Re: How the father of the World Wide Web plans to reclaim it from Facebook and Google from Kingsley Idehen on 2016-08-20 (public-credentials@w3.org from August 2016)

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Sat, 20 Aug 2016 11:23:39 -0400
To: Timothy Holborn <timothy.holborn@gmail.com>, public-webid@w3.org
Cc: Credentials Community Group <public-credentials@w3.org>, "public-rww@w3.org" <public-rww@w3.org>, business-of-linked-data-bold <business-of-linked-data-bold@googlegroups.com>
Message-ID: <38e9cc13-d0dd-dfa9-bc65-e77d035745a5@openlinksw.com>

On 8/20/16 12:39 AM, Timothy Holborn wrote:
>
>
>     In this example, multiple occupants are the point. A car has a
>     single driver. Of course, it may have many passengers where each
>     person has their own identity card (license, passport, or
>     something else).
>
>     My simple example:
>
>     A Car is like your Browser (a Software Agent). It has a
>     registration number.
>
>     You are identified by your Driver's License.
>
>     I've you skip toll payment, authorities triangulate back to you
>     via your car registration. Even if they have a photo of you, the
>     toll matter boils down to triangulation from the vehicle to its
>     driver.
>
>     When you reach you destination, other forms of identity become
>     relevant e.g., use of your Driver's License as proof of age in a
>     pub. Basically, the critical credential in this context.
>
>
> Another use-case that may provide additional 'human centric' support
> via inferencing; might be along the lines of,
>
> - A Friend / Family Member / Employee has use of your vehicle at some
> dateTime. 
> - The Vehicle is caught speeding.  
> - A lawEnforcementFine is issued that may incur
> driversLicenseDemitPoints which in-turn may lead to lossOfLicense
> - Your mobilePhone has GPS records + calendar information (et.al
> <http://et.al>) shows that you were elsewhere at the time. 
>
> resulting in the ability to produce something like: 
> https://www.theguardian.com/technology/2016/aug/11/chatbot-lawyer-beat-parking-fines-helping-homeless-do-not-pay
>

Reasoning and Inference introduce more functionality with our own
imaginations as the only limiting factor :)

>
>
>   
>
>>
>>     ie: if the owner of the vehicle is intoxicated; then another
>>     person may be able to drive the vehicle on their behalf, whether
>>     or not they've previously been authorised to drive the vehicle -
>>     so long as the owner is in the car (and not in the boot) for
>>     instance...
>>
>>      
>>
>>
>>         Example:
>>         I want to transport some goods from Boston to New York.
>>         The scenario above includes toll booths and a final destination.
>>
>>         On the highway, my car registration is the identity focal
>>         point, with regards to toll payments. When I reach my
>>         destination, my personal identity card (license or something
>>         else) is how I prove I am the delivery person expected at the
>>         final destination.
>>
>>
>>     isn't it simply your face? some sensor identifies something about
>>     you, and it's all very low-friction.  Question is - where do you
>>     store your permissions for how those systems work - or are they
>>     your permissions?  or something else's permissions about you?
>
>     In my example I trying to illustrate how a simple highway toll
>     booth system works. One that's oriented towards vehicles driven
>     (or controlled by) a driver .
>
>     In my example, Car registration is the credential of relevance
>     i.e., what the system is built around.
>
>>
>>         Another example: I drive my car to a pub. At the pub my
>>         personal ID is what's important. En route to the pub, my Car
>>         registration is what's important. There are two distinct
>>         scenarios requiring different kinds of identity.
>>
>>         WebID+TLS doesn't have the fidelity required for traversing
>>         the existing highway without asking its current maintainers
>>         (Certificate Authorities and Browser Vendors) to change
>>         infrastructure and practices.
>>
>>         WebID+TLS+Delegation simply adds the "On-Behalf-Of"
>>         relationship type to the mix (i.e., in the data) which
>>         distinguishes the user from the software they use (drive)
>>         thereby enabling one toggle WebIDs without browser restarts
>>         (due to TLS requirements) [1].
>>
>>
>>     IMHO: Credentials add's via HTTP Signed documents containing RDF;
>>     the ability to produce another important counterpart to the
>>     identity lifecycle mix, but only if humans are active actors in
>>     the creation and management process of credentials use. 
>
>     You are an active participant in the creation of your Driver's
>     License :)
>
>
> Yes. However many RDBMS systems are developed in a manner that can
> have unintended consequences; and more-often than not, it is the
> vulnerable who are most impacted by what is often knownIssues,
> considered to have lowerPriority mostOften dueTo a lackOfStructuredData
>
> :)
>
> Tim.H.

SQL RDBMS engines, in basic form, are ill-equipped for this kind of
task. They lack the semantic fidelity for this situation. 

-- 
Regards,

Kingsley Idehen       
Founder & CEO 
OpenLink Software   (Home Page: http://www.openlinksw.com)

Medium Blog: https://medium.com/@kidehen
Blogspot Blog: http://kidehen.blogspot.com
Twitter Profile: https://twitter.com/kidehen
Google+ Profile: https://plus.google.com/+KingsleyIdehen/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen
Personal WebID: http://kingsley.idehen.net/dataspace/person/kidehen#this

Attachments

application/pkcs7-signature attachment: S/MIME Cryptographic Signature

Received on Saturday, 20 August 2016 15:24:06 UTC