Re: Terminology poll from Timothy Holborn on 2017-06-22 (public-credentials@w3.org from June 2017)

From: Timothy Holborn <timothy.holborn@gmail.com>
Date: Thu, 22 Jun 2017 02:51:29 +0000
To: David Chadwick <D.W.Chadwick@kent.ac.uk>, public-credentials@w3.org
Message-ID: <CAM1Sok0vET_kf14iAvfdVo+W+aujNxZv+cJmm2VsvRfYS4zrsw@mail.gmail.com>
Hi David,

I note my admiration for your use of language...

On Thu, 22 Jun 2017 at 06:12 David Chadwick <D.W.Chadwick@kent.ac.uk> wrote:

> Tim
>
> At first glance it appears that your examples are based on the
> assumption that the subject is uniquely identified in a globally
> unambiguous way that everyone understands i.e. their common name and
> perhaps address or nationality.


I was trying to alter my linguistics around the conceptualisation of the
'functional' language, rather than the 'purpose' language that i have
previously focused on as i sought to support the design of technology that
would resolve use-case / business case issues.

therein; an attempt to mature the means in which the technology lifecycle
is explained independent of any persons particular use-case interests.   I
think in almost all cases, these instruments are designed to be used, to
some-degree, for fiduciary purpose. that is; that the method is being
designed to provide a level of confidence of the communicated concepts, in
a document, that pertains to a plurality of parties; for some specified
purpose; as described in the independently, cryptographically signed,
machine-readable document.

What this constituent does not examine or provide a resolution for; is the
means in which to ensure the intended holder of the credential is indeed
the legal entity who is holding the instrument; therein also, still
assuming use-cases that are not simplistically, 'machine to machine' as
some AI / IoT use-cases may bring about.



> But this is not the case for VCs were
> meaningless IDs are used to identify subjects. Consequently it is not
> apparent to the recipient who the instrument applies to. Hence the
> presenter has to prove possession of the ID in the instrument.

Copying
> the instrument by third parties and putting different signatures on it
> is not helpful, as they are not able to prove possession of the ID
> (unless delegation of authority has been enacted)
>

I was thinking about attack-vectors as a thought experiment in seeking to
boil-down the pragmatics of this VC element specifically (and
independently) to other reliant aspects; and to thereafter, use the method
to attend to the issue of language that has been on-going for sometime.

I think pragmatically; we're trying to get to the very basic underlying
principles. the scaling use of the method could have two particular actors
involving 3 agents. the necessary bridge is between 'someone who says
something about an agent, as an external source' and 'a party that requires
that information in-order to act'. (in-order for their system to do
something).

Herein; Perhaps it is the case that the work has focused on the needs of
institutions at each-end of the cycle, without a great deal of
consideration for the 'document' itself; which is intended to be a tool for
a beneficiary, ie: a human, with an account somewhere that has a URI
associated to it, that requires other apparatus in-order to ensure
legitimate use of the items stored in that electronic storage location that
presumably has access control methods applied to it somehow;  yet,

Doesn't that kinda mean we need to have more / improved representation of
how that document associates to the third party?  I've considered ontology
as a means to resolve some of these perceived issues alongside the merits
of supporting progress in the WebID CG works; but the focus moreover has
been on each-end of the lifecycle, which seems moreover to be more
institutionally focused.

I'll keep thinking.  however, the note was about attempting to provide
use-case independent language and thereby, seeking to perhaps - scaffold -
language from other areas of society into something that may work for the
purpose of meaningful W3 progress.

I think Authority is a good term; noting also, that individuals should be
able to issue VCs, and i was concerned about the potential for
centralisation of the concept of 'authority' as a battle-ground would be
contrary to the intended outcomes of those who've been working to make the
world a better place.

I'll keep looking at cryptography language and other pools.  Technically
(from a software point of view) language doesn't matter nearly as much as
it does in civil society and the institutional frameworks that seek to use
language for societal governance, support and diplomacy, et.al.

In circumstance where the concept of 'identity' vs. 'identifier' is often
mixed-up, it's important to me i'm not engineering a software based means
to replace the old iron clamps used to control vulnerable people for
external economic gains.

which is another reason why i was seeking a more technical view to the
language; than necessarily supporting the use of identity terms; when the
means in which systems are applied by users / consumers; will likely have a
variety of characteristics embedded that are not necessarily what this
group seeks to define as essential instruments for identity, in-line with
the purposes and intent of parties such as the UN in seeking to ensure
people have a (digital) legal identity by 2030.

i'll keep thinking.

Tim.H.



>
> regards
>
> David
>
> On 21/06/2017 10:39, Timothy Holborn wrote:
> > Reviewing it;  are there any other words for the 'inspector'....?
> >
> > I was looking at 'trust law' (trustee, beneficiary, bequest, et.al
> > <http://et.al>.) for ideas.
> >
> > Given the crypto would be a legal instrument of the 'issuer', whatever
> > that instrument says and indeed whether or not it works; is solely upto
> > the creator of the signed document.
> >
> > Regardless of who receives that document (depending on use-case, et.al
> > <http://et.al>.) the recipient / examiner seeks to test the crypto and
> > do something on the basis of the remarks made in the document; yet once
> > that document has been provided, the solution doesn't stop anyone from
> > storing that document or duplicating it's contents, to create a new
> > signed document with different signatures.
> >
> > Any other examples of these sorts of '3 pillar systems' for the purposes
> > of trust, in traditional society we can use to figure out a use-case
> > neutral format for the language?
> >
> > ie: judiciary, executive,
> > parliament:
> http://www.peo.gov.au/uploads/image_gallery/the-law/PEO_0701_separation-powers.jpg
> > or re: a form of behavioural
> > models:
> https://en.wikipedia.org/wiki/Karpman_drama_triangle#/media/File:Karpman_drama_triangle-2.png
> >
> > The other thing i wanted to note; was that if ontological terms are
> > noted; but the terms they're pointed to are not version controlled, then
> > the instrument may in-future say something different, to what it was
> > designed to say when it was created.
> >
> > Example i've used before is: https://schema.org/Physician = a place
> > today, perhaps in the future it might be a person or profession
> > attributed to a person; rather than perhaps, a place of work?
> >
> > understanding this could be avoided by defining the descriptions; or
> > providing a copy of those descriptions in the document; perhaps these
> > things have different 'classes' which could be described in ontological
> > form to figure out at what level someone should rely upon the document
> > itself (rather than assertions being put upon a technology method,
> > regardless of how that technology method has been employed by
> > authors/users/consumers).
> >
> > I know we have more time. i just wanted to raise these ideas sooner
> > rather than later.
> >
> > tim.h.
> >
> > On Wed, 21 Jun 2017 at 11:54 Manu Sporny <msporny@digitalbazaar.com
> > <mailto:msporny@digitalbazaar.com>> wrote:
> >
> >     Hi all,
> >
> >     I'm notifying this community of something going on in VCWG space as
> we'd
> >     like some educated input on some terminology changes we're making
> from
> >     this CG since the terminology changes are expected to affect this CG.
> >
> >     ---------------
> >     Email sent to the VCWG:
> >
> >     Per my action from the VCWG call today, here is a Google Doc for
> >     brainstorming the language we'll use to present how the Verifiable
> >     Claims terminology will be used in the Data Model spec:
> >
> >
> https://docs.google.com/document/d/1NWdpFxbERXZodvbJP_GgGZhkGI54zWmqTuFz-CR2hps/edit
> >
> >     Please suggest additional phrases where the terminology may be used
> to
> >     help people understand what they feel most comfortable with using.
> >
> >     The language in the document above will be moved to the terminology
> >     playground app that can be used to try out variations of the
> suggested
> >     terminology before people vote:
> >
> >     https://vcwg-terminology-playground.firebaseapp.com/
> >
> >     Here is a draft terminology poll that does Instant Run-off Voting,
> this
> >     will go live next Tuesday at the earliest.
> >
> >     https://www.opavote.com/en/vote/5724357032673280?p=1
> >
> >     Here's what we need from those that want to participate by next
> Monday
> >     (June 26th):
> >
> >     1. Provide unique example phrases that use the terminology in the
> first
> >        document.
> >     2. Propose missing terminology that has support from at least two
> >        people (and no more than two objections) to the poll.
> >
> >     Timeline:
> >
> >     1. We'll decide whether or not to run the poll on next Tuesdays VCWG
> >        call (June 27th).
> >     2. The poll will be open for 7 days and will close at the beginning
> of
> >        the following Tuesday (July 4th).
> >
> >     I suggest we run the poll with the following additional rules:
> >
> >     * We want as many EDUCATED INDIVIDUAL VOTERS voting as possible.
> Please
> >       abstain from voting if you don't fully understand the consequences
> of
> >       this vote.
> >     * Please vote in an individual capacity, not on behalf of your
> >       organization, we want to know how individuals will react to the
> >       language (not what your official corporate position is). If you
> have
> >       to ask your co-workers how they voted, you're doing it wrong. :)
> >     * The result of the vote is non-binding, the final decision will be
> >       made by the Editors and the Chairs of the VCWG. This is a data
> >       gathering exercise.
> >
> >     -- manu
> >
> >     --
> >     Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
> >     Founder/CEO - Digital Bazaar, Inc.
> >     blog: Rebalancing How the Web is Built
> >     http://manu.sporny.org/2016/rebalancing/
> >
>
>
Received on Thursday, 22 June 2017 02:52:15 UTC