W3C home > Mailing lists > Public > public-credentials@w3.org > May 2017

Re: "Identity"

From: Timothy Holborn <timothy.holborn@gmail.com>
Date: Wed, 31 May 2017 02:06:57 +0000
Message-ID: <CAM1Sok1_6ydLCuLgCeEKNpishEWJXQKf=iUZDmgHOXYVu3Pp_w@mail.gmail.com>
To: Joe Andrieu <joe@joeandrieu.com>, public-credentials@w3.org
On Wed, 31 May 2017 at 11:43 Joe Andrieu <joe@joeandrieu.com> wrote:

> Right. I didn't suggest otherwise, Tim.  We shouldn't be trying to "solve
> identity". We're in agreement on that.
>

I care deeply about solving the identity problem, i'm just very much aware
that this group is not geared to do that.  It's geared to work on some of
the more important counterparts of identity as it is applied to trade;
verifiable claims, or a form of identity constituent.


>
> I asked that we find a way to contain identity conversations without
> demonizing the term.
>
> In particular, if we can't coherently discuss how verifiable claims affect
> privacy and identity, we will be creating exactly the kinds of systems that
> are feared by those opposed to cross-domain identifiers. That opposition
> will then have even more fuel to oppose any proposed specifications.
>

Not just privacy, but also 'terms of trade' as is applied to the 'subject'
or 'recipient' of these 'identity constituents' produced by 'persona ficta'
actors.

https://lists.w3.org/Archives/Public/public-webpayments/2014Jul/0043.html
= crickets, years later.


>
> As you say, "verifiable claims form a constituent of what identity is for
> living things and other actors". That's right.
>

Yes. IMHO, they're identity constituents.  But their only part of a broader
'identity lifecycle' framework / solution.  Was always part of my thinking;
and that indeed, re: WebID former works - the Creds works to be a very
important element of the identity framework requirements needed for humans.


>
> If we can't discuss that coherently, we are doing ourselves and the
> community a disservice.
>

unsure what to do about it really.  looking at ISOC related methods,
alongside some IEEE related stuff also. I'm very concerned that my works
over the years, directed towards providing the means in which vulnerable
humans may have made available to them digital evidence pertaining to
circumstances undertaken by way of computerised systems that they felt
harmed their wellbeing or that of their loved ones;  that these qualities
are not part of the use-cases deemed a priority (or even worth considering
seriously).

I am deeply concerned that the commercial focus will lead to an increasing
set of characteristics that grow to become an internet based replacement to
the older 'iron shackles' we put around the slaves neck;
https://www.youtube.com/watch?v=sKOk4Y4inVY&feature=youtu.be&t=17m28s


>
> -j
>
> On Tue, May 30, 2017, at 06:02 PM, Timothy Holborn wrote:
>
> I have seen this been brought up and it was noted, if I think I'm
> interested in working on a solution for identity then get 5 people, set up
> a CG, et.al.
>
> Yet it had been declared and demanded over the life of W3 credentials
> works that the group is not working on identity, therefore the solutions
> being defined are not suited for these usecases.
>
> What they are designed for is verifiable claims.
>
> The possibilities of digital identity is like an invisible shackle around
> the necks of unwittingly Nieve humans.  It is amongst the greatest flaws of
> our internet, our web, that it has not been addressed when so many other
> issues have been.
>
> It is a defining characteristic of open-standards communities in their
> long-term inability to effectively address this problem.
>
> So whilst I agree, it's a really big problem...
>
> This group is not in a straight forward and transparent manner seeking to
> solve the identity problem and will not be able to solve it effectively
> using any other engagement method, as such, isn't doing it.
>
> The group is working on verifiable claims, specifically, and whilst
> verifiable claims form a constituent of what identity is for living things
> and other actors; it is simply not, identity.
>
> Tim.h.
>
> On Wed., 31 May 2017, 3:41 am Joe Andrieu, <joe@joeandrieu.com> wrote:
>
>
> I started this note to send to Manu in particular, but realized it would
> be useful to share with the larger community. I chose not to cc the
> workgroup because cross-posting rarely leads to coherent conversations.
> Hopefully the community group is the right audience.
>
> This is a personal request.
>
> I appreciate the rathole we are trying to avoid by separating "Identity"
> with a capital "I" from technical conversations. I get it. A big part of my
> own contribution to the user-centric identity conversation and at RWoT is
> to shift how we talk about "Identity" because we usually do it so poorly.
>
> The fact is, "identity" is the sexy hot button that leads the introduction
> and context at workshops like IIW and ID2020 and with topics like
> self-sovereign identity and SDG 16.9. In other words, "Identity" is exactly
> what so many conversations need to be about, especially so people like
> regulators, CEOs, bankers, and ambassadors can make better decisions about
> how identity is managed--whether online or off.
>
> That's why I'm trying to fix how we talk about it. Because we can't have
> the disabling ratholes suck up attention and inflame unnecessary passions.
> We got a lovely rant by Frederic Engel in the RWoT session I led on
> "functional identity". It was great. The French accent and his passion and
> the whole gestalt was truly endearing and compelling. It was perhaps the
> most appropriate response to my attempt to limit exactly those types of
> rants. The irony was not lost on me. Instead, it taught me that there is
> still a lot of work to do to somehow both avoid the distraction while
> assimilating the passion and perspective.
>
> Unfortunately, establishing "Identity" as something we can't talk about
> undermines the effort to shift that conversation. It's the Overton window.
> When we make Identity off-topic for conversation, we can't fix how we talk
> about it. When we dismiss "Identity" as a viable element of conversation,
> we deny an entire region of relevant discussion. I am betting that it isn't
> the actuality of identity that frustrates us, it is the rathole those
> conversations can become.
>
> I argue the best way to avoid the rathole is to find the right way to talk
> about it. The right context. The right definitions. The right boundaries of
> scope.  Especially because whether we embrace it or fight it, verifiable
> claims are going to be used for identity. I'd like to face that head on
> rather than pretend it isn't going to happen.
>
> One thing that became clearer in the community call today is the
> motivation to avoid W3C hot buttons. Ok. I get that. It actually makes my
> point. When an organization like W3C is unable to have meaningful
> conversations about Identity, it is even more vital that we shift how those
> conversations unfold. I support minimizing "Identity" as a term where it
> doesn't clarify. There's a lot of that in the current docs. But I don't see
> wholesale exorcism as the right way to move the conversation forward either.
>
> In fact, I see *this* email as an important part of the conversation. We
> need to find a way to talk about Identity without the ratholes, rather than
> shut down all conversation about identity.
>
> So, my request is to please work with me to find a way to avoid the
> rathole without demonizing the term itself, for example, by putting it in
> "quotes" and adding caveats every time it is used.
>
> My current focus is on framing the conversation it terms of how identity
> functions rather than what it means culturally, psychologically,
> politically, or metaphysically. I also distinguish "Identity" and "Digital
> Identity", the latter being a tool to facilitate the former. That may or
> may not work for the groups in this conversation, but I believe it is a
> promising direction.
>
> Thanks,
>
> -j
>
> --
> Joe Andrieu, PMP
> joe@joeandrieu.com
> +1(805)705-8651 <+1%20805-705-8651>
> http://blog.joeandrieu.com
>
>
> --
> Joe Andrieu, PMP
> joe@joeandrieu.com
> +1(805)705-8651 <+1%20805-705-8651>
> http://blog.joeandrieu.com
>
>
Received on Wednesday, 31 May 2017 02:07:44 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:37 UTC