Re: trust models and AWWW (was Re: FYI, tag election links) from John Kemp on 2012-12-18 (www-tag@w3.org from December 2012)

From: John Kemp <john@jkemp.net>
Date: Tue, 18 Dec 2012 10:56:09 -0500
To: Larry Masinter <masinter@adobe.com>
Cc: Melvin Carvalho <melvincarvalho@gmail.com>, "ashok.malhotra@oracle.com" <ashok.malhotra@oracle.com>, "www-tag@w3.org" <www-tag@w3.org>
Message-Id: <10FD8618-6F12-42E1-B509-E81A65165128@jkemp.net>

On Dec 16, 2012, at 7:59 PM, Larry Masinter wrote:

> Melvin,
>  
> While the TAG might resist picking winners and losers in an unclear technology battle as a short-term strategy, I think AWWW suffers because it assumes trust too many places.
>  
> For updating the AWWW we have, I’ve been thinking somewhat the opposite: that we need at least a model and a framework for talking about trust, and to encompass the different ways in which trust affects architecture.

What is wrong with the following as a basis for talking about trust?:

"The World Wide Web (WWW, or simply Web) is an information space in which the items of interest, referred to as resources, are identified by global identifiers called Uniform Resource Identifiers (URI).
Examples such as the following travel scenario are used throughout this document to illustrate typical behavior of Web agents—people or software acting on this information space. A user agent acts on behalf of a user. Software agents include servers, proxies, spiders, browsers, and multimedia players."

I think that you do need to describe the agents at play on the Web. How have the agents described in AWWW changed in the "web of apps"? Or have they changed at all? What would better-describe their interactions these days than the interaction section of AWWW?

I did try this a few years ago myself, by the way: http://www.w3.org/2001/tag/2010/03/web-apps-taxonomy/web-apps-taxonomy.html even mentions "trust" explicitly. 

I do think that any new edition of AWWW would have to address whether the agents and the interactions between them are fundamentally changed, or whether the "sea of Javascript" is just a layer on the bedrock of the same set of agents interacting roughly in ways already documented by AWWW volume 1. 

Once you understood what entities are at work on the Web and how they might reasonably interact, you may be able to understand what properties are needed for each of them to be able to decide to trust each other or not. 

Regards,

JohnK

Received on Tuesday, 18 December 2012 15:56:35 UTC