W3C home > Mailing lists > Public > public-credentials@w3.org > June 2016

Re: Data model abstract

From: David Chadwick <d.w.chadwick@kent.ac.uk>
Date: Tue, 14 Jun 2016 12:38:18 +0100
To: Timothy Holborn <timothy.holborn@gmail.com>, W3C Credentials Community Group <public-credentials@w3.org>
Message-ID: <3d24f339-ea51-388e-c3a7-3a00cdfcbae9@kent.ac.uk>
Unfortunately we have entered the world of vocabulary and the semantic
meaning of words. I think we both have similar concepts, but we use
different labels for them.

This is a massive problem in the identity world. This presentation from
the EU Future ID project

http://www.futureid.eu/data/presentations/OID2013-Bruegger-12-web-site.pdf

lists the number of different terms being used, and shows the lack of
commonality, between various large ID projects and standards.

The concept you label persona, I label identity. I think mine is more
common in the real world. This paragraph is taken from the UK Govt's
Future Identities Foresight Report

https://www.gov.uk/government/publications/future-identities-changing-identities-in-the-uk

'People have many overlapping identities:

This Report considers several aspects of identities including ethnic,
religious, national, age, family, financial,
and online identities. A person can have all these identities
simultaneously, although one identity might be
more important under particular circumstances. At home a person may find
their identity as a parent most
important, while at work they might identify as a company employee.
Online, they may pursue a hobby as
part of an interest group. Understanding which of a person’s identities
are most relevant in a given situation
depends on the context. Identities are, therefore, culturally contingent
and highly contextual, but can also be
strongly linked to behaviours, both positive (for example volunteering
in a community) and negative (such
as antisocial behaviour).'

So I think this explains why we disagree over the definitions and
vocabulary being used in the current set of documents, though not
necessarily on the underlying concepts

regards

David


On 14/06/2016 02:32, Timothy Holborn wrote:
> Let me answer this question from my current position of studies into the
> field.
> 
> People can only really have one real identity, which relates in-turn to
> their existence on the planet.  However people have multiple persona and
> therein an array of varied considerations relate to a lack of
> desire/capability to fully record what i consider 'the consciousness
> algorithm'.  The effect of Silos, 'big data' and an array of other
> facets are indeed producing an enormous amount of data - that by way of
> semantic web / linked-data, that is 'service centric' in design - this
> data is often available for sale between incorporated entities whom
> natural legal entities freely provide that data to, often without
> consideration.
> 
> So - whilst we exist as one 'being', the notion of multiple identities
> is often forged as a means to protect from asymmetrical values
> established by way of 'free' service-centric services that fail to
> furnish 'natural legal entities' (aka: users / subjects / products)
> principle rights in relation to the operation of the service; that is
> operated by a commercial organisation who has shareholders/stakeholders
> - and the whole thing gets quite messy...
> 
> So.
> 
> If you are issued an array of 'credentials' or 'secure 'linkable'
> documents' that say you own things, you've done things, etc.  The
> likelihood is that you do actually want to relate that to you.  
> 
> BUT; because the world is not perfect; and that in all likelihood, you
> do not have similar legal capacities to that of a incorporated legal
> entity whom you may feel vulnerable; the rights of self-protection
> include rights of privacy amongst others.  
> 
> Therein; what we're actually looking for IMHO is the ability for
> self-determination - in a manner consistent with UN Human Rights
> principles and local 'choice of law' related 'rule of law' stuff - for
> Identity and Identity related claims; and, the ability to mask identity
> by way of persona or indeed 'pseudo-anonymity'.   I'm sure some
> companies will make it very easy to 'freely' reduce the anonymity
> layers, much as facebook does today, as to collect more data for sale. 
> Some of this is not part of our standards work but rather related work
> that needs to be addressed somehow.  with or without open-standards, i
> do not see this freight-train stopping or companies making them - going
> out of business... 
> 
> So, the ability for 'self sovereign' or 'human centric (web)' or 'right
> to self-determination' / compatibility with non-web systems of civic
> participation / law (meaning, the ability to be a digital Australian
> Citizen for the purposes of my data storage and use, for instance)
> in-turn seemingly provides the capacity to support persona in a way that
> service-centric infrastructure solutions would not lend themselves to as
> easily; yet, these things IMHO extend beyond the production of a
> technological means in which to deploy alternative architectures for
> data-solutions to the means in which any successful effect to produce
> tooling is used by operators. 
> 
> This is much the same as 'linked-data' technologies themselves. 
> 
> Whether someone chooses to present 'proofing' information or not, should
> really be upto them and 'rule of law' in the territory.  Equally, if
> someone has driven my car and been speeding - i should be able to use
> technological evidence to prove i wasn't driving the car as to support
> 'rule of law'; or, if a government employee breaks the law in the course
> of their duty causing harm to me - they should be accountable for their
> actions rather than leaving the problem for increased taxpayers expense
> in other areas, by necessarily treating the symptoms caused to another
> by a would-be semi- legally immune human, due to business systems
> established in relation to that human's work environment as a government
> employee.
> 
> Yet, some of that may be considered ideological / verging on 'religious'
> belief... not sure...
> 
> HOWEVER - HAVING SAID THAT!!~!!
> 
> I think it's important to be able to produce logical derivative
> credentials for use by persona.  A birth certificate/credential can be
> used to derive whether or not someone is over 18/21 without giving all
> the details otherwise displayed in the birth certificate.  
> 
> Similarly a postal address can be used to say what country, state or
> suburb a person lives in.  
> 
> The details held within credentials should not be automatically provided
> for a simple request.  The design-strategy for how these documents are
> produced IMHO should continue to consider different ways in which the
> cryptography methods could be supported by simple logic, whether via
> semantic-resources (ie: lowering the resolution of GPS Point-data) or
> otherwise. 
> 
> SUMMARY
> My consideration about 'human centric' is to strip what we've
> sociologically created in considering the underlying principles /
> foundations to what we need to design for an identity related
> eco-system.  Stripping it all away - we're left with humans
> communicating & making decisions.  Therein; when applying this 'human
> centric web' concept to the problem-area - what we're trying to do is
> essentially provide means to cryptographically support the electronic
> communication of evidence or secured electronic documents that are
> machine readable; as to improve support for the means in which a human
> communicates with others in a fair way, that is also more capable of
> being perceived as trust-worthy or honest.  
> 
> What people do with it, and how they present themselves - what they
> choose to do - is kinda up-to the individual, and the persona that
> person chooses to narrate as part of their temporal existence.  
> Underneath it all; Time is a constant.  We're able to play a bit with
> the amount of 'mass' we affect using the most efficient use of energy.
> 
> computationally these things can end-up being rather simple for
> machines, so it's best, IMHO, we keep it real, as humans...
> 
> Tim.H.
> 
> On Tue, 14 Jun 2016 at 01:27 David Chadwick <d.w.chadwick@kent.ac.uk
> <mailto:d.w.chadwick@kent.ac.uk>> wrote:
> 
> 
> 
>     On 13/06/2016 15:34, Dave Longley wrote:
>     > On 06/12/2016 03:52 PM, David Chadwick wrote:
>     >> I would like to suggest a change to the latest data model document
>     >> http://opencreds.org/specs/source/claims-data-model/
>     >>
>     >> Specifically, the document abstract currently says
>     >>
>     >> A TBD credential is a set of claims made by an entity about an
>     >> identity. A TBD credential may refer to a qualification, achievement,
>     >> quality, or other information about an identity such as a name,
>     >> government ID, home address, or university degree that typically
>     >> indicates suitability.
>     >>
>     >> The problem I have with this, is that the set of claims are being
>     >> made about an identity, rather than the set of claims actually being
>     >> the identity. In my opinion the above is in direct contradiction to
>     >> the first sentence of the abstract which says 'An identity is a
>     >> collection of attributes about an entity'.
>     >>
>     >> I would therefore like to change the abstract to read
>     >>
>     >> A TBD credential is a set of claims made by one entity (the issuer)
>     >> about another entity (the holder). A TBD credential may refer to a
>     >> qualification, achievement, quality, or other information about the
>     >> entity. A set of credentials forms one of possibly many identities
>     >> of the entity.
>     >>
>     >> If this is agreed, then other similar changes will be needed
>     >> throughout the document such as: a collection of digital TBD
>     >> credentials that assert claims about that identity. TBD Credentials
>     >> are associated with identities etc.
>     >
>     > I don't see the same contradiction, so the language is failing in one
>     > way or another. I consider "an identity" to be the superset of all
>     > possible sets of credentials. A set of credentials is merely a profile
>     > of that identity.
> 
>     Can I ask you "how many identities can a subject have?". Your sentence
>     above implies the answer is one. If so, then we have a fundamental
>     disagreement
> 
>     regards
> 
>     David
> 
> 
>     >
>     > We should probably change all of this language to talk instead about a
>     > Subject, which is given an identifier. And then talk about how
>     > associations can be made between that identifier and other pieces of
>     > information, in order to establish claims/attributes about the
>     Subject.
>     > That may help avoid the "identity" confusion altogether.
>     >
>     >
> 
Received on Tuesday, 14 June 2016 11:38:40 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:29 UTC