Re: The UI part of credentials from Bohdan Andriyiv on 2018-07-24 (public-credentials@w3.org from July 2018)

From: Bohdan Andriyiv <bohdan.andriyiv@validbook.org>
Date: Tue, 24 Jul 2018 13:16:37 +0300
To: Henry Story <henry.story@bblfish.net>
Cc: Credentials Community Group <public-credentials@w3.org>
Message-ID: <CALqw9pWo_ZFjsGLNxpaa2bhNLGw9oRZwCsf4=whDiDYoMfsRrg@mail.gmail.com>
Hi Henry, all

*Regarding security screen (partition of screen for security information).*
My point is that anything that is not directly related to "doing stuff and
going places" is going to be ignored by user. However easy-to-read,
interesting you make this security information it will be ignored by most
users. Even if it takes 0.1 seconds of time/attention - it will be ignored or
missed.
Therefore, the practical solution is to lock the screen completely when low
trust site is accessed. Otherwise, people will get hacked. IMO, complete
screen lock is the most safe way to prevent fishing.

*Regarding need for PageRank-like algorithm based on rich data and general
WoT*
Now, in order to enable Complete Screen Lock and to not make too many
"false positives" (locking screen on legitimate site), the locking should
be done based on PageRank-like (AI/Smart) algorithm and rich "multiple data
points" data.
Goverment rooted IWoT may be very valuable part of this rich "multiple data
points" data. However, I think, for the most of the websites, their
trustworthiness score will rely mostly on people WoT and usage patterns.

The discussion on how to make this Complete Screen Lock based on Smart
algorithm and rich data and to not rely on one company to do this is
another question. It is possible, that something like Validbook, maybe
based on something like SOLID and DID technology, together with something
like Brave browser can do this)

Bohdan

On Fri, Jul 20, 2018 at 4:13 PM, Henry Story <henry.story@bblfish.net>
wrote:

>
>
> > On 20 Jul 2018, at 13:43, Bohdan Andriyiv <bohdan.andriyiv@validbook.org>
> wrote:
> >
> > Hi Henry,
> >
> > Thanks for sharing your blog posts. I think the ideas of institutional
> WoT and Security Screen (screen independent from application) are very
> useful in a sense that they thought provoking, and problem exposing.
> However I do not think that solutions as described are practical.
>
> The (modal) logical argument is that the user needs to be able to
> distinguish which agent
> is displaying to the screen, which is similar to the need we have of
> remembering who said what.
> We all know from everyday life how important it is to not just believe
> that because someone says
> they are the best friend of your friend to believe that this is so. But
> all of Phishing relies on this.
>
> This does not require a separate screen, but at least a clear partition of
> screens. Indeed
> the work on Android that I refer to on "Epistmology of the Screen" makes
> just that point too.
> Since on computers people like an application taken over the whole screen
> it follows by
> logical necessity that one needs a second one. This actually already
> exists, and is being
> sold by the most successful computer company in the world Apple.
>
> >
> > Institutional  WoT.
> > There are too many sites and too much multifaceted information about
> them for government institutions to vouch for.
>
> 1) The Institutional WoT (IWoT) does not need to cover all web sites.
> 2) We are speaking about governments who are already keeping information
> about every type of entity
> and at that size of expenditure the resources to put things online is not
> going to be the biggest
> cost. There are also large agencies such as the Open Data Institute
> working on doing this.
>
> > The practical solution will be PageRank like algorithm that takes into
> account different points of data (not just vouching from institutions) to
> estimate trustworthiness of sites.
>
> The last paragraph of the article on Epistemology of the Screen makes
> clear that this IWoT does
> not negate the p2p web of trust based on hyperlinks we have and on which
> PageRank is based.
> PageRank is not good enough for what is needed because:
>
>  • it is not tied to justice and legal systems
>  (or do you want to make link decisions made by normal citizens something
>   they can end up going to court for?)
>  • there is no democratic oversight
>  • there is no way of individual citizens to verify the correctness of the
> information
>  • it is centralised
>  • it is a secret algorithm that has to remain secret for it to work
>
> The IWoT is just a decision to make explicit the information that is
> already kept
> by governments and putting it onto the web in an interoperable format so
> that
> it can be used by billions of people every day.
>
> >
> > Security Screens (screen, or part of screen independent from
> applications to show security information)
> > People want to do stuff and go places. Even if we have independent
> screen on keyboard or reserve part of usual screen to show verifiable
> security information people will ignore, miss it.
> > The practical solution  will be to use PageRank like trust score and
> block screen completely for sites that have small trust score, forcing user
> to reconsider going to dangerous site.
>
> So that would be putting all the power on what we should rely on into one
> closed company
> rated on the stock market. See the bullet points above for what is wrong
> with that idea.
>
> >
> > I agree that Verifiable Claims should be used for certificates as they
> can provide all information about website that website want to share about
> itself and people want to read. I think Verifiable Claims standard is good
> for it  because it is flexible and can be used to show information securely
> on two layers: human friendly - presentation layer and machine readable
> JSON layer. See as example - Validbook  Statements (for example -
> http://futurama1x.validbook.org/statements/templates/
> Certificate%20of%20Completion-15)
> >
> > As for Institutional WoT, I think this is a good idea if taken as a part
> of big general WoT, where websites (legal entities that created websites)
> are vouched for, not only by the government institutions, but by everyone
> (government institutions , private institutions, people).
>
> Yes, the IWoT complements the existing web. It does extend it by bringing
> institutions into
> the web in an effective way.
>
> > Website can make a statement (for example like this -
> http://futurama1x.validbook.org/arbitration/undefined/
> unique-representation-of-a-living-human-individual) and it can be backed
> by anyone. Then  PageRank like algorithm can calculate trust score (taking
> away mental load from people to remember to check security screen) and
> block screen to prevent user from going to dangerous site.
>
> There need be no mental load on checking the security screen if
>
>   1) the information is interesting
>   2) is made available when important changes occur
>   3) is safe and cleanly distinguishable from other information
>
> Look at some examples of the Apple TouchPad and you'll see that they have
> made
> them very addictive and interesting to a large population. Now if I had
> told
> you 2 years ago that people would find the Fn keys interesting, what would
> you
> have said? I think I would have found it difficult to imagine. And yet
> that is
> what happened.
>
>
> >
> > Bohdan
> >
> >
> > On Fri, Jul 20, 2018 at 1:18 PM, Henry Story <henry.story@bblfish.net>
> wrote:
> > Hi all,
> >
> >    I have been thinking a bit about servers and applications credentials
> recently
> > which is the opposite of what I have been doing for a long time namely
> user
> > credentials. But since that also falls under Verifiable Claims, I
> thought you'd
> > be interested.
> >
> >    Discussing this topic  in various forums one often
> > finds one resistance to new ideas relating to the huge failure in the
> space of
> > user interfaces for this technology. Many have been burned by the many
> > failures in that space. So I decided to address that problem with a
> > light weight and quite intuitive detour through modal logic. If you have
> ever
> > dealt with a salesman coming to your door, then you can follow the
> reasoning....
> > This is then mapped to the UI problem where I came to the conclusion to
> my amazement
> > that there is actually a very useful cyber-security application for the
> > MacBook TouchBar!
> >
> > Phishing in Context
> > Epistemology of the Screen
> > https://medium.com/cybersoton/phishing-in-context-9c84ca451314
> >
> > That follows up on a previous post
> >
> > "Stopping (https) Phishing"
> > https://medium.com/cybersoton/stopping-https-phishing-42226ca9e7d9
> >
> > which shows that the problem with X509 server certs is the complete
> poverty of data that
> > comes with it. So I make a case that one needs much richer Verifiable
> Server Claim
> > information if it is to be interesting to the user finding out about the
> web site
> > he is looking at. (or the app he is using)
> >
> > The flexible answer is to allow the browser to go online and fetch the
> information
> > from the institutional web of trust. But the efficient one would be for
> the server
> > to send a verifiable claim containing the same info and signed by the
> institution.
> > I think one could be flexible and allow both. But for that one would
> need very
> > flexible verifiable claims that could contain pretty much any data
> > (as shown in the example of info from Company House). So I think that
> means X509 is out
> > long term. Then one could have Verifiable claims with 1 day time to
> live.
> >
> > So this may be an additional angle that can be useful to further the
> causes this group
> > is interested in.
> >
> >
> > Feedback welcome,
> >
> > Henry Story
> >
> >
> >
> >
>
>
Received on Tuesday, 24 July 2018 10:17:07 UTC