W3C home > Mailing lists > Public > public-credentials@w3.org > June 2016

Re: Data model abstract

From: Timothy Holborn <timothy.holborn@gmail.com>
Date: Tue, 14 Jun 2016 01:32:35 +0000
Message-ID: <CAM1Sok0sLjUK4v+0AP3OSvQWRR=GURqVZXyc=B9VTjhpcEJSLg@mail.gmail.com>
To: David Chadwick <d.w.chadwick@kent.ac.uk>, Dave Longley <dlongley@digitalbazaar.com>, W3C Credentials Community Group <public-credentials@w3.org>
Let me answer this question from my current position of studies into the
field.

People can only really have one real identity, which relates in-turn to
their existence on the planet.  However people have multiple persona and
therein an array of varied considerations relate to a lack of
desire/capability to fully record what i consider 'the consciousness
algorithm'.  The effect of Silos, 'big data' and an array of other facets
are indeed producing an enormous amount of data - that by way of semantic
web / linked-data, that is 'service centric' in design - this data is often
available for sale between incorporated entities whom natural legal
entities freely provide that data to, often without consideration.

So - whilst we exist as one 'being', the notion of multiple identities is
often forged as a means to protect from asymmetrical values established by
way of 'free' service-centric services that fail to furnish 'natural legal
entities' (aka: users / subjects / products) principle rights in relation
to the operation of the service; that is operated by a commercial
organisation who has shareholders/stakeholders - and the whole thing gets
quite messy...

So.

If you are issued an array of 'credentials' or 'secure 'linkable'
documents' that say you own things, you've done things, etc.  The
likelihood is that you do actually want to relate that to you.

BUT; because the world is not perfect; and that in all likelihood, you do
not have similar legal capacities to that of a incorporated legal entity
whom you may feel vulnerable; the rights of self-protection include rights
of privacy amongst others.

Therein; what we're actually looking for IMHO is the ability for
self-determination - in a manner consistent with UN Human Rights principles
and local 'choice of law' related 'rule of law' stuff - for Identity and
Identity related claims; and, the ability to mask identity by way of
persona or indeed 'pseudo-anonymity'.   I'm sure some companies will make
it very easy to 'freely' reduce the anonymity layers, much as facebook does
today, as to collect more data for sale.  Some of this is not part of our
standards work but rather related work that needs to be addressed somehow.
 with or without open-standards, i do not see this freight-train stopping
or companies making them - going out of business...

So, the ability for 'self sovereign' or 'human centric (web)' or 'right to
self-determination' / compatibility with non-web systems of civic
participation / law (meaning, the ability to be a digital Australian
Citizen for the purposes of my data storage and use, for instance) in-turn
seemingly provides the capacity to support persona in a way that
service-centric infrastructure solutions would not lend themselves to as
easily; yet, these things IMHO extend beyond the production of a
technological means in which to deploy alternative architectures for
data-solutions to the means in which any successful effect to produce
tooling is used by operators.

This is much the same as 'linked-data' technologies themselves.

Whether someone chooses to present 'proofing' information or not, should
really be upto them and 'rule of law' in the territory.  Equally, if
someone has driven my car and been speeding - i should be able to use
technological evidence to prove i wasn't driving the car as to support
'rule of law'; or, if a government employee breaks the law in the course of
their duty causing harm to me - they should be accountable for their
actions rather than leaving the problem for increased taxpayers expense in
other areas, by necessarily treating the symptoms caused to another by a
would-be semi- legally immune human, due to business systems established in
relation to that human's work environment as a government employee.

Yet, some of that may be considered ideological / verging on 'religious'
belief... not sure...

HOWEVER - HAVING SAID THAT!!~!!

I think it's important to be able to produce logical derivative credentials
for use by persona.  A birth certificate/credential can be used to derive
whether or not someone is over 18/21 without giving all the details
otherwise displayed in the birth certificate.

Similarly a postal address can be used to say what country, state or suburb
a person lives in.

The details held within credentials should not be automatically provided
for a simple request.  The design-strategy for how these documents are
produced IMHO should continue to consider different ways in which the
cryptography methods could be supported by simple logic, whether via
semantic-resources (ie: lowering the resolution of GPS Point-data) or
otherwise.

SUMMARY
My consideration about 'human centric' is to strip what we've
sociologically created in considering the underlying principles /
foundations to what we need to design for an identity related eco-system.
Stripping it all away - we're left with humans communicating & making
decisions.  Therein; when applying this 'human centric web' concept to the
problem-area - what we're trying to do is essentially provide means to
cryptographically support the electronic communication of evidence or
secured electronic documents that are machine readable; as to improve
support for the means in which a human communicates with others in a fair
way, that is also more capable of being perceived as trust-worthy or
honest.

What people do with it, and how they present themselves - what they choose
to do - is kinda up-to the individual, and the persona that person chooses
to narrate as part of their temporal existence.   Underneath it all; Time
is a constant.  We're able to play a bit with the amount of 'mass' we
affect using the most efficient use of energy.

computationally these things can end-up being rather simple for machines,
so it's best, IMHO, we keep it real, as humans...

Tim.H.

On Tue, 14 Jun 2016 at 01:27 David Chadwick <d.w.chadwick@kent.ac.uk> wrote:

>
>
> On 13/06/2016 15:34, Dave Longley wrote:
> > On 06/12/2016 03:52 PM, David Chadwick wrote:
> >> I would like to suggest a change to the latest data model document
> >> http://opencreds.org/specs/source/claims-data-model/
> >>
> >> Specifically, the document abstract currently says
> >>
> >> A TBD credential is a set of claims made by an entity about an
> >> identity. A TBD credential may refer to a qualification, achievement,
> >> quality, or other information about an identity such as a name,
> >> government ID, home address, or university degree that typically
> >> indicates suitability.
> >>
> >> The problem I have with this, is that the set of claims are being
> >> made about an identity, rather than the set of claims actually being
> >> the identity. In my opinion the above is in direct contradiction to
> >> the first sentence of the abstract which says 'An identity is a
> >> collection of attributes about an entity'.
> >>
> >> I would therefore like to change the abstract to read
> >>
> >> A TBD credential is a set of claims made by one entity (the issuer)
> >> about another entity (the holder). A TBD credential may refer to a
> >> qualification, achievement, quality, or other information about the
> >> entity. A set of credentials forms one of possibly many identities
> >> of the entity.
> >>
> >> If this is agreed, then other similar changes will be needed
> >> throughout the document such as: a collection of digital TBD
> >> credentials that assert claims about that identity. TBD Credentials
> >> are associated with identities etc.
> >
> > I don't see the same contradiction, so the language is failing in one
> > way or another. I consider "an identity" to be the superset of all
> > possible sets of credentials. A set of credentials is merely a profile
> > of that identity.
>
> Can I ask you "how many identities can a subject have?". Your sentence
> above implies the answer is one. If so, then we have a fundamental
> disagreement
>
> regards
>
> David
>
>
> >
> > We should probably change all of this language to talk instead about a
> > Subject, which is given an identifier. And then talk about how
> > associations can be made between that identifier and other pieces of
> > information, in order to establish claims/attributes about the Subject.
> > That may help avoid the "identity" confusion altogether.
> >
> >
>
>
Received on Tuesday, 14 June 2016 01:33:18 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:29 UTC