- From: Timothy Holborn <timothy.holborn@gmail.com>
- Date: Sat, 23 Jul 2016 13:27:12 +0000
- To: Manu Sporny <msporny@digitalbazaar.com>, W3C Credentials Community Group <public-credentials@w3.org>, Web Payments CG <public-webpayments@w3.org>, public-rww <public-rww@w3.org>
- Message-ID: <CAM1Sok3_vVEe-DAveGQh5L9r1TEFtk27CS+e6=9gniVjhfqktw@mail.gmail.com>
NOTES ON MINUTES https://www.w3.org/2016/07/01-wpay-minutes.html#item04 - The dissenting opinions came from Google (Chris Wilson), Microsoft (Mike Champion), and the W3C Technology and Society Domain leader (Wendy Seltzer). - In general (and I hope to get more complete statements from each organisation in the next month or so): NOTES ON SLIDES[1] Slide 5 (the pie-graph) is a good representation, yet still debatable due to the sample methodology, IMHO. Slide 6 relates to the politics of the process. Therein perhaps opening-up the process to unnecessary conflict due to issues outside of scope (as noted in the simplistic form - “not in scope”) Slide 7; same issue as slide 5 Slide 8: hasn’t this been updated since? The diagram is correct on most levels, yet, may unnecessarily over-simply Slide 9: denotes WIP (work in process) nature of the works. I think underestimating the scope of work is unreasonable as would be underestimating the importance of the work and the under-resourced nature the work is currently inhibited by on a pragmatic developmental level; therein, means to attain capability and acceptance through available means. This in-turn should not (IMHO) negate the importance of the work. Slide 10: seems important particularly when reviewing the timeline of alternative solutions (ie: precedent materials, strategy employed by entities/agents, et.al). I note; i was engaged by the then Web Payments works sometime ago[2] having been introduced to the work through other efforts first noted in W3C Lists in separate areas[3], however a lot of time has passed and should it become necessary for me to notate the variance and development since then; i’m happy to do so. Newer W3C related works form alternatives that modify the paradigms beyond something that the W3C was established to consider[4] and the notion of ‘conflict of interest’ becomes quite complex when considering the methodology of appropriate response. I ponder whether architectural works need to be considered at executive level of the W3C in consideration of the change in challenges between the web as it was when W3C was formed; to that of it’s appropriation today, upon what has considered to relate to Human Rights[5]. Herein also, is the importance of the IPR strategy made available by W3C, where related considerations have been made by TimBL[6] whilst being put to Jeff[7][8] some time ago. Since then of course, MIT/TimBL/RWW/Sandro/Andrei/Henry/Melvin/Kingsley/(etc) work has been considered meritorious[9] by others, in which the concern becomes how these dynamics may be best supported by W3C and indeed; the methodology employed in furthering works as a neutral, global standards body. SLIDE 12: i would argue the lack of budget in-turn results in less than ideal outcomes. The implications of these works, even simply from an Australian Petition Heritage point of view[10] (forward looking) may change the nature of our capacities as humans whom cooperate and collaborate upon this new communications medium, WWW. I do not see a strict binding to such underlying protocols, yet much like the disruption that has happened throughout the economic world; the management of these works seems, IMHO, to be imperative, in the interests of much broader things than simply the laws relating to the acts of an agent for a corporation governed by a particular jurisdiction, as is further contemplated by international contract law and related instruments. Herein; i question the underlying issues pertaining to the relatively low involvement numbers and therein; scalability of involvement and related factors that may unintentionally or unfortunately inhibit this, and other related works within the Linked-Data[11] capable domain. NOTES RE: MINUTES[12] RE: PROPOSAL: I think the proposal is exceptional work given the available resources. I also note; the Dialogue[13] contains no audio-reference but simply the notation taken and the IRC logs seem unavailable to non-W3C Members (therein also; i am a community member); this in-turn debilitates my ability to understand the context or persona related aspects of the events; which i think is particularly debilitating for the uninitiated, who may seek to become interested in these works and thereafter seek to undertake due-diligence surrounding the status and position of various stakeholders. With regard to the ‘Charter’ document[14] given the organisational structure and operational capabilities of W3C it may be better to state i the problem statement, rather than ‘I am a citizen of the USA’; that, ‘i am a citizen of Australia’ or ‘i am a refugee from Saudi Arabia or Iran’, or a sex-worker in a foreign country originally from Ukraine, et.al. Whilst this distinction is semantic in nature; it is probably helpful for the uninitiated… Whilst an array of international diplomacy exists, this dynamics of this should, IMHO, be out-of-scope. We are trying to support WWW for Humans[15] and as defined[16][17], IMHO, and perhaps the most universal document defining this concepts has been defined by the UN[18], as so beautifully produced in a variety of localised media products such as those from the US[19] and UK[20]. I am yet to understand how the dissenting organisations have made best-efforts to consider the merits of the proposal and its underlying considerations more holistically, yet given the recent events with regard to the progress of the Web-Payments works[21] consider the issue to also be outside of scope for the contributors of the Credentials Spec; who in-turn depend upon others to nurture the grounds on which we make footprints (in the presence of god, imho, without being distinct about the book or specified language therein). With regard to encryption methodologies, my understanding is that the design principles provide flexibility pending participation of dependencies (ie: product vendors) to support these forms of end-to-end capabilities, within context of particular requirements (ie: KYC/AML, Magna Carta or constitution related sovereignty implications, Et.al.) RE: XML, JSON, etc. This appears to be specified push-back upon the concept of decentralised capabilities / linked-data. This should be considered by the relevant groups (ie: other linked-data groups who are capable of providing assistance in defining the differentiators between xml, json (et.al) vs. linked-data related syntax / serialisation methodologies). Whether the specification is defined to be EXCLUSIVELY json-ld is a separate issue again; and something that may be handled by vendors who create web-services built into web-services, ie: Any23[22]. Re: implementations without HTTP-SIGNATURES - seems kinda pointless. It’s like taking the teeth out of the capability... Re: <Padler_> Chris A: This is not a protocol, or a cryptographic format, or an identity... <Magda> +1 to Chris comments on security/privacy <Padler_> Chris A: I need this building block to be solid so that I can build cryptographic signatures and protocols on top of this... <Padler_> Chris A: This is a fundamental model for other work to progress... I find these comments really interesting. The Concept of ‘Human Identity’ is really very complex, but certainly involves ‘verifiable claimed’ made by 3rd parties upon a human entity, who in-turn may be subject to ‘agent’ concepts in relation to things they create or actors they act for. In-turn i also believe a SoLiD[23] foundation is in the works, however i think the use of a specified trademark like term, understanding also other uses of the term within software development[24], to be unfortunate at best. Later comments review JOSE / JWT which i do not believe relates well to Linked-Data? Considerations may be made thereafter, pending analysis of the concepts embodied within these technological differentiations… With regard to Use-Cases, which have been praised, i ponder the alternative technological methods for the delivery of the same use-cases using the alternatively preferred methods (ie; JOSE/JWT) and the delineation of interest-areas held within these concepts, as may be considered by the broader community. With regard to the concept that is noted continuously about ‘incubation’ a number of factors are involved; including but not exclusive to, * TimeSpan (ie: concept through to outcomes) * Resources (eg: capabilities, means, investment, etc.). These aspects are quite different in nature and do certainly become impacted by commercial dynamics that can have quite different influences to that considered by the merits of disciplines such as Web Science[25]. W3C in-turn might seemingly have a complicated situation on its hands as it seeks to separate the prosperous development of W3C / WWW, vs. the market-force related changes that have occurred since the inception / initiation of W3C, vs. the challenges of today and how they are forged in a world where the troubles of the past, are past. We have new problems that require support in different ways. Given the innovative nature of the Credentials work (and more broadly, RWW / Linked-Data related works) i ponder whether it is reasonable for the Credentials Team to undertake this burden, or whether it is more of a W3C issue that needs to be resolved at an executive level…? Implicitly, other areas surrounding the security methodologies are of course involved; yet somewhat out of scope for the credentials work, as far as i’m aware, yet nonetheless - are an important consideration. This in-turn appears to be a very difficult and complex matter to be considered in which guidance is suggested by ‘higher powers’ as to refine the complex nature of the ‘vote outcome’ and how that applies in relation to broader policy settings that in-turn may be beyond the scope of W3C organisationally, yet i’m really not sure how all that kinda stuff works. I just do my best, with my ‘footsteps’... MICROSOFT * Mike (Microsoft) felt that the work was largely duplicative of the JOSE JWT work and it hasn't been incubated enough. His feedback can be found here: https://lists.w3.org/Archives/Public/public-webpayments-comments/2016Mar/0002.html I seek clarification surrounding the aspects noted in the minutes and the concerns raised by “Michael Champion” that “It’s highly unlikely that W3C will staff the work”. I do not see this being confirmed by W3C as yet, a modern reference is welcomed… In-turn his concerns are duly noted and shared. IMHO, W3C should staff the work and self-funding the work is less than ideal. Yet the circumstances for this position is unclear to me, and clarity surrounding why these statements have been made and the current position of W3C is welcomed as to better understand the context of support from W3C as it stands at the time of receipt of this correspondence. With respect the the comment about ‘real skin in the game’ i think that needs to be better clarified / defined… With respect to the second point made by denoting a ‘-’, it must be noted that the WWW as it is today (often referred to as Web 2.0) is an evolution of prior works, that at the time of inception - also did not have investment. It is important to note the distinction between those who have undertaken innovative works at a time where no-investment (or relatively minor means to put food on the table) existed for something ‘new’ vs. other works far further down the track of the innovation curve[26] and the role in which various humans play, in various tasks in various frameworks. It is exactly these forms of considerations that the Verifiable Claims works (and more broadly W3 Credentials CG team) have been making great efforts over an extended, and interactive timespan to respond to what are reasonable considerations. Yet also, these considerations have less than ideal levels of funding which in-turn relates to the former consideration of the nature of the innovation-curve and how actors play various roles. With regard to the third point raised; i question what representations have been made by MS with regard to the future potential of these works for various government projects and whether they’d be interested in being supplied services relating to the utility of these future standards (and current works) should they become better incubated / supported by parties such as MS. The term ‘credential’ also appears to over-simplify the technology capabilities offerings via various services. Perhaps this can be better explained as to avoid confusion between one technology / science offering and others, et.al. Re: bottom line - i think the statements are overly combative. If they believe alterations should be made, then suggestions, i assume, are welcomed. Ideally this occurs within the CG environment given the stakeholders and the current means in which accessibility to participation in the development of these forms of very important works is made available to humans, regardless of their role, representation or contractual responsibilities at the time of authorship of any correspondence relating to the development of these very important works. GOOGLE "Chris (Google) agreed with Mike's position and felt that the work needed to be incubated more. He also felt that the work should be constrained to Education. His feedback can be found here: https://lists.w3.org/Archives/Public/public-webpayments-comments/2016Mar/0003.html " Comments made by Chris Wilson suggest simply incubation (the desire to see additional resources applied to the works?). Perhaps some form of support can be provided as to provide a compromise between the various groups. I understand an MIT team is currently undertaking related work[27] who whilst having been furnished some support[28] may well serve as a curator of decentralised incubation support for these works more broadly and in-turn support the comments made by Chris, whilst enabling the work to progress with a broader basis of support, development and capability. With respect to Wendy’s Comments; i refer to the above considerations, and wish decision makers my best wishes with figuring out the next steps in developing these works for the betterment of humanity. Kind Regards, Timothy Holborn. ________________ [1] https://docs.google.com/presentation/d/1mL0MsPpdxdKiYFWVIyGVOFzypBsjylxepACN2MYw-yg/edit#slide=id.p [2] https://lists.w3.org/Archives/Public/public-webpayments/2014Mar/0070.html [3] https://lists.w3.org/Archives/Public/public-webid/2013Nov/0000.html [4] https://twitter.com/WebCivics/status/492707794760392704 [5] http://webfoundation.org/2014/12/recognise-the-internet-as-a-human-right-says-sir-tim-berners-lee-as-he-launches-annual-web-index/ [6] https://lists.w3.org/Archives/Public/public-rww/2014Jul/0040.html [7] https://lists.w3.org/Archives/Public/public-rww/2015Aug/0019.html [8] https://lists.w3.org/Archives/Public/public-rww/2015Aug/0020.html [9] http://www.csail.mit.edu/solid_mastercard_gift [10] http://www.aph.gov.au/About_Parliament/House_of_Representatives/Powers_practice_and_procedure/00_-_Infosheets/Infosheet_11_-_Petitions [11] https://www.w3.org/DesignIssues/LinkedData.html [12] https://www.w3.org/2016/07/01-wpay-minutes.html#item04 [13] https://www.w3.org/2016/07/01-wpay-minutes.html#item04 [14] https://w3c.github.io/webpayments-ig/VCTF/charter/ [15] http://webtv.un.org/watch/tim-berners-lee-human-rights-day-2013-20-years-working-for-your-rights/2895794933001/ [16] http://whois.domaintools.com/w3.org [17] http://whois.domaintools.com/w3c.org [18] http://www.un.org/en/universal-declaration-human-rights/ [19] https://www.youtube.com/watch?v=aiFIu_z4dM8 [20] https://www.youtube.com/watch?v=pRGhrYmUjU4 [21] http://manu.sporny.org/2016/browser-api-incubation-antipattern/ [22] https://any23.apache.org/ [23] https://github.com/solid/ [24] https://en.wikipedia.org/wiki/SOLID_(object-oriented_design) [25] http://www.webscience.org/ [26] http://www.valuebasedmanagement.net/methods_rogers_innovation_adoption_curve.html [27] https://github.com/solid/ [28] http://www.csail.mit.edu/solid_mastercard_gift On Tue, 19 Jul 2016 at 15:46 Timothy Holborn <timothy.holborn@gmail.com> wrote: > Cheers. Will follow-up once I've had time to review. > > On Tue, 19 Jul 2016, 4:25 AM Manu Sporny <msporny@digitalbazaar.com> > wrote: > >> On 07/16/2016 05:43 AM, Timothy Holborn wrote: >> > I'm still waiting to hear back about that 1 - 2 pager that helps us >> > understand their considerations better.. >> > >> > Unless there is a link I've missed? >> >> The Web Payments Interest Group face-to-face meeting minutes went public >> earlier today, you can try to glean as much as you can from the minutes >> here: >> >> https://www.w3.org/2016/07/01-wpay-minutes.html#item04 >> >> The dissenting opinions came from Google (Chris Wilson), Microsoft (Mike >> Champion), and the W3C Technology and Society Domain leader (Wendy >> Seltzer). >> >> In general (and I hope to get more complete statements from each >> organization in the next month or so): >> >> * Mike (Microsoft) felt that the work was largely duplicative of the >> JOSE JWT work and it hasn't been incubated enough. His feedback can >> be found here: >> >> >> https://lists.w3.org/Archives/Public/public-webpayments-comments/2016Mar/0002.html >> >> * Chris (Google) agreed with Mike's position and felt that the work >> needed to be incubated more. He also felt that the work should be >> constrained to Education. His feedback can be found here: >> >> >> https://lists.w3.org/Archives/Public/public-webpayments-comments/2016Mar/0003.html >> >> * Wendy (W3C) felt that the work was duplicative of JOSE/JWT and >> felt that we only had enough members to make an attempt at >> standardization wrt. the Education vertical. Her feedback is at the >> end here: >> >> https://www.w3.org/2016/07/01-wpay-minutes.html#item04 >> >> > I don't know how we can make good decisions without understanding the >> > circumstances and underlying considerations made by key stakeholders >> > who in-turn, yield such important decision making influenced. I note >> > also, I'm still not sure if these parties are active contributors or >> > whether they get involved on a more ad-hoc basis? >> >> These parties have not been deeply involved in the Verifiable Claims >> effort to date but have responded when asked for feedback on the >> charter. Both Wendy and Microsoft have been active with the JOSE/JWT >> work and Authentication / Security on the Web platform in general. >> >> -- manu >> >> -- >> Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny) >> Founder/CEO - Digital Bazaar, Inc. >> blog: The Web Browser API Incubation Anti-Pattern >> http://manu.sporny.org/2016/browser-api-incubation-antipattern/ >> >>
Received on Saturday, 23 July 2016 13:28:00 UTC