W3C home > Mailing lists > Public > public-credentials@w3.org > June 2016

Re: Data model abstract

From: David Chadwick <d.w.chadwick@kent.ac.uk>
Date: Tue, 14 Jun 2016 12:38:18 +0100
To: Timothy Holborn <timothy.holborn@gmail.com>, W3C Credentials Community Group <public-credentials@w3.org>
Message-ID: <3d24f339-ea51-388e-c3a7-3a00cdfcbae9@kent.ac.uk>
Unfortunately we have entered the world of vocabulary and the semantic
meaning of words. I think we both have similar concepts, but we use
different labels for them.

This is a massive problem in the identity world. This presentation from
the EU Future ID project


lists the number of different terms being used, and shows the lack of
commonality, between various large ID projects and standards.

The concept you label persona, I label identity. I think mine is more
common in the real world. This paragraph is taken from the UK Govt's
Future Identities Foresight Report


'People have many overlapping identities:

This Report considers several aspects of identities including ethnic,
religious, national, age, family, financial,
and online identities. A person can have all these identities
simultaneously, although one identity might be
more important under particular circumstances. At home a person may find
their identity as a parent most
important, while at work they might identify as a company employee.
Online, they may pursue a hobby as
part of an interest group. Understanding which of a person’s identities
are most relevant in a given situation
depends on the context. Identities are, therefore, culturally contingent
and highly contextual, but can also be
strongly linked to behaviours, both positive (for example volunteering
in a community) and negative (such
as antisocial behaviour).'

So I think this explains why we disagree over the definitions and
vocabulary being used in the current set of documents, though not
necessarily on the underlying concepts



On 14/06/2016 02:32, Timothy Holborn wrote:
> Let me answer this question from my current position of studies into the
> field.
> People can only really have one real identity, which relates in-turn to
> their existence on the planet.  However people have multiple persona and
> therein an array of varied considerations relate to a lack of
> desire/capability to fully record what i consider 'the consciousness
> algorithm'.  The effect of Silos, 'big data' and an array of other
> facets are indeed producing an enormous amount of data - that by way of
> semantic web / linked-data, that is 'service centric' in design - this
> data is often available for sale between incorporated entities whom
> natural legal entities freely provide that data to, often without
> consideration.
> So - whilst we exist as one 'being', the notion of multiple identities
> is often forged as a means to protect from asymmetrical values
> established by way of 'free' service-centric services that fail to
> furnish 'natural legal entities' (aka: users / subjects / products)
> principle rights in relation to the operation of the service; that is
> operated by a commercial organisation who has shareholders/stakeholders
> - and the whole thing gets quite messy...
> So.
> If you are issued an array of 'credentials' or 'secure 'linkable'
> documents' that say you own things, you've done things, etc.  The
> likelihood is that you do actually want to relate that to you.  
> BUT; because the world is not perfect; and that in all likelihood, you
> do not have similar legal capacities to that of a incorporated legal
> entity whom you may feel vulnerable; the rights of self-protection
> include rights of privacy amongst others.  
> Therein; what we're actually looking for IMHO is the ability for
> self-determination - in a manner consistent with UN Human Rights
> principles and local 'choice of law' related 'rule of law' stuff - for
> Identity and Identity related claims; and, the ability to mask identity
> by way of persona or indeed 'pseudo-anonymity'.   I'm sure some
> companies will make it very easy to 'freely' reduce the anonymity
> layers, much as facebook does today, as to collect more data for sale. 
> Some of this is not part of our standards work but rather related work
> that needs to be addressed somehow.  with or without open-standards, i
> do not see this freight-train stopping or companies making them - going
> out of business... 
> So, the ability for 'self sovereign' or 'human centric (web)' or 'right
> to self-determination' / compatibility with non-web systems of civic
> participation / law (meaning, the ability to be a digital Australian
> Citizen for the purposes of my data storage and use, for instance)
> in-turn seemingly provides the capacity to support persona in a way that
> service-centric infrastructure solutions would not lend themselves to as
> easily; yet, these things IMHO extend beyond the production of a
> technological means in which to deploy alternative architectures for
> data-solutions to the means in which any successful effect to produce
> tooling is used by operators. 
> This is much the same as 'linked-data' technologies themselves. 
> Whether someone chooses to present 'proofing' information or not, should
> really be upto them and 'rule of law' in the territory.  Equally, if
> someone has driven my car and been speeding - i should be able to use
> technological evidence to prove i wasn't driving the car as to support
> 'rule of law'; or, if a government employee breaks the law in the course
> of their duty causing harm to me - they should be accountable for their
> actions rather than leaving the problem for increased taxpayers expense
> in other areas, by necessarily treating the symptoms caused to another
> by a would-be semi- legally immune human, due to business systems
> established in relation to that human's work environment as a government
> employee.
> Yet, some of that may be considered ideological / verging on 'religious'
> belief... not sure...
> I think it's important to be able to produce logical derivative
> credentials for use by persona.  A birth certificate/credential can be
> used to derive whether or not someone is over 18/21 without giving all
> the details otherwise displayed in the birth certificate.  
> Similarly a postal address can be used to say what country, state or
> suburb a person lives in.  
> The details held within credentials should not be automatically provided
> for a simple request.  The design-strategy for how these documents are
> produced IMHO should continue to consider different ways in which the
> cryptography methods could be supported by simple logic, whether via
> semantic-resources (ie: lowering the resolution of GPS Point-data) or
> otherwise. 
> My consideration about 'human centric' is to strip what we've
> sociologically created in considering the underlying principles /
> foundations to what we need to design for an identity related
> eco-system.  Stripping it all away - we're left with humans
> communicating & making decisions.  Therein; when applying this 'human
> centric web' concept to the problem-area - what we're trying to do is
> essentially provide means to cryptographically support the electronic
> communication of evidence or secured electronic documents that are
> machine readable; as to improve support for the means in which a human
> communicates with others in a fair way, that is also more capable of
> being perceived as trust-worthy or honest.  
> What people do with it, and how they present themselves - what they
> choose to do - is kinda up-to the individual, and the persona that
> person chooses to narrate as part of their temporal existence.  
> Underneath it all; Time is a constant.  We're able to play a bit with
> the amount of 'mass' we affect using the most efficient use of energy.
> computationally these things can end-up being rather simple for
> machines, so it's best, IMHO, we keep it real, as humans...
> Tim.H.
> On Tue, 14 Jun 2016 at 01:27 David Chadwick <d.w.chadwick@kent.ac.uk
> <mailto:d.w.chadwick@kent.ac.uk>> wrote:
>     On 13/06/2016 15:34, Dave Longley wrote:
>     > On 06/12/2016 03:52 PM, David Chadwick wrote:
>     >> I would like to suggest a change to the latest data model document
>     >> http://opencreds.org/specs/source/claims-data-model/
>     >>
>     >> Specifically, the document abstract currently says
>     >>
>     >> A TBD credential is a set of claims made by an entity about an
>     >> identity. A TBD credential may refer to a qualification, achievement,
>     >> quality, or other information about an identity such as a name,
>     >> government ID, home address, or university degree that typically
>     >> indicates suitability.
>     >>
>     >> The problem I have with this, is that the set of claims are being
>     >> made about an identity, rather than the set of claims actually being
>     >> the identity. In my opinion the above is in direct contradiction to
>     >> the first sentence of the abstract which says 'An identity is a
>     >> collection of attributes about an entity'.
>     >>
>     >> I would therefore like to change the abstract to read
>     >>
>     >> A TBD credential is a set of claims made by one entity (the issuer)
>     >> about another entity (the holder). A TBD credential may refer to a
>     >> qualification, achievement, quality, or other information about the
>     >> entity. A set of credentials forms one of possibly many identities
>     >> of the entity.
>     >>
>     >> If this is agreed, then other similar changes will be needed
>     >> throughout the document such as: a collection of digital TBD
>     >> credentials that assert claims about that identity. TBD Credentials
>     >> are associated with identities etc.
>     >
>     > I don't see the same contradiction, so the language is failing in one
>     > way or another. I consider "an identity" to be the superset of all
>     > possible sets of credentials. A set of credentials is merely a profile
>     > of that identity.
>     Can I ask you "how many identities can a subject have?". Your sentence
>     above implies the answer is one. If so, then we have a fundamental
>     disagreement
>     regards
>     David
>     >
>     > We should probably change all of this language to talk instead about a
>     > Subject, which is given an identifier. And then talk about how
>     > associations can be made between that identifier and other pieces of
>     > information, in order to establish claims/attributes about the
>     Subject.
>     > That may help avoid the "identity" confusion altogether.
>     >
>     >
Received on Tuesday, 14 June 2016 11:38:40 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:29 UTC