W3C home > Mailing lists > Public > public-credentials@w3.org > May 2017

Re: First pass at CG naming goals and restrictions google doc

From: Adrian Gropper <agropper@healthurl.com>
Date: Wed, 31 May 2017 08:29:10 -0400
Message-ID: <CANYRo8j9AmVwsMO=zj5SsUas02seRzHmSBdXkjbyRO84r5vKGw@mail.gmail.com>
To: Timothy Holborn <timothy.holborn@gmail.com>
Cc: Kim Hamilton <kimdhamilton@gmail.com>, Credentials CG <public-credentials@w3.org>

I'm a big fan of either self-sovereign technology (SST) or self-sovereign
support technology and I agree with Kim's pros and cons on adopting the
term. The longer version is more accurate (according to a discussion on the
VRM list about a year ago...) but the short version may be best.

That SST might put off the corporations is pretty clear because it's tech
that nobody owns but you. It's tech without a privacy policy because
there's no counter party to have a policy or other contract with. It's open
source by definition. It's like most of Bitcoin and Ethereum or an open
source home router. That said, I think it's time we raised the issue with
the corporations about "the web we want"- the tag line for

Our implants (I'm an MD, medical device developer), our cyborgs, our
personal agents online, will be SST soon enough. They will protect our
policies the way our hardware secure elements protect our private keys
today. My SST will be enhanced with machine intelligence in order to learn
my preferences and act autonomously on my behalf.

There's really no way around having the discussion of how two individual
humans connect through their SST in a completely private way. Start with a
simple smart contract.

The place where our institutions intersect with SST is what we call the
"identity container" in RWoT. In the stack that I work on (HIE of One), the
identity container includes an UMA Authorization Server that issues
standard tokens to third party entities (individuals and institutions)
mostly automatically but with an occasional fallback to live interaction
with the human owner in cases where the protected policies are ambiguous.

Looked at from this perspective, blockchain IDs are an essential foundation
for SST because they are a web of trust to link together our SSTs for
trusted interaction with each other as people.

The SST identity container as authorization server becomes the place where
requesting parties (individuals and institutional) present their claims.
The identity container can act on our behalf to sign-in to institutions. As
the police cars say: "To protect and serve."


On Wed, May 31, 2017 at 3:37 AM, Timothy Holborn <timothy.holborn@gmail.com>

> my apologies for the blunt expression of concerns...
> webizen would likely be my vote. Has some heritage;
> http://webizen.org/
> https://www.w3.org/wiki/Webizen
> The concept of 'individual membership' (not simply to the W3C but more
> broadly to the web) is poorly supported.
> A solution enables the means for the (somewhat quantum in nature) identity
> of persons in cyberia - to be provided the necessary qualities to support
> the dignity of the homo sapien for which the web of identifiers, data
> structures, query infrastructure, presentations, representations, persona
> attributes, personalisation, dignity frameworks embodying elements of
> privacy considerations in combination with the needs of accountability
> measures; support for frameworks such as 'rule of law', human rights,
> provenance, version control, interactions with things, instruments, claims,
> enterprise infrastructure in a manner where terms of agreement can be
> bilaterally defined (rather than unilaterally applied), etc.   Where if
> sensitive and personal data about you can be used to help...  cure
> cancer... or solve a violent crime, or some other very specified purpose by
> way of some amazing website with some crazy intelligent science built into
> it; that you can safely share that data without unintended consequences
> that you're unable to do anything about...
> A solution were people can store their data, but not trade everything they
> have stored about them for a discount at the petrol station, even if they
> are old and don't know what they are doing with these contraptions they
> need to have, as a means to function in society.
> a human centric web.
> the web works so well today, that even if half the population of the world
> protested the way the web was working; people would still be forced to use
> it to share the photos (on Facebook, for example)...
> so yeah.  'choice of law', data rights, the means for a citizen of some
> place in the world to use data that exists about an experience they have
> had - somewhere else in the world; to protect their civil rights?  seems so
> very unimportant, i'm very depressed about it as a circumstance.
> Webizen is the best possible name for a movement that aims to provide what
> i believe is the underlying purpose of this 'self sovereign' concept.
> Describes a 'citizen of the Web'.
> A Webizen is a person
> <http://www.urbandictionary.com/define.php?term=person> who is adept in
> Web <http://www.urbandictionary.com/define.php?term=Web> techniques and
> who essentially lives
> <http://www.urbandictionary.com/define.php?term=lives> on the Web.
> Source: http://www.urbandictionary.com/define.php?term=Webizen
> Tim.H.
> On Wed, 31 May 2017 at 16:57 Timothy Holborn <timothy.holborn@gmail.com>
> wrote:
>> Kim,
>> I read the doc.  Nice.
>> Reputation systems flagged my interest. Most of that capability is done
>> now, I'm not even sure what ontology work needs to occur.  Perhaps
>> HTTP-SIGNATURES is still lacking? I thought it was deemed to be
>> unnecessary?
>> I didn't really understand what you hoped to work on.
>> At WWW2017 (which only a few attended) I went to town on calling out the
>> issue of ID.  Indeed, I sent an email to Vint, TimBL and many others
>> essentially saying "fuck you", why in 25 years did you consider ID to be so
>> unimportant.  My purpose was to say, that I wanted to see the problem
>> solved in their lifetime.
>> But i think they really did not appriciate the mail.
>> The tactical process said, was to build the elements.
>> Another statement said that as philosophers, concerns were had; which
>> indeed I understand, given the rather commercial sway any ID project seems
>> find so difficult to successfully navigate as the reality is, most projects
>> that look hopeful, get captured.
>> I have never understood "self soverign" I understand citizen and I
>> understand choice of law and I understand a multitude of things that seek
>> to be deemed "acceptable".
>> In my view identity, I consider to be a "theta layer" to the web, but
>> given I'm not really a "contributor" as the work has progressed..
>> I just read this "self soverign" concept confused.
>> When I started working on these things the reason why was because a
>> government department put upon me some decisions that changed my life, and
>> whilst those decisions were illegal, the fact was that the government
>> employees did it in a manner, knowingly, that ensured very little evidence
>> was available for me to remedy the harm they'd done as part of what they
>> considered to be their job.
>> I don't see how these years of work have done much to make the case for
>> vulnerable people any better.  Indeed I fear it's made the situation
>> worse.  I don't understand how these works provide the means for a person
>> who has been engaged, or forced into a transaction that is illegal or
>> wrong, to have the data to prove it when the entity who sought to yeild
>> power, through their database powered employment agreements, is involved in
>> a system that engineers products and services to protect them from
>> accountability. From.responsibility, beyond the mental health impacts those
>> people have from damaging the lives of others, for money to feed their
>> kids.
>> People say I'm not very commerical.  I think they need to wake the fuck
>> up.
>> Tim.h.
>> On Wed., 31 May 2017, 4:37 pm Timothy Holborn, <timothy.holborn@gmail.com>
>> wrote:
>>> What does a self soverign human look like?
>>> Or...   How can it be said.  What are the benefits to a smart phone,
>>> what does it do...  Or...
>>> What is a credential what does it do...  Or...
>>> What is a self soverign identifier..  what does it do?
>>> I have never understood the idea of "self soverign".  Is it like 2nd
>>> life or Minecraft, some space that's "self soverign", or perhaps moreover
>>> its soverign to the human? Who's self in the context to the sovereign?
>>> Thought I'd ask...
>>> Tim.h.
>>> On Wed., 31 May 2017, 2:14 pm Kim Hamilton, <kimdhamilton@gmail.com>
>>> wrote:
>>>> I took a first stab at enumerating the CG naming goals, proposed names,
>>>> pros and cons, etc so we know the constraints when picking a name
>>>> https://docs.google.com/document/d/1H5tO0IRawIHzVnRP2sTbdBA-
>>>> PUkWgSdcydx2ru2fPHg/edit?usp=sharing
>>>> I noticed that "Self-Sovereign Technology Community Group" had the
>>>> most positive reception with the fewest downsides. We could stop
>>>> there....otherwise, please edit/provide feedback and I'll continue to shape
>>>> this into something more actionable.
>>>> - Kim HD


Adrian Gropper MD

HELP us fight for the right to control personal health data.
Received on Wednesday, 31 May 2017 12:29:45 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:37 UTC