- From: Christoph Dorn <christoph@christophdorn.com>
- Date: Fri, 02 Jun 2017 18:11:49 +0000
- To: d.w.chadwick@kent.ac.uk
- Cc: public-credentials@w3.org
On June 2, 2017 05:58:30 am PDT, "David Chadwick" <D.W.Chadwick@kent.ac.uk> wrote: > My take on identity (or more properly the process of identifying an > entity) is that it is needed by everyone and everything for the > functional purpose of authorisation, which is the most generic of all > functions. It encapsulates all possible actions, including tracking > (from Joe's narrower definition). All actions need to be > authorised/controlled, thus they need to identify the actors. > > I identify you to decide whether I want to have or continue a > relationship with you (and not with someone else). The "functional" point of view being at the "root" seems to be consistent with Jordan Peterson's psychological perspective on Relevance Conception: Does something Help, Hinder or is it Irrelevant? Quick overview: https://www.youtube.com/watch?v=bZXJ_6B07NY Christoph > > Governments identify us to decide if we allowed to be citizens, drive > cars, have health care etc. > > Web services identify us to provide us with a service. > > I am hard pushed to find any use of 'identity' that does not have > authorisation as the base requirement. > > Examples that you might think are not related to authorisation, are > identifying celebrities, identifying inanimate objects, identifying > criminals from mug shots. Looking at each one of these in more detail: > > I identify celebrities to decide whether I want to follow them, read > about them, or ignore them etc. Each of my actions require > authorisation, (by my brain) and thus I need to identify who is the > person in the magazine to decide whether to read further about them or > turn the page and ignore them. > > I identify inanimate objects to decide whether to ignore them, pick them > up, switch them on etc. If I cannot identify one object from another > then I cannot decide what to do with it (i.e. an access control decision). > > I see a picture of a criminal on a police wanted poster. I identify him > to decide whether to phone the police or not when I see a stranger > walking down the street who may or may not match the mugshot. > > So I strongly believe that we identify entities in order to authorise > actions by them or on them (depending upon whether they are the subject > or object of the action). > > I would be pleased to hear from anyone who can specify a purpose of > identity/identification that does not involve authorisation. > > regards > > David > > On 02/06/2017 11:07, Henry Story wrote: >> If you favor a functional answer then you are not far from also coming >> to see >> the relevance of a logical one, and also of a pragmatic one. The >> relations between functions and types is made clear in the "new" >> foundational maths called Homotopy Type Theory. (The key book is >> online >> here https://homotopytypetheory.org/ and even compilable from github >> if you want the latest version with all the corrections. The first two >> chapters >> are very readable for someone with computing experience.) >> >> This is a built on type theory, which takes functions as the basic >> entity relating types. But where other maths assume identity >> problems to be relatively easy, HoTT develops this into the core of >> the theory. To specify a type of an >> object is to specify >> ways of finding when two objects of that type are identical. This is >> constructive mathematics so in their examples they mostly use >> mathematical objects. I think one can move to thinking about >> physical objects if one >> starts >> with the space of all possibilities and things of various types in that >> space. >> >> The intuition one should take back from HoTT is that types require a >> specification >> of the identity of an object, so that one can specify when two things >> are equal. >> Eg, two sets are equal if they contain the same elements. >> >> When is a ship the same from one moment to the next, is by the way not >> a problem without pragmatic consequences. If identity of a person >> were a material one then eating a burger would be a way to get out >> of a murder >> charge. To understand people as processes that keep their identity through >> change is important for contracts to work, to also be able to pardon >> people ("he is now a changed man"), etc... I think it is this >> thought of >> identity in change >> that gets people hung up, as they keep thinking what is it that remains the >> same from instant to instant - they think of the essence of something as >> another thing that is always there, and so they start looking for >> the soul as a >> physical entity. >> In constructive mathematics one can name a type by showing how to >> construct elements >> of it. With object in physical space other criteria may be needed which >> are more >> likely to latch on for natural kinds, how the things themselves >> function, how they >> evolved, how they survived, etc... >> >> So yes, we can be functional. If a human person is a process then for >> example it is a certain type of process, a biological one, that >> starts at a certain time >> and goes >> through a huge number of transformation. As I pointed out one can choose >> other types to identify a person: a citizen perhaps would allow >> aliens from other planets to be citizens and so could not be reduced >> to humans. One >> can then have a partial map from citizens to humans. Good modeling >> here would require that one notice that a person can be the citizen >> of more than one nation and indeed even change citizenship. >> >> As a human being is a process that interacts with other processes there will >> be an infinite number of ways of identifying it indirectly, though >> causal relations >> it has with any other number of things, from being the person who created a >> document at a time to being the person who helped save someone's life. >> >> In description logic (and hence in OWL and RDF) one can describe types >> by their relations to other types, and individual by relations between them >> and other things. So we slowly end up at the semantic web if we want >> to think about this in relation to the global information system >> that the >> web is. >> >> As for your comments on identity being completely in the head, that >> is the private language fallacy that Wittgenstein spent a lot of time >> analyzing and dismantling in his "Philosophical Investigations". Language >> is by nature not private, or else all communication would be impossible. >> Language is also by nature one that requires that those playing the >> game of talking and listening abide by the logical consequences of what they >> say (see "Between Saying and Doing - Towards an Analytic Pragmatism" >> by Robert B. Brandom >> >> https://global.oup.com/academic/product/between-saying-and-doing-9780199542871 >> ) >> >> This means of course being able to bring different propositions >> together, combining >> them and being able to arrive at conclusions. Ie. merging propositions >> and reasoning is the nature of a linguistic system. If one needs to >> limit who can >> read some information there >> are other ways to do that: such as access control or legal requirements >> on usage of information. >> >> Now to come back to the Lana Wachowski, director of The Matrix, talk >> on Identity, Privacy and Anonymity here >> https://youtu.be/crHHycz7T_c?t=317 >> >> What Lana Wachowski is against is subdivision of Humans into two >> exclusive types, and the assignation of strict roles to those types. >> That is >> clearly a modelling >> error, a simplification that is easy to do, but that does not capture >> reality correctly >> and so leaves people deaf to the problem of those who don't fit the >> categories. >> >> But that is not an argument against types, just one against a particular >> set of >> types, and a particular set of distinctions. She does make the point >> well that >> anonymity is then very useful - though what she means is not anonymity but >> pseudonymity, as her hairdresser for example has no difficulty >> identifying her, >> and knew a lot about her, except that she was the director of the >> Matrix. She was >> able to live a life where people did not know the relation between one >> aspect of >> her life and the other. Of course there is no way she could completely >> control >> the leakage of information (as we know from how much has been leaked through >> Wikileaks). >> >> So my conclusions: >> • language is for communication (but that does not mean one has to >> shout everything off the rooftop) >> • types come with identity criterion (when are two things in that type >> the same thing? With abstract >> objects from Maths this may be part of the structure of the thing, >> with physical objets it may actually be discovered later) >> • the open world assumption that is part of the web allows the same >> objet to have an indefinite number of names, and also to be >> described using anonymous nodes. It >> is the relation between >> things that count. >> >> I could also argue that anonymity is not the only good in the system. >> Pure anonymity makes >> discussion impossible. If I can't tell that I am speaking with the same >> person between sentences >> then I cannot even have a reasoned discussion. Pseudonymity allows one >> to re-indentify someone >> over time which allows for a conversation to take place. Information by >> its nature is about relations. >> Think about functions as a specific type of relation. >> >> Henry >> >> >> >>> On 2 Jun 2017, at 09:54, Joe Andrieu <joe@joeandrieu.com >>> <mailto:joe@joeandrieu.com>> wrote: >>> >>> For what it's worth, I fear I've triggered the tar pit that many of >>> us were trying to avoid. >>> >>> My initial request was simply to avoid demonizing identity and instead >>> be rigorous when we use the term. That begs the question of what such >>> rigor would mean, which, inevitably, triggers the impassioned arguments. >>> >>> I did not provide a definition. Instead I laid a framework for >>> distinguishing >>> between two different, valid ways for engineers to approach identity: >>> (a) compositionally--identity as the collection of attributes related >>> to an >>> entity >>> (b) functionally--identity based on how it works and how we use it >>> >>> I will shortly provide a definition, but I want to ground the thread >>> in my >>> belief that, as engineers, these are the two productive ways to view >>> identity when the goal is to designing and building identity systems. >>> (Or, in our case, to design systems that impact identity.) >>> >>> There are other ways to view identity: political, cultural, >>> psychological, even meta-physical perspectives. These are the root >>> of many of the impassioned arguments. They are important. Not just >>> valid. IMPORTANT. However, while they may drive important trade-offs >>> in design decisions--in the WHY of any given system choice--they do not >>> help one communicate or understand HOW an identity systems works. >>> >>> Historically, we--meaning engineers--have treated identity >>> compositionally, >>> as if it were a thing that we could represent in attributes. >>> Attributes that >>> could be stored, shared, protected, regulated. This is defined explicitly >>> in the ISO standard. >>> >>> My assertion is that treating identity this way is the root of many >>> problems in today's identity systems, and that thinking about how identity >>> functions >>> may be a more fruitful path forward. >>> >>> The definition I'm going to present may not be the best one, but it is >>> one based on its function. I'd love to hear other suggested functional >>> definitions. >>> I am sure there is room for improvement. >>> >>> But I also know, not only from my own experience, but from the empirical >>> and academic record that designing systems based on how they should >>> function--rather than simply modeling the data the system >>> contains--is a legitimate and productive way to approach complex >>> system design. >>> >>> I think it provides a better approach than limiting the definition >>> to the static notion of attributes. You can disagree with me on >>> that and >>> still >>> work with me to define a common framework for thinking about >>> identity functionally. If there were a viable identity system, *both* >>> definitions >>> should hold merit. I argue the compositional model is incomplete. I ask >>> you to indulge me and help define a functional model, then we can >>> compare which teaches us more about how such systems can be and >>> eventually should be built. >>> >>> FWIW, I don't expect to do this work *within* the VCWG or even the >>> community group. I'll be writing and publishing elsewhere. I'll >>> share that work as it occurs in case it might prove helpful. >>> >>> Here's my definition of Identity: >>> >>> Identity is how we keep track of people and things and, in turn how they >>> keep track of us. >>> >>> That’s it. We learn people’s names, we observe them and hear gossip >>> and consume media. We then apply that sense of who they are to our >>> dealings with them. Others do the same in return. >>> >>> In ICT systems, we assign identifiers, we accumulate observations, we >>> correlate those observations with entities, we make conclusions based >>> on those observations and we apply those conclusions in interactions >>> with those same entities. >>> >>> In other contexts, we give people name tags, we share business cards, >>> and we wear bracelets. All to facilitate keeping track of each other. >>> >>> This simple definition is surprisingly provocative. It triggers >>> associations >>> with Big Brother and the surveillance state. It brings up ideas about >>> embedded chips and tattooed serial numbers. It conjures fears of >>> government or corporations constantly tracking what we do. >>> >>> Which is ok, because, in fact, those are the most feared abuses of >>> identity. It’s important to realize when we talk about identity that >>> we are >>> always talking about how we keep track of people. It is important to >>> understand how identity systems limit or avoid (a) tracking >>> EVERYTHING about (b) everyone and sharing that with (c) anyone. >>> >>> What functional identity doesn't do is attempt to define what >>> identity *is*; it focuses on what it does for us and how we use it. >>> >>> Organizations and people are going to use identity to keep track of >>> people and things no matter what we do. Fixating on sets of attributes >>> ignores the ways that we use identity information, whereas focusing on >>> the function of identity affords significant visibility into both >>> potential >>> harms and techniques for enhancing or limiting that functionality. >>> >>> In contrast, attributes themselves aren't harmful (they are inert >>> data) and >>> not only have we shown they are almost impossible to contain, we >>> know that the correlation of identities across contexts can occur based >>> on so many different observations that even if we could contain a specific >>> set of attributes, we still could not prevent re-identification even in >>> "anonymized" data sets. In short: even the most rigorous attribute >>> management system cannot prevent undesired identification. Conclusion: >>> identity *must* be more than just the attributes in an ICT system related >>> to an entity. This is at the core of my motivation to move beyond >>> attributes. Clearly >>> our identities can be compromised even with the most thorough >>> attention paid to protecting attributes. Attributes simply are not enough >>> to capture the scope of identity. >>> >>> As I described in the subjective notion of identity, not only can we not >>> adequately record the subjective sense of, for example, "Joe Andrieu" >>> in the minds of everyone who knows me, there is no way to control >>> those subjective notions nor a way to prevent people from using those >>> notions in their considerations of how to deal with me. So even if >>> we could magically conceptualize the platonic form of forms that >>> collectively represents "Joe Andrieu" we still would be lacking any >>> understanding about how that notion functions: how it is used by >>> actual >>> people. And it is in that use that harms occur. >>> >>> To respond to a few anchoring bits amidst the thread without >>> slight to the other thoughtful comments: >>> >>> On Thu, Jun 1, 2017, at 11:59 AM, Henry Story wrote: >>>> Yes, it looks like Joe's definition is one of what makes a thing the >>>> thing it is. >>>> >>>>> On 1 Jun 2017, at 20:08, Steven Rowat <steven_rowat@sunshine.net >>>>> <mailto:steven_rowat@sunshine.net>> wrote: >>>>> >>>>> On 2017-06-01 9:06 AM, Joe Andrieu wrote: >>>>>> Identity is innately >>>>>> trans-system. Any given "digital identity" may not be, but our real >>>>>> world "identity" absolutely is. By its very nature. We have an identity >>>>>> completely independent of any system or authority. >>>> >>>> This I suppose is behind Heraclitus statement that "You could not >>>> step twice into the same river." >>>> >>>> It is also the old question of how much change one can make to >>>> something and it still be the same thing, as the old paradox of >>>> Theseus Ship makes clear >>>> https://www.wikiwand.com/en/Ship_of_Theseus >>> >>> Actually, I think the functional definition makes the question of >>> Theseus's >>> ship moot. That question is grounded in the compositional notion that >>> the identity of "Theseus's ship" is initially based on the components >>> of his initial ship. A functional definition would ask whether or not >>> the ship >>> in question was recognized as the same ship throughout its tenure. >>> If the current ship is recognized as the same ship, then, >>> functionally, it >>> has the >>> identity of "Theseus's ship". Whether or not is *is* the same ship is >>> philosophical and not relevant to engineering and identity system. >>> >>> From what I understand, the basis for Steven Rowat's argument about >>> "essences" follows that same compositional notion. The functional model >>> doesn't care. If a person is recognized as an individual, then as long as >>> the recognition holds, they have that identity. Whether or not they *are* >>> in fact that person is a meta-physical, psychological, or philosophical >>> question, which I'm intentionally taking off the table so we engineers >>> can >>> figure out what we are trying to build together. >>> >>>>> On 1 Jun 2017, at 11:08 AM, Steven Rowat <steven_rowat@sunshine.net >>>>> <mailto:steven_rowat@sunshine.net>> wrote: >>>>> >>>>> I believe Joe and Henry are talking past each other in a fundamental >>>>> way that might be a good example of the tar-pit that Manu likes to >>>>> talk of. >>> >>> Yes. And I apologize for the distraction. Hopefully we can get this >>> out of >>> our systems and let the list get back to technical discussions in >>> short order. >>> >>>>> Joe's position (in my words, using Henry's terminology) >>>>> I believe Joe is most concerned with the fact that a given thing >>>>> (person) is unique in the world. And that any collection of labels >>>>> that relate to that person is part of an assumed superset relating to >>>>> them, and "Identity" is the whole superset. How much of the superset >>>>> we see at one time varies, but it exists because the person exists. >>> >>> I'm not sure I care about uniqueness. I don't think that's actually >>> relevant for a >>> functional model of identity. Certainly, identities can become >>> confused. Such >>> is the fodder for much comedy throughout literature and media. I >>> wouldn't say >>> that such confusion--or ambiguity if the identity is simply limited in >>> its specificity-- >>> means we aren't dealing with identity. >>> >>> I will also say that while the superset could conceptually be >>> constructed in an >>> all-knowing thought experiment, any essential identity ultimately >>> resides in >>> the minds' eyes of the beholders who recognize a thing. What's in my >>> head is inevitably different than what is in someone else's, even >>> if we both >>> are aware of >>> all the attributes ever recorded in any ICT system. >>> >>> Hence, while we could discuss the uber-set of all such mental notions, >>> it is not >>> clear that would ever be a superset of which some of us share subsets, as >>> much as a collection of distinct notions. To get philosophical, we >>> can't even >>> know if your sense of "red" is the same as mine; it would seem >>> unlikely that >>> we could ever know if your sense of me is the same as anyone else's. >>> >>> >>> On Thu, Jun 1, 2017, at 12:16 PM, David Chadwick wrote: >>>> On 01/06/2017 17:06, Joe Andrieu wrote: >>>> >>>> On Thu, Jun 1, 2017, at 12:44 AM, David Chadwick wrote: >>>> >>>> On 01/06/2017 07:48, Joe Andrieu wrote: >>>> >>>> If we mean "digital identity", then say it. Don't confuse it with >>>> "identity". >>>> >>>> The objections to "identity" are often because of conflation of >>>> the two. >>>> We discuss A when we mean B. We discuss "identity" when what we >>>> really >>>> mean is "the isolated domain-specific digital identity that only >>>> applies >>>> to this particular ICT system". >>>> >>>> >>>> Ok, but I prefer to use the term identity information when referring to >>>> the information held about a person in an information system. If the IS >>>> is physical and paper based, then the identity information will be held >>>> in paper files. If the IS is an ICT system, then it will indeed be >>>> digital identity information that is stored there. >>> >>> I like the term "identity information". That's much clearer than >>> referring >>> to a collection of attributes as someone's identity. >>> >>>> But I have never moved this discussion in the direction of talking about >>>> a single isolated ICT system, so I am not sure where you got that idea >>>> from. I said 'any and every ICT system'. >>> >>> The ISO standard does: >>> >>> An identity is the information used to represent an entity in an >>> ICT system. >>> >>> >>> It certainly does not say that identity is cross-system. >>> >>> That would, IMO, be much more rigorous to say either: >>> "A digital identity is the information used to represent an entity in >>> an ICT system." >>> >>> Or "Identity information is used to represent an entity in an ICT system." >>> >>> However, our "real" identities are fundamentally external to any ICT >>> system. I am "Joe Andrieu" whether it is in an ICT system or not. >>> >>>> >>>> The problem is that these digital identities don't stay isolated. >>>> >>>> >>>> Of course they dont. Who said they did? Federated identity management >>>> has always been about sharing digital identity information. >>> >>> And yet, the ISO definition of "identity" is anchored in "an ICT >>> system". The >>> whole point of federation is to match the identity information in one >>> system with the identity information in another. The nature of the >>> problem is >>> that >>> these are *distinct* sets of identity information, distinct digital >>> identities, for >>> which some sense of equivalence is sought. That equivalence becomes >>> a shared sense of identity--and it almost never includes a >>> transference of all >>> related attributes. Even the ISO "identity" of a system isn't >>> transferred during >>> federation. Some subset of identifying information is. And yet, that >>> shared >>> sense of identity will still never match the entirety of any given >>> individual's >>> identity. The ISO definition conflates the shared sense of identity, >>> the ineffable subjective collective sense of identity, and the >>> identity information >>> in an ICT system when it refers to this last item as "identity". This >>> is the problem. >>> >>>> >>>> Similarly, rights and privileges tied to our real identities are >>>> often >>>> ignored >>>> or dismantled because *in a given system* it didn't seem relevant >>>> to the engineers who designed and built it. Identity is innately >>>> trans-system. Any given "digital identity" may not be, but our real >>>> world "identity" absolutely is. By its very nature. We have an >>>> identity >>>> completely independent of any system or authority. >>>> >>>> >>>> Your last sentence conflicts with your other sentences in 'Identity >>>> Crisis' in which you state 'identity is an emergent phenomenon that does >>>> not have an existence independent of the observer' >>>> >>>> So which is it? Is identity completely independent or rather does not >>>> have an existence independently? >>> >>> I can see how that is confusing. However, both are accurate. >>> >>> Identity exists in the minds of observers, which is independent of >>> any authority. No single observer has the authority to decide their >>> version of my identity is authoritative, except to themselves, which >>> really is just a matter of the sovereignty of our own minds. Even *I* >>> don't have that authority. This was actually one of my rants against >>> many early testimonies about the awesome power of self-sovereign >>> identities. Nobody controls anyone else's subjective state. We can >>> influence, but that state is innately independent of outside authority. >>> >>>> I dont think I know anyone who regards identity information as being >>>> specific to a single ICT system. Certainly everyone in the FIM world >>>> knows that identity information is meant for sharing. And people in the >>>> privacy world know that PII is allowed to be shared providing it stays >>>> within the rules. The GDPR is there to ensure the rules are obeyed, >>>> otherwise unscrupulous data controllers would share it in ways it was >>>> never intended for. Even the VC work does not believe in the full and >>>> free sharing of PII, rather it should be under the control of the >>>> holder. So there is no conflict between ISO, GDPR and VC work as far as >>>> I can see. >>> >>> On the contrary, identity information need not EVER be shared. It >>> is not *meant* to be shared. It is meant to provide a given system >>> with the information it needs to customize services in relation to >>> a given >>> entity. >>> Not even ISO presumes that identity information is designed to be shared. >>> That's a privacy nightmare. >>> >>> In a federated system, yes, fundamentally, identity information is being >>> shared, but that is what makes federation federation, NOT what makes >>> identity information identity information. And when an individual's >>> identity is treated as if it is entirely defined by the attributes >>> in the system, >>> we have fundamentally compromised human dignity by subjugating >>> individuals to the tyranny of the data. Believe me, I've spent six >>> months >>> in Amazonian purgatory because the database was in error about my >>> identity. No matter what Amazon thought, my *identity* was >>> fundamentally >>> *not* what was captured by their set of attributes. >>> >>> There is a growing awareness that PII is an insufficiently defined >>> set to rigorously regulate anything. Even the GSA says "it requires >>> a >>> case-by-case >>> assessment of the specific risk that an individual can be identified." >>> [1] >>> There isn't even agreement as to what the acronym stands for. [2] >>> >>> Unfortunately GDPR is too young to discern its true strengths and >>> weaknesses. However, there are known flaws of the OECD >>> privacy principles which helped inform EU privacy law and I expect are >>> still lingering in GDPR. Namely, a complete lack of awareness that a data >>> controller or data processor may also be the data subject. We ran into >>> this in VRM conversations about personal data stores. The dominant >>> paradigm assumes that, in essence, corporations have and control data >>> about people and that people have certain rights in that situation. The >>> world view remains firmly in the lens of our corporate overlords and how >>> we protect the proletariat from their evils. In this world, like in ISO, >>> "Identity" is something given to you, not something innately existing in >>> the relationships that form social bonds. >>> >>> In short, *none* of these approaches to identity should be considered >>> resolved or adequate. The primary drivers in the modern era have been >>> corporations focused on securing their ability to profit from >>> information. >>> More recently, in the EU, the state has picked up its original charge in >>> defining identity, acting as a force in the other direction, figuring >>> out how >>> to realize the EU constitutional right to privacy in the face of corporate >>> data systems. >>> >>> [1] https://www.gsa.gov/portal/content/104256 >>> [2] https://en.wikipedia.org/wiki/Personally_identifiable_information >>> >>> >>>> >>>> aligned with the W3C mental >>>> model of security by domain isolation as a response to things like >>>> cross-site scripting hacks. >>>> >>>> >>>> I think you are confusing two separate issues, security vulnerabilities >>>> and data sharing. The Same Origin Policy is there to stop hackers >>>> linking systems that should not be linked, whereas FIM and token binding >>>> etc. are there to ensure that data can be shared safely and securely. >>> >>> Yes. Linking systems that should not be linked is how privacy is >>> violated. >>> It feels comfortable to consider contextual integrity as a security >>> problem. >>> Thinking of it in this manner leads to whitewashing information sharing >>> through consent ceremonies that users can't understand for uses that >>> are unexpected. There is a consistent perspective that within a given >>> domain, privacy and identity are the purview of the domain controller. >>> This is baked into the mental model of isolated systems sharing specific >>> bits of "identity" under controlled terms--with near complete disregard >>> for both the downstream sharing and the systemic effects on privacy and >>> identity. The framing is that "if we solve privacy and identity within >>> our >>> isolated contexts, we'll have done the right thing." But fundamentally, >>> privacy and identity are greater than any isolated context. This is the >>> disconnect that, IMO, is the core architectural flaw in how most >>> contemporary systems deal with privacy and identity. >>> >>>> >>>> If we want to make sure we don't undermine beneficial--or unwittingly >>>> enable undesired--aspects of real-world identity, we need to >>>> acknowledge >>>> that identity is inevitably more than the digital identity in >>>> any given system. >>>> >>>> >>>> I think we all realise that. No one has been arguing for the opposite. >>> >>> The ISO standard itself defines identity as merely the attributes >>> related to >>> an entity in an ICT system. So arguing for the ISO standard argues for >>> that opposite. >>> >>> -- >>> >>> That's all for now. I think I've said more than enough. I've appreciated >>> the thoughtful responses and hope I've stretched some mental models. >>> It'd be great if the idea of treating identity functionally rather than >>> compositionally resonates enough to help us avoid the delicious yet >>> distracting rabbit holes of philosophical, cultural, and political >>> identity. >>> >>> As Manu suggested, I'll bring my perspective to comments and suggestions >>> in actual specification text. That's where I think we can most >>> concretely see >>> if anything I'm suggesting has merit. >>> >>> -j >>> >>> -- >>> Joe Andrieu, PMP >>> joe@joeandrieu.com <mailto:joe@joeandrieu.com> >>> +1(805)705-8651 >>> http://blog.joeandrieu.com >>> >> >
Received on Friday, 2 June 2017 18:12:29 UTC