After reading this post and being exposed to FOAF yesterday, I wonder if FOAF does not suggest a trust mechanism for *back pings. The moment you think about it, you realize it's just a matter of luck that the spammers haven't yet figured out that blog comments are vulnerable.