W3C home > Mailing lists > Public > public-xg-webid@w3.org > April 2011

Re: Position Paper for W3C Workshop on Identity

From: Henry Story <henry.story@bblfish.net>
Date: Thu, 28 Apr 2011 01:00:52 +0200
Cc: <public-xg-webid@w3.org>
Message-Id: <1C39AFE5-1BB3-494A-815A-1315784AAD20@bblfish.net>
To: peter williams <home_pw@msn.com>

On 28 Apr 2011, at 00:23, peter williams wrote:

> So, all it comes down to is, as relying party, pick your favorite go club?
> Is all we offer: just form up your own link graph?

If go had no rules of quality then their ranking would have no meaning.  Try
going to a go club and pretending you are a higer or lower rank than you really
are. You will see it will be evident very soon.

> Then, on that basis, there are a n million parties claiming to be
> authorities,

People can claim to be authorities, but that does not make them so.

> all with nothing to substantiate their claims. It's all just a
> mouth off - including the infamous Oxford School of Auto Engineering (a
> technical school teaching motor mechanics, leeching off the Oxford name,
> apparently). Perhaps you prefer the Polish national CA, because at least is
> Polish (vs American). Perhaps one has a pretty rainbow flag. Pick something
> that fits with your sense of identity?

Who said that anything that anybody says goes? I said universities were good
at giving information about the degrees someone has, and go clubs good at telling
the ranking of players. And that you are good at telling who your friends are.

Why do you try to distort what I am saying?


Henry

> 
> Is that it? Is this what we now offer as a global trust model: pick an
> interest group, where the tone feels right?
> 
> What is semweb offering that I cannot do, right now, with a facebook friends
> list (which already largely does the above)?
> 
> There is nothing in technology that makes the slightest difference to the
> interest-group association model, we have to be able to admit that to
> ourselves, at this point, I hope. One can build links of certs, cross certs
> (in the Entrust world view), links of facebook groups, or links of websites
> (in the webid view). All of them are a mere representation of a linked
> space.
> 
> (a definitive breakthrough we have made is to make public key crypto a
> fundamentum of semweb, which was not true before provenance and webid. There
> was a bit of PGP in university land, but that was as far as the thinking had
> gone.)
> 
> If we truly are denying that there can be any notion of authority, then Im
> not sure what we are replacing it with. It all seems very tribal.
> 
> The only thing Ive ever heard you argue in the authority asix is that you
> want the US government in charge of server certs and the underlying naming
> authorities - since that underlying assurance (a bit like the broken US
> dollar) is nonetheless better than any other option. It's the least worst
> option.
> 
> I cannot wait to see the Berlin paper, I have to admit. There, we see the
> trust model outlined, in which Im hoping that the raw technology written up
> in the identity paper reasons why the additional theorems added by the
> semweb technologies - suppressed in that paper  for an US audience concerned
> with today and next week - define an entirely new class of trust model that
> can (and should) exist. Then, we have to ensure we state why a tweak of SSL
> and  X.509 ( as awful as it is) cannot implement the same once its defined
> (since fixes to the commodity is a constant threat to our "advanced" work,
> and consistent with how American infrastructure typically capitalizes).
> 
> Im not sure what I can add to that Berlin paper, except to do what we have
> been doing today - which is to frame that *against which* we collectively
> lay a *contrasting* position. We have to be seen to understand the reality
> of today (as it was supposed to be by its designers, and as it actually is
> 15 years later as represented by "domain-certs"), and then offer a solution.
> 
> Im not sure anyone cares about creating a tribal planet, though, full of
> virtual tribes. Attacking the trust in the nation state and its public
> institutions is going to be a hard sell. We may be a 100 years too early, on
> that one. 
> 
> Anyways, off to watch a pomp and circumstance parade.
> 
> -----Original Message-----
> From: public-xg-webid-request@w3.org [mailto:public-xg-webid-request@w3.org]
> On Behalf Of Henry Story
> Sent: Wednesday, April 27, 2011 2:15 PM
> To: Peter Williams
> Cc: <public-xg-webid@w3.org>
> Subject: Re: Position Paper for W3C Workshop on Identity
> 
> 
> On 27 Apr 2011, at 19:52, Peter Williams wrote:
> 
>> If the uni has a business school specializing in accounting, an MBA will
> make the person not bad at accounting assurance. It's a lot better than me,
> with my science degrees.
>> 
>> If the uni is royal holloway (London) and you do the specialized master on
> information security, again a masters or diploma (higher) is not bad - for
> information assurance.
>> 
>> But an accounting/security audit performed by either person does not meet
> public policy. neither use prescribed methods, so the result from any audit
> firm us equivalent.
> 
> That's because the uni does not audit the work of those accountants, it
> audits their education. 
> I audit my friends.
> You audit yours.
> The go club audits people's ability to play go.
> ...
> 
>> 
>> If the uni-qualified person gets a cissp certification (should be easy for
> royal holloway folks). You are now fit to be trusted in a ca firm - to
> cooperate with an FBI order say (assuming personality and politics fits). A
> wikileaks activist would qualify but be rejected on politics (assume the
> covert part would be compromised). If the person shows lack of political
> disclosure, hiding wikileaks association say, again this is a reason for
> elimination (from a ia trust job, specifically).
>> 
>> If the auditor performs tests, the certified ia engineer can be assumed
> familiar and can assist get to the facts desired. If the facts depend on
> records, in an periodic audit, one can be assumed to know how not to fail
> the audit due to missing procedural steps ( numbered pages are missing...
> Etc).
>> 
>> If one offers a compensating control (all our employees are born and
> raised citizens with current disa clearances) we don't need to rely on those
> evil foreign university transcripts (full of assumed malice and
> unreliability - being from foreign sources, Assumed inherently untrustworthy
> by us govt processes). Thus one show by design and operations the risk of
> foreign influence is controlled by assumption (reasonable), so that the
> auditor does not need to now go sample the foreign transcript process (which
> doesnt exist, being made irrelevant by the citizen test).
>> 
>> The ca audit I passed was carefully structured to play the ia game. One of
> the hardest criteria sets to pass concerns networking (just choc full of
> gotchas, and expense). So, for a root ca (and it's audit) don't network the
> computer. Really.
>> 
>> Another gotcha set concerns correctness , of key management. Software
> crypto is hard to test and audit. F0r root ca, one had to show fips 140-1
> level 3 compliance - which essentially denies any software claims, and tests
> the entire lifecycle of keys (distinguishing the semantics of key erasure
> from key destruction say), with an accountability trail for each and every
> cloned key (for dr purposes, since all devices fail). All is subject to
> realtime sampling, testing, and comparison with the stated handling rules.
> One test wheter junior staff know the rules, and what happens when both
> senior folks are on trips (during the 2am emergency).
> 
> yes, and after all those audits the CA's just check people's e-mail
> addresses and send them the CA!
> 
>> 
>> Etc etc
>> 
>> It gies on for 100 more pages, like this. No. Its A 1000 pages. It's
> endless.
>> 
>> This is information assurance.
>> 
>> NSA has a nice website on the topic, being the ia lead in the us. Getting
> anyone to do it , given the cost and hassle factor, is hard - especially
> when revenues just don't support the overhead (eg realty mls business). Its
> easy to do if your a defense contractor on billion dollar contracts (being
> an aspect of general quality management). If consumers pay per person $50 a
> year for cloud office, with sufficient numbers and a standard set of
> software perhaps it's economic. For small mainstreet firms hosting web apps
> , it's prohibitively expensive. The mere fact Henry installed the 59 router
> from the supermarket dooms the audit to fail (or be prohibitively expensive,
> more likely).
>> 
>> So reason by analogy. What test does the ministry of education perform on
> the test centers for public school exams done in high schools , to assure
> the public that the proctoring is doing what the (non deceived) public
> expect of proctoring and national education certificates?
> 
> yes, something like that. If you want to look at it through auditing
> glasses, that's how it works. Not everything has to be fail proof to work.
> You know a lot of things around you, as I pointed out before, even though
> you don't and cannot know you are not a brain in a vat on alpha centauri
> being made to think you are typing these e-mails. 
> 
>> 
>> My cissp is something I cite (since I struggled to pass, even after all my
> years of security experience). My ccna is something I failed  (despite 20
> years of doing certain but not all packet switching defile) but I cite too
> (being reassurance I'm not a fraud, in basic data switching)  I don't cite
> my ccsp or  much as the course runners gave me what I now judge to be 90%
> the actual exams to practice, beforehand. This makes them pointless American
> it certifications (for assurance purposes, as any science major can cheat,
> having great exam technique by that point). Not totally useless (I did 12
> months self study in 2 weeks, and could really understand the curriculum,
> allowing a year of further very focussed self teaching). But not something
> I'd cite to get a job actually fixing high end cisco or Microsoft systems.
> I'd be a fraud, offering false assurances.
>> 
>> Make sense now?
>> 
>> Nothing to do with cert technology. Applies to 15th century ciphers too.
> Just more important for certs, as the damage is so much greater (worldwide
> public confidence).
>> 
>> 
>> On Apr 27, 2011, at d8:39 AM, Henry s <henry.story@bblfish.net> wrote:
>> 
>>> 
>>> On 27 Apr 2011, at 17:21, peter williams wrote:
>>> 
>>>> You might want to browse it - being all about the technology topics 
>>>> you often struggle with. ON the other hand, when looking at life 
>>>> anew, sometimes ignorance helps - so you is not drawn into the older
> mental models.
>>>> 
>>>> Anyways, there are three terms of art:
>>>> 
>>>> Identity  verification
>>>> User authentication
>>>> Information assurance
>>> 
>>> Ok, so when you go to a university, the Uni educates you, then tests 
>>> you, then gives you a degree. That is information assurance! What is the
> information?
>>> 
>>> Uni assures { X has Degree;
>>>              field :medicine
>>>              course </2011/Med/Liver> .. }
>>> 
>>> Presumably that means that he knows a certain amount about the 
>>> subject. But nothing is absolutely final of course as you point out. 
>>> His thesis may have been plagiarised, as recently happened in Germany 
>>> when the Minister of Defence was found to have employed someone else to
> write his thesis.
>>> 
>>> http://online.wsj.com/article/SB1000142405274870450600457617397076502
>>> 0528.html
>>> 
>>> If the university had given Karl-Theodor zu Guttenberg a WebID, they 
>>> would not remove their claim from his doctoral certificate page.
>>> 
>>> So it is easy to do assurance using WebID, and to remove assurance too.
>>> 
>>> Henry
>>> 
>>>> 
>>>> A term of art is rarely discussed in Wikipedia or a common dictionary.
>>>> 
>>>> Identity verification is that act which a notary performs when 
>>>> he/she authenticated an individual through personal knowledge or, 
>>>> more likely, checking your passport or drivers license as evidence 
>>>> of id. The notary attests to having done that act, while then making 
>>>> a statement. Early in certs, for use by early Apple Mac users, one 
>>>> got a X.509 cert by first going to a notary, obtaining the affidavit 
>>>> mentioned, and then sending that as evidence of (notary-based) id
> verification to the CA .
>>>> 
>>>> User authenication is the presentation of the cert to a relying 
>>>> party, along with a signature showing control over the private key.
>>>> 
>>>> Information assurance has nothing to do with any of the above, 
>>>> except when computers are used in the processes above. If you want a 
>>>> birth cert from the state of Hawaii, there is information assurance 
>>>> practices - that support the status of a bit of paper as a "record". 
>>>> Long form records may be valid legally, for the purposes of id 
>>>> verification; or may not. Because assurance rules change, only shoft 
>>>> form record may not be valid, legally. Assurance rules may require 
>>>> "originals", and not copies, and may distintuish certified copies 
>>>> (from copies, and from originals). A certified copy may have to be 
>>>> emboseed, by a particular seal (acting as a unique signing device.)
>>>> 
>>>> In the computer world, IA often comes down to the security audit, 
>>>> for the data center. If you are Comodo selling cert, and your 
>>>> resellers apply computers to access the minting services, and that 
>>>> channel is protected poorly, one can have the ridiculous situation 
>>>> in which the auditor performed investigations and tests that 
>>>> qualified the information assurance legvel as "sufficient", but non 
>>>> the less the channel is insecure. That's because, IA is about rules, 
>>>> not security. Its similar to an accounting audit that says the firm 
>>>> is not crooked, but it goes bust anyways. What matters is that the 
>>>> tests shew it was not crooked, to "assure" the public, using the
> services of public certified accountants.
>>>> 
>>>> Yes apple assure the public their phone is safe. Doesn't mean the 
>>>> fine print of the contract is not set to allow them and their 
>>>> friends to spy on you, in a manner you find offense - since you 
>>>> didn't KNOW you agreed to it!? Its deceptive, despite the assurance. 
>>>> The US government assures the public that new citizens are suitable 
>>>> citizens. Doesn't mean they are not ex-SS officers, having spent 
>>>> years designed terror weapons, having run factorys making them and 
>>>> having actually killed 20k civilians...(in London) in attempt to 
>>>> terrorise an entire population. Assurance means they now fit American
> rules, which change with the times.
>>>> 
>>>> In the CA world, the government generally seeks assurance that the 
>>>> firms will "do the right thing" - when asked. (This means spy, when 
>>>> served a covert order.) Its an important assurance, that the firm 
>>>> has CEO and staff that are "oriented" - and trustworthy, and can be 
>>>> trusted (to maintain the secrecy of the covert surveillance order, 
>>>> and scope the interception to the named individual, not the operators
> ex-spouse...).
>>>> 
>>>> Put a key in the RDFa of the document. See what happens... its not 
>>>> logical, but then neither is a non-deterministic search that guesses.
>>>> 
>>>> 
>>>> -----Original Message-----
>>>> From: public-xg-webid-request@w3.org 
>>>> [mailto:public-xg-webid-request@w3.org]
>>>> On Behalf Of Henry Story
>>>> Sent: Tuesday, April 26, 2011 11:44 AM
>>>> To: peter williams
>>>> Cc: 'Dominik Tomaszuk'; public-xg-webid@w3.org
>>>> Subject: Re: Position Paper for W3C Workshop on Identity
>>>> 
>>>> 
>>>> On 26 Apr 2011, at 20:34, peter williams wrote:
>>>> 
>>>>> Please remove the link to
>>>>> http://agendabuilder.gartner.com/IAM4/WebPages/SessionList.aspx?Spe
>>>>> ake
>>>>> r=7019
>>>>> 95 for my name. Or just remove my name all together (whichever is
>>>> easiest).
>>>>> I do not want an association with Rapattoni to be inferred by readers.
>>>>> 
>>>>> Im mostly making a point, tuned to webid, that individuals are in 
>>>>> charge - and do NOT need an organizational affiliation. They also 
>>>>> do NOT need evidence of standing (such as garner though me worth 
>>>>> inviting to talk about the needs of realty, to others deploying
> websso).
>>>>> 
>>>>> I know, it's a hard habit to break, since individuals have no 
>>>>> standing in academia; only having any authority when introduced as
> "faculty"
>>>>> (which then governs one's credentials and one's reputations).
>>>> 
>>>> But I thought many of your points on this list was on the importance 
>>>> of Information Assurance.
>>>> Are universities, companies posting profiles about people not well 
>>>> establish ways of doing information assurance?
>>>> 
>>>> Henry
>>>> 
>>>> 
>>>>> 
>>>>> 
>>>>> 
>>>>> -----Original Message-----
>>>>> From: public-xg-webid-request@w3.org 
>>>>> [mailto:public-xg-webid-request@w3.org]
>>>>> On Behalf Of Dominik Tomaszuk
>>>>> Sent: Tuesday, April 26, 2011 7:43 AM
>>>>> To: public-xg-webid@w3.org; Henry Story
>>>>> Subject: Re: Position Paper for W3C Workshop on Identity
>>>>> 
>>>>> On 26.04.2011 12:09, Dominik Tomaszuk wrote:
>>>>>> On 26.04.2011 10:36, Henry Story wrote:
>>>>>>> Ok, the paper is ready for xhtml export. Any further changes can 
>>>>>>> then be edited in the xhtml.
>>>>>> OK. In a few hours XHTML+RDFa version will be ready.
>>>>> Alpha version without CSS, valid XHTML+RDFa:
>>>>> 
>>>>> http://ii.uwb.edu.pl/~dtomaszuk/webid.html
>>>>> 
>>>>> Regards,
>>>>> 
>>>>> Dominik Tomaszuk
>>>>> 
>>>> 
>>>> Social Web Architect
>>>> http://bblfish.net/
>>>> 
>>>> 
>>>> 
>>> 
>>> Social Web Architect
>>> http://bblfish.net/
>>> 
>>> 
> 
> Social Web Architect
> http://bblfish.net/
> 
> 
> 

Social Web Architect
http://bblfish.net/
Received on Wednesday, 27 April 2011 23:01:24 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:06:24 UTC