- From: Jonathan Foote <foote@fastly.com>
- Date: Wed, 22 Mar 2023 10:05:06 -0400
- To: Dan Kioria <dankioria@gmail.com>
- Cc: public-antifraud@w3.org
- Message-ID: <CAOEvJgtHaZbuZ_UGq2B_RsG_xcH+vRojyFXQws1ZdQeD4ebw1A@mail.gmail.com>
Hello Dan. Thanks for sharing. I haven't read either of these books, but your summary provides some interesting perspectives. ICYMI the theory of privacy as contextual integrity (Helen Nissenbaum, see https://en.wikipedia.org/wiki/Contextual_integrity for a summary) offers a different perspective -- it may address the "relying party" concerns here. Jon On Wed, Mar 22, 2023 at 4:40 AM Dan Kioria <dankioria@gmail.com> wrote: > Principles of Self-Sovereign Identity vs Laws of Identity. > Principles of SSI by Christopher Allen > Laws of Identity by the late Kim Cameron > Two approaches to digital identity, security, and privacy, 15 years apart.. > > > https://dankioria.com/a-comparison-of-christopher-allens-principles-of-identity-and-kim-camerons-laws-of-identity/ > > In summary, "Principal Authority" and "The Laws of Identity" > significantly differ in areas of focus. In “Principal Authority” > Christopher Allen primarily focuses on legal and legislative frameworks > behind self-sovereign identity. In “Laws of Identity” Kim Cameron focuses > on setting the groundwork for ensuring internet users can interact with a > sense of trust, privacy, and security. > > The recommended solutions are not exactly similar, but they are all geared > toward achieving trustworthy, secure, and privacy-preserving digital > identity systems. That being said, both papers share several concerns, > recommendations, and principles. > > In hindsight, these are two writers tackling the same problem at different > times and circumstances. The digital identity world has made significant > leaps since 2005. The late Kim Cameron foresaw most of the challenges that > Christopher Allen addresses in his paper. However, Cameron may not have > seen the depth of the challenges the same way Christopher Allen saw them 15 > years later. > > Both Principles of SSI and Laws of Identity are focused on protecting the > person identified. I feel that most digital identity meta-systems have not > adequately considered the needs of relying parties. Once the person > identified is protected, who protects the relying parties? Don’t you want > to be able to trust the claims and representations made by the other party > just as much as you want privacy and anonymity for yourself? > > And aren’t we all relying parties? > > Dan Kioria > -- Jonathan Foote | Sr. Principal Engineer fastly.com | @fastly
Received on Wednesday, 22 March 2023 14:07:21 UTC