W3C home > Mailing lists > Public > public-identity@w3.org > June 2011

Re: The Internet Identity (WG) Crisis

From: Anders Rundgren <anders.rundgren@telia.com>
Date: Tue, 28 Jun 2011 15:05:30 +0200
Message-ID: <4E09D19A.6010802@telia.com>
To: Henry Story <henry.story@bblfish.net>
CC: "public-identity@w3.org" <public-identity@w3.org>
Henry,

I don't disagree with what you write but there are initiatives
having a higher inertia than WebID because they depend on
multiple things to happen at roughly the same time.

Anything browser-2-server "protocolish" falls into this category.

If we take my pet project, Key Provisioning, it is undoubtedly in
the other end of the spectrum compared to WebID but that doesn't render
it useless; it just requires much more work on every front you can imagine.

Is there a short-cut?  I haven't seen it at least.  That current schemes
work for WebID is true but a close to 100% reject of <keygen> and CertEnroll
for *other* usages seems to say something as well.  If my long-short works as
planned, WebID will benefit from a fundamentally better platform including
a GUI borrowed from Microsoft's [unfortunately failed] Information Card project.

"Everybody should have their own business plan"

I have in my project removed "business" but kept "plan".  Open HW + SW
clearly isn't what the "authentication industry" is looking for.  However,
the potential *users* of the technology should have no issues with that :-)

BTW, WebID is great!  It will be even greater when you keep your ID in
the phone.  But we have to wait:

http://www.mobilepaymentstoday.com/blog/5901/Forget-about-the-wallet-wars-here-come-the-IP-wars

Anders


On 2011-06-28 14:34, Henry Story wrote:
> 
> On 28 Jun 2011, at 13:35, Anders Rundgren wrote:
> 
>> On 2011-06-28 12:01, Josh Howlett wrote:
>>>
>>>> A fundamental problem with option #2 is that it seems hard (maybe even
>>>> impossible) just getting down the basics such as Why, What and How.
>>>
>>> Could you expand on what you mean by that?
>>
>> Well, before you start anything it is always good to know WHY
>> you are doing it.  This is essentially the "vision" part.
> 
> "Philosophy and the Social Web"
> http://www.slideshare.net/bblfish/philosophy-and-the-social-web-5583083
> 
> All about what the web is, how it fits together architecturally and why Identity is core to it,
> and why it is so important to have it decentralised.
> 
>> HOW should presumably describe the necessary deliverables and the
>> strategy for getting these adopted.   The latter is almost always
>> missing because that is close to "business plan".
> 
> Implementations that interoperate. Everybody should have their own business plan.
> Bootstrapping is always difficult.
> 
>>
>> WHAT is the thing that existing charters usually specify.  Like
>> a secure authentication solution for mobile users.
> 
> What, with an order of delivery
>   - WebID for authenticaiton
>   - Authentication ontologies - to describe who can access what resource (ACL work at W3C)
>   - privacy ontologies (what can be done with the data)
>   - logics to tie any other auth system into WebID: so you can can show how different authentiction systems work
>   - formalised trust logics 
> 
> One does not need the whole stack. WebID works pretty well, combines nicely with openid, and can be used to start building the platform.
> 
> My feeling is more that for some psychological reason, the obvious solutions (to me) seem to be invisible to a lot of people in this space.
> 
> 
> Henry
> 
>>
>> Anders
>>
>>>
>>> Josh.
>>>
>>>
>>>
>>> JANET(UK) is a trading name of The JNT Association, a company limited
>>> by guarantee which is registered in England under No. 2881024 
>>> and whose Registered Office is at Lumen House, Library Avenue,
>>> Harwell Oxford, Didcot, Oxfordshire. OX11 0SG
>>>
>>>
>>>
>>
>>
> 
> Social Web Architect
> http://bblfish.net/
> 
> 
Received on Tuesday, 28 June 2011 13:06:27 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 28 June 2011 13:06:28 GMT