Hansen, "US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF)", RFC 6234, DOI 10.17487/RFC6234, May 2011, . [RFC9580] Wouters, P., Ed., Huigens, D., Winter, J., and Y. Niibe, "OpenPGP", RFC 9580, DOI 10.17487/RFC9580, July 2024, . Acknowledgments This document was initially drafted using ChatGPT (OpenAI), and subsequently edited and approved by the human signer. The signer acknowledges responsibility for the final content. Author's Address Qiwen Tao Independent Researcher Email: natureconservation@yeah.net Tao Expires 2 October 2025 [Page 16]