- From: Timothy Holborn <timothy.holborn@gmail.com>
- Date: Sat, 20 Aug 2016 00:09:40 +0000
- To: Kingsley Idehen <kidehen@openlinksw.com>, public-webid@w3.org
- Cc: Credentials Community Group <public-credentials@w3.org>, "public-rww@w3.org" <public-rww@w3.org>, business-of-linked-data-bold <business-of-linked-data-bold@googlegroups.com>
- Message-ID: <CAM1Sok3ACPdts79kWq9RF872BW8ukOjy6-4kVYXUi0bMx1=JtQ@mail.gmail.com>
I saw some use-cases, couldn't help myself - i had to respond... On Fri, 19 Aug 2016 at 23:00 Kingsley Idehen <kidehen@openlinksw.com> wrote: > On 8/19/16 6:20 AM, Adrian Hope-Bailie wrote: > > Kingsley, > > I am playing devil's advocate here but I don't think you have answered my > question. > Gaining agility is not a business case. > > > Enabling, enhancing, and achieving agility via data access, integration, > and management is a fundamental business case. If that weren't the case, > why would markets for Analytics, Recommendation Systems, AI-driven Bots, > Big Data etc., exists? > > It is always about data-driven agility. > > > I am all for open standards, I spend the majority of my time working to > promote them but I am still trying to understand what the economic > incentive is for any service provider to adopt SoLiD as opposed to > controlling their user's data. > > > The economic benefit of open standards are as follows, always: > > 1. Flexibility -- when choosing platform components i.e, you can mix and > match a combination components in line with needs > 2. Vendor lock-in prevention > 3. Technology longevity -- you can always go back to a full spec for a > specific platform component. > > SoLiD isn't a standard, it is a combination of open standards and best > practices. Thus, its benefit is an open standards based approach for a > read-write web that benefits end-users and vendors. > > > > Google, Apple and Microsoft control the end-user experience for the > majority of users on the Web by giving them free browsers, email, social > etc. In return they make money from controlling the data those products and > services generate. > > > Correct! And history shows, companies don't adopt standards just because > they exists. They adopt standards as part of an "opportunity cost" > prevention or control mechanism, first. > > > Are you surprised that the browser vendors all actively block initiatives > at W3C that would promote an open identity system that would unlock their > user data silos? > > > I am not convinced they are blocking initiatives per se. From my vantage > point, there is a general communication problems between all the parties > involved. For instance, there has been a lot of fanfare about how browsers > implement TLS and its impact on the something like WebID+TLS protocol. That > situation is rectified by WebID+TLS+Delegation, but folks don't generally > see or promote that, on the pro WebID side of the argument. > > Bottom line, you can't declare standards adoption. You have demonstrate > the virtues of standards via applications that are adopted by end-users and > technology vendors. > > There are always politically astute excuses but let's be honest, if the > browsers wanted to they could have made adopting WebID an easy user > friendly experience and the world would be full of people who all have > their own WebID that is used to log into all the services they use on the > Web. > > > They don't need to. That's the problem. Here's a breakdown of the issue, > as I've come to understand it after hours of study and experimentation: > > You have a digital highway provided by the Internet. That highway (like in > the real-world) enables movement of data from one point to another where > security is scoped to the agents (software) transporting said data i.e., > just like cars and car registration numbers. > > The Web is an Internet abstraction that introduces the ability to identify > the user of an agent (like a car driver) distinct from an agent (the > software). Thus, you can demand reworking the highway just because car > drivers are now identifiable using their driver's licenses. That will never > wash in the real-world, so why would it work in cyberspace. > Ok. So, identifiers for the 'senario' of 'driving' (or being driven) down a highway. HWY Identifier Ontology (may include who fixed what, sensor data, GIS data, payments data, etc.) CAR ontology (make, model, functionality, who's in it, sensor info, ability to communicate with surrounding environment, ability to present media to occupants, etc.) NOTE: A part within the vehicle may have it's own agent / ontology. IE: the communications platform may be managed by a different vendor to the power-plant / drive-train of a vehicle, who may in-turn have access to each element as a counterpart of their role?) If owner of vehicle is subject to court order (ie: not allowed within x distance of x place, or cannot drive whilst intoxicated, etc.) then some other rule may apply... Occupants (whether self-driving car or simply the old-school method). - Occupants may have authority to direct the vehicle. - Occupants may have authority to drive the vehicle - Occupants may have authority to sell the vehicle. Multiple occupants may be in the vehicle; who may have multiple authorities at one time. ie: if the owner of the vehicle is intoxicated; then another person may be able to drive the vehicle on their behalf, whether or not they've previously been authorised to drive the vehicle - so long as the owner is in the car (and not in the boot) for instance... > Example: > I want to transport some goods from Boston to New York. > The scenario above includes toll booths and a final destination. > > On the highway, my car registration is the identity focal point, with > regards to toll payments. When I reach my destination, my personal identity > card (license or something else) is how I prove I am the delivery person > expected at the final destination. > isn't it simply your face? some sensor identifies something about you, and it's all very low-friction. Question is - where do you store your permissions for how those systems work - or are they your permissions? or something else's permissions about you? > > Another example: I drive my car to a pub. At the pub my personal ID is > what's important. En route to the pub, my Car registration is what's > important. There are two distinct scenarios requiring different kinds of > identity. > > WebID+TLS doesn't have the fidelity required for traversing the existing > highway without asking its current maintainers (Certificate Authorities and > Browser Vendors) to change infrastructure and practices. > > WebID+TLS+Delegation simply adds the "On-Behalf-Of" relationship type to > the mix (i.e., in the data) which distinguishes the user from the software > they use (drive) thereby enabling one toggle WebIDs without browser > restarts (due to TLS requirements) [1]. > IMHO: Credentials add's via HTTP Signed documents containing RDF; the ability to produce another important counterpart to the identity lifecycle mix, but only if humans are active actors in the creation and management process of credentials use. > > > I am certainly not assuming that these companies are ignorant or myopic, > quite the opposite. I think they will continue to keep users locked into > their semi-open ecosystems by competing to offer the best browsers (that > mostly adhere to open standards) and other free services. But they will > never change the many services they offer to allow users to export and > control their own data. > > > Power is never given. It has to be taken. End-users need to want to take > control of their identity by being curious about what that means and how > its is achieved. Currently, most aren't interested, so the vendors have > full control. > > As history teaches us, repeatedly, there will be an event that triggers an > inflection, and folks will become more interested in their privacy en route > to discovering Web-scale verifiable identity. > > > > In fact, I'd go as far as to say that for them to do that would be in > contravention of their legal obligations to their shareholders because it > would be such a blatantly bad commercial move. > > > You are oversimplifying a little bit. The issue, as per my comments above, > is more to do with end-users than vendors. The obligation of the vendor is > simply about ability in regards to market inflections :) > > [1] > https://medium.com/virtuoso-blog/web-logic-sentences-and-the-magic-of-being-you-e2a719d01f73#.l0b1rvdsp > -- Demonstrates WebID toggling without Browser Restarts, courtesy of > WebID+TLS+Delegation > > > Kingsley > > > > > On 18 August 2016 at 01:04, Kingsley Idehen <kidehen@openlinksw.com> > wrote: > >> Hi Adrian, >> >> On 8/16/16 8:51 AM, Adrian Hope-Bailie wrote: >> >> What is the business case for a service provider to adopt Solid? >> >> >> There is always a business case for open standards, and it goes as >> follows: >> >> Agility to mix and match "best of class" technologies that underlie >> solutions, at any given point in time. >> >> When the Web's original open standards stack (URIs, URLs, HTTP, and HTML) >> arrived it unveiled the World Wide Web, an ecosystem that laid the >> foundation for Google, Facebook, Amazon, and many others. It also enabled >> behemoths like Apple (struggling badly at the time) to pivot and reinvent >> themselves. >> >> >> >> Why would Google, Facebook or anyone that build's their business on user >> data choose to let users take that away? >> >> >> When the World Wide Web arrived, folks asked the question: Why would >> Microsoft allow anyone succeed without embracing their technology stack and >> related ecosystems. >> >> SoLiD is just a collection of existing open standards and best practices. >> >> >> Who will offer users a comparable service to these silos that attracts >> them away but adopts Solid and can still make enough money to survive >> competing with the biggest tech companies in the world? >> >> >> See my comment about Microsoft and the World Wide Web. This is what >> happens with technology and industry evolution. Google and Facebook aren't >> static behemoths and they also understand history. Don't presume myopia and >> ignorance on the part of any of these companies, they have too many smart >> people on their payrolls. >> >> >> The point is not whether or not the architecture is easy the point is >> whether it has the potential to make anybody any money because if it >> doesn't then I think you will have a hard time persuading people to use it, >> no matter how well it scales. >> >> >> SoLiD scales and it simply adds dimensions to the Web ecosystem to be >> exploited by behemoths, startups, and smartups. >> >> New business and business models will coalesce around the Web's >> read-write dimension. That's an inevitability due to the nature of privacy. >> >> Kingsley >> >> >> On 15 August 2016 at 14:11, Melvin Carvalho <melvincarvalho@gmail.com> >> wrote: >> >>> >>> >>> On 15 August 2016 at 14:08, Timothy Holborn <timothy.holborn@gmail.com> >>> wrote: >>> >>>> Solid isn't finished yet. >>>> >>> >>> Solid is at version 0.6 rather than 1.0. >>> >>> But I dont really know what more can be added to it to get it to v1.0. >>> Im using it on a daily basis and it works fine. Some people are >>> perfectionists I suppose :) >>> >>> In any case its IMHO light years ahead of where the rest of the web is, >>> even if you only take small parts of it and use it. >>> >>> You can also argue that solid will never be finished, in the sense that, >>> the web will never be "finished". >>> >>> Its definitely something that can be used today. >>> >>> >>>> >>>> On Mon, 15 Aug 2016, 10:07 PM Melvin Carvalho <melvincarvalho@gmail.com> >>>> wrote: >>>> >>>>> On 15 August 2016 at 11:50, Adrian Hope-Bailie <adrian@hopebailie.com> >>>>> wrote: >>>>> >>>>>> From the article: "The question is whether architecture will be >>>>>> enough." >>>>>> >>>>>> The answer is no. >>>>>> We live in world where few ideas succeed without a strong business >>>>>> case. The architecture is the easy part. >>>>>> >>>>> >>>>> Architecture is deceptively difficult to get right. The vast majority >>>>> if systems start to fall over as they scale. The web and REST are two >>>>> architectures that buck that trend and just get stronger as they scale. >>>>> >>>>> Solid is the next evolution in that architectural trend, imho, because >>>>> it simply embraces the points that made the web great, and extends it a >>>>> little bit, while being 100% backwards compatible. Right now, it's the >>>>> only system that I know of, with this property, in fact, nothing else is >>>>> close. So this in itself, the ability to scale to billions of users, is a >>>>> business case. Quietly facebook adopted the social graph approach to the >>>>> web, and web architectural principles with their graph protocol, and also >>>>> an implementation of WebID. >>>>> >>>>> I think what's true is that few ideas succeed, because simply, we have >>>>> a lot of ideas and a lot of competition. Having a business can help, but >>>>> the right architecture is the magic sauce to get through those scalability >>>>> barriers. >>>>> >>>>> I personally think Solid is the business opportunity of a lifetime, >>>>> perhaps even bigger than the first web. Im certainly investing on that >>>>> basis. >>>>> >>>>> >>>>>> >>>>>> On 14 August 2016 at 10:49, Timothy Holborn < >>>>>> timothy.holborn@gmail.com> wrote: >>>>>> >>>>>>> Hi Anders, >>>>>>> >>>>>>> I'm using this email to respond to both [1] in creds; in addition to >>>>>>> the below, with some lateral considerations. >>>>>>> >>>>>>> See this video where Mr Gates and Mr Musk are discussing in China AI >>>>>>> [2]. >>>>>>> >>>>>>> I haven't fully considered the implications, whilst i've certainly >>>>>>> been considering the issue; i have not fully considered it, and as modern >>>>>>> systems become subject to government contracts as may be the case with >>>>>>> enterprise solutions such as those vended by IBM [3], may significantly >>>>>>> lower the cost for government / enterprise, in seeking to achieve very >>>>>>> advanced outcomes - yet i'm unsure the full awareness of how these systems >>>>>>> work, what potential exists for unintended outcomes when work by >>>>>>> web-scientists[4][5] becomes repurposed without their explicit and full >>>>>>> consideration of the original designers for any extended use of their >>>>>>> works, what the underlying considerations are by those who are concerned >>>>>>> [6][7] and how these systems may interact with more advanced HID as i've >>>>>>> kinda tried to describe recently to an audience here [8] and has been >>>>>>> further discussed otherwise [9] [10]. >>>>>>> >>>>>>> I'm a little concerned about the under-resourcing that seems to >>>>>>> plague Manu's / Dave's original vision (that included WebDHT) to the >>>>>>> consultative approach that i believed had alot of merit in how it may >>>>>>> interact with the works of RWW at the time (alongside WebID) which have al >>>>>>> progressed, yet, not seemingly to a solution that i think is 'fit for >>>>>>> purpose' in attending to the issues before us. >>>>>>> >>>>>>> I have considered the need for people to own their own biometric >>>>>>> signatures. I have considered the work by 'mico-project'[11] seems to be a >>>>>>> good supporter of these future works, particularly given the manner in >>>>>>> which these works support LDP and other related technologies... >>>>>>> >>>>>>> But the future is still unknown, and what worries me most; is those >>>>>>> who know most about A.I. may not be able to speak about it as a citizen or >>>>>>> stakeholder in the manner defined by way of a magna carta, such as is the >>>>>>> document that hangs on my wall when making such considerations more broadly >>>>>>> in relation to my contributory work/s. >>>>>>> >>>>>>> i understand this herein; contains an array of fragments; yet, am >>>>>>> trying to format schema that leads others to the spot in which i'm >>>>>>> processing broader ideas around what, where and how; progress may be >>>>>>> accelerated and indeed adopted by those capable of pushing it forward. >>>>>>> >>>>>>> I remember the github.com/Linkeddata team (in RWW years) wrote a >>>>>>> bunch of things in GO, which is what the IPFS examples showcase, and >>>>>>> without providing exhaustive links, i know Vint has been working in the >>>>>>> field of inter-planetary systems [13], therein also understanding previous >>>>>>> issues relating to JSON-LD support (as noted in [1] or [14] ), which >>>>>>> in-turn may also relate to other statements made overtime about my view >>>>>>> that some of the works incubated by credentials; but not subject to IG or >>>>>>> potential WG support at present - may be better off being developed within >>>>>>> the WebID community as an additional constituent of work that may work >>>>>>> interoperable with WebID-TLS related systems. >>>>>>> >>>>>>> Too many Ideas!!! >>>>>>> >>>>>>> (perhaps some have merit...) >>>>>>> >>>>>>> Tim.H. >>>>>>> >>>>>>> >>>>>>> [1] >>>>>>> https://lists.w3.org/Archives/Public/public-credentials/2016Aug/0045.html >>>>>>> >>>>>>> [2] https://youtu.be/TRpjhIhpuiU?t=16m26s >>>>>>> [3] http://blog.softlayer.com/tag/watson >>>>>>> [4] http://webscience.org/ >>>>>>> [5] https://twitter.com/WebCivics/status/492707794760392704 >>>>>>> [6] https://www.youtube.com/watch?v=tV8EOQNYC-8 >>>>>>> [7] >>>>>>> https://en.wikipedia.org/wiki/Open_Letter_on_Artificial_Intelligence >>>>>>> >>>>>>> [8] (perhaps not the best reference, but has a bunch of ideas in it: >>>>>>> https://docs.google.com/presentation/d/1RzczQPfygLuowu-WPvaYyKQB0PsSF2COKldj1mjktTs/edit?usp=sharing >>>>>>> >>>>>>> [9] https://www.youtube.com/watch?v=iTqF3w2yrZI >>>>>>> [10] https://www.youtube.com/watch?v=_x_VpAjim6g >>>>>>> [11] http://www.mico-project.eu/technology/ >>>>>>> [12] https://www.youtube.com/watch?v=8CMxDNuuAiQ >>>>>>> [13] http://www.wired.com/2013/05/vint-cerf-interplanetary-internet/ >>>>>>> >>>>>>> [14] https://github.com/ipfs/ipfs/issues/36 >>>>>>> On Fri, 12 Aug 2016 at 14:47 Anders Rundgren < >>>>>>> anders.rundgren.net@gmail.com> wrote: >>>>>>> >>>>>>>> On 2016-08-11 15:16, Melvin Carvalho wrote: > Really good article, >>>>>>>> mentions Solid and other technologies. WebID is mentioned by the author in >>>>>>>> the comments too ... > > >>>>>>>> http://www.digitaltrends.com/web/ways-to-decentralize-the-web/ One >>>>>>>> of the problems with the Web is that there is no easy way letting a >>>>>>>> provider know where you come from (=where your Web resources are). This is >>>>>>>> one reason why OpenID rather created more centralization. The same problem >>>>>>>> is in payments where the credit-card number is used to find your bank >>>>>>>> through complex centralized registers. Both of these use-cases can be >>>>>>>> addressed by having URLs + other related data such as keys in something >>>>>>>> like a digital wallet which you carry around. There is a snag though: Since >>>>>>>> each use-case needs special logic, keys, attributes etc. it seems hard >>>>>>>> (probably impossible), coming up with a generic Web-browser solution making >>>>>>>> such schemes rely on extending the Web-browser through native-mode >>>>>>>> platform-specific code. Although W3C officials do not even acknowledge the >>>>>>>> mere existence(!) of such work, the progress on native extensions schemes >>>>>>>> has actually been pretty good: >>>>>>>> https://lists.w3.org/Archives/Public/public-webappsec/2016Aug/0005.html >>>>>>>> This is approach to decentralization is BTW not (anymore) a research >>>>>>>> project, it is fully testable in close to production-like settings today: >>>>>>>> https://test.webpki.org/webpay-merchant The native extensions also >>>>>>>> support a _decentralized_development_model_for_Web_technology_, something >>>>>>>> which is clearly missing in world where a single browser vendor has 80% of >>>>>>>> the mobile browser market! Anders >>>>>>> >>>>>>> -- >> Regards, >> >> Kingsley Idehen >> Founder & CEO >> OpenLink Software (Home Page: http://www.openlinksw.com) >> >> Medium Blog: https://medium.com/@kidehen >> Blogspot Blog: http://kidehen.blogspot.com >> Twitter Profile: https://twitter.com/kidehen >> Google+ Profile: https://plus.google.com/+KingsleyIdehen/about >> LinkedIn Profile: http://www.linkedin.com/in/kidehen >> Personal WebID: http://kingsley.idehen.net/dataspace/person/kidehen#this >> >> -- > Regards, > > Kingsley Idehen > Founder & CEO > OpenLink Software (Home Page: http://www.openlinksw.com) > > Medium Blog: https://medium.com/@kidehen > Blogspot Blog: http://kidehen.blogspot.com > Twitter Profile: https://twitter.com/kidehen > Google+ Profile: https://plus.google.com/+KingsleyIdehen/about > LinkedIn Profile: http://www.linkedin.com/in/kidehen > Personal WebID: http://kingsley.idehen.net/dataspace/person/kidehen#this > >
Received on Saturday, 20 August 2016 00:10:25 UTC