- From: Henry Story <henry.story@bblfish.net>
- Date: Fri, 20 Jul 2018 15:13:39 +0200
- To: Bohdan Andriyiv <bohdan.andriyiv@validbook.org>
- Cc: Credentials Community Group <public-credentials@w3.org>
> On 20 Jul 2018, at 13:43, Bohdan Andriyiv <bohdan.andriyiv@validbook.org> wrote: > > Hi Henry, > > Thanks for sharing your blog posts. I think the ideas of institutional WoT and Security Screen (screen independent from application) are very useful in a sense that they thought provoking, and problem exposing. However I do not think that solutions as described are practical. The (modal) logical argument is that the user needs to be able to distinguish which agent is displaying to the screen, which is similar to the need we have of remembering who said what. We all know from everyday life how important it is to not just believe that because someone says they are the best friend of your friend to believe that this is so. But all of Phishing relies on this. This does not require a separate screen, but at least a clear partition of screens. Indeed the work on Android that I refer to on "Epistmology of the Screen" makes just that point too. Since on computers people like an application taken over the whole screen it follows by logical necessity that one needs a second one. This actually already exists, and is being sold by the most successful computer company in the world Apple. > > Institutional WoT. > There are too many sites and too much multifaceted information about them for government institutions to vouch for. 1) The Institutional WoT (IWoT) does not need to cover all web sites. 2) We are speaking about governments who are already keeping information about every type of entity and at that size of expenditure the resources to put things online is not going to be the biggest cost. There are also large agencies such as the Open Data Institute working on doing this. > The practical solution will be PageRank like algorithm that takes into account different points of data (not just vouching from institutions) to estimate trustworthiness of sites. The last paragraph of the article on Epistemology of the Screen makes clear that this IWoT does not negate the p2p web of trust based on hyperlinks we have and on which PageRank is based. PageRank is not good enough for what is needed because: • it is not tied to justice and legal systems (or do you want to make link decisions made by normal citizens something they can end up going to court for?) • there is no democratic oversight • there is no way of individual citizens to verify the correctness of the information • it is centralised • it is a secret algorithm that has to remain secret for it to work The IWoT is just a decision to make explicit the information that is already kept by governments and putting it onto the web in an interoperable format so that it can be used by billions of people every day. > > Security Screens (screen, or part of screen independent from applications to show security information) > People want to do stuff and go places. Even if we have independent screen on keyboard or reserve part of usual screen to show verifiable security information people will ignore, miss it. > The practical solution will be to use PageRank like trust score and block screen completely for sites that have small trust score, forcing user to reconsider going to dangerous site. So that would be putting all the power on what we should rely on into one closed company rated on the stock market. See the bullet points above for what is wrong with that idea. > > I agree that Verifiable Claims should be used for certificates as they can provide all information about website that website want to share about itself and people want to read. I think Verifiable Claims standard is good for it because it is flexible and can be used to show information securely on two layers: human friendly - presentation layer and machine readable JSON layer. See as example - Validbook Statements (for example - http://futurama1x.validbook.org/statements/templates/Certificate%20of%20Completion-15) > > As for Institutional WoT, I think this is a good idea if taken as a part of big general WoT, where websites (legal entities that created websites) are vouched for, not only by the government institutions, but by everyone (government institutions , private institutions, people). Yes, the IWoT complements the existing web. It does extend it by bringing institutions into the web in an effective way. > Website can make a statement (for example like this - http://futurama1x.validbook.org/arbitration/undefined/unique-representation-of-a-living-human-individual) and it can be backed by anyone. Then PageRank like algorithm can calculate trust score (taking away mental load from people to remember to check security screen) and block screen to prevent user from going to dangerous site. There need be no mental load on checking the security screen if 1) the information is interesting 2) is made available when important changes occur 3) is safe and cleanly distinguishable from other information Look at some examples of the Apple TouchPad and you'll see that they have made them very addictive and interesting to a large population. Now if I had told you 2 years ago that people would find the Fn keys interesting, what would you have said? I think I would have found it difficult to imagine. And yet that is what happened. > > Bohdan > > > On Fri, Jul 20, 2018 at 1:18 PM, Henry Story <henry.story@bblfish.net> wrote: > Hi all, > > I have been thinking a bit about servers and applications credentials recently > which is the opposite of what I have been doing for a long time namely user > credentials. But since that also falls under Verifiable Claims, I thought you'd > be interested. > > Discussing this topic in various forums one often > finds one resistance to new ideas relating to the huge failure in the space of > user interfaces for this technology. Many have been burned by the many > failures in that space. So I decided to address that problem with a > light weight and quite intuitive detour through modal logic. If you have ever > dealt with a salesman coming to your door, then you can follow the reasoning.... > This is then mapped to the UI problem where I came to the conclusion to my amazement > that there is actually a very useful cyber-security application for the > MacBook TouchBar! > > Phishing in Context > Epistemology of the Screen > https://medium.com/cybersoton/phishing-in-context-9c84ca451314 > > That follows up on a previous post > > "Stopping (https) Phishing" > https://medium.com/cybersoton/stopping-https-phishing-42226ca9e7d9 > > which shows that the problem with X509 server certs is the complete poverty of data that > comes with it. So I make a case that one needs much richer Verifiable Server Claim > information if it is to be interesting to the user finding out about the web site > he is looking at. (or the app he is using) > > The flexible answer is to allow the browser to go online and fetch the information > from the institutional web of trust. But the efficient one would be for the server > to send a verifiable claim containing the same info and signed by the institution. > I think one could be flexible and allow both. But for that one would need very > flexible verifiable claims that could contain pretty much any data > (as shown in the example of info from Company House). So I think that means X509 is out > long term. Then one could have Verifiable claims with 1 day time to live. > > So this may be an additional angle that can be useful to further the causes this group > is interested in. > > > Feedback welcome, > > Henry Story > > > >
Received on Friday, 20 July 2018 13:14:13 UTC