- From: Steve Magennis <steve.e.magennis@gmail.com>
- Date: Sat, 8 Jan 2022 12:45:33 -0800
- To: Adrian Gropper <agropper@healthurl.com>
- Cc: Orie Steele <orie@transmute.industries>, Justin P Richer <jricher@mit.edu>, "W3C Credentials CG (Public List)" <public-credentials@w3.org>
- Message-ID: <CAHM8=usXdaCTmPxc-kC215bxfjEvJX+9ZfukFaVt7T-NA3rH+Q@mail.gmail.com>
Thanks for the context Adrian -S On Sat, Jan 8, 2022, 9:09 AM Adrian Gropper <agropper@healthurl.com> wrote: > Yes, Steve: "Perhaps it is that human rights can be a more tangible > endeavor (better suited to standards work) whereas ethics is more of a > philosophical pursuit?" > > Although my career as an engineer and entrepreneur is similar to most of > my colleagues in standards work, I have now spent over a decade as a > full-time volunteer advocate with _dozens_ of tech standards groups and > health tech policy forums. Almost without exception, the SDOs are designed > for regulatory capture of the policy forums. It's an investment by a funded > entity to influence policy for profit just like a lobbyist would be, only > with engineers. Yes, I'm oversimplifying to make a point but I will be > happy to respond to counter-examples. > > Human rights are like wht has been said of pornography: "You know it when > you see it." Ethics are like art. SDO discussion threads, for example, > don't take kindly to mentions of "motive". Statements like the one I just > made about regulatory capture are obviously motive and, if I had directed > that to an individual, folks would let me know. > > Ethics, in my experience, are like motives in the SDO context. They may or > may not be relevant but need not be questioned. Writing about ethics in an > SDO is as useful as discussing religion. > > Adrian > > > > On Sat, Jan 8, 2022 at 11:47 AM <steve.e.magennis@gmail.com> wrote: > >> Adrian, >> >> >> >> On a number of recent threads you have highlighted a bold contrast >> between the concept of human rights and that of ethics. I have always >> thought of human rights as something that emerges (or at least tries to >> emerge) out of the ethics held by society so I’m having trouble >> understanding your statements of comparison (e.g. why dealing with the >> issue in this thread is a matter of one but not the other). Could you humor >> me and unpack your definitions a bit. I’d really like to better understand >> your point. Perhaps it is that human rights can be a more tangible endeavor >> (better suited to standards work) whereas ethics is more of a philosophical >> pursuit? >> >> >> >> Thanks & apologies for the digression >> >> >> >> -S >> >> >> >> *From:* Adrian Gropper <agropper@healthurl.com> >> *Sent:* Friday, January 7, 2022 12:42 PM >> *To:* Orie Steele <orie@transmute.industries> >> *Cc:* Justin P Richer <jricher@mit.edu>; W3C Credentials CG (Public >> List) <public-credentials@w3.org> >> *Subject:* Re: FedId CG at W3C and GNAP >> >> >> >> Thanks, Orie for starting this important thread. I will defer the >> technical comments entirely to Justin and others. >> >> >> >> From my perspective, the failure of SIOP in the wild needs to be >> understood and rectified whether it involves GNAP or not. I tried to >> participate in FedId CG from this perspective but quickly realized that >> they really were only scoped to federated cases and trying to introduce >> self-sovereign perspective in that CG would be torture for all involved. >> >> >> >> I would also hope that Sam Smith contributes to this thread. His >> perspective on decentralization seems important. >> >> >> >> The other thing I've been trying to understand in the context of >> self-sovereign authentication is biometrics. >> >> - Facial recognition is almost free and works well enough to be >> entirely passive and ambient for many use-cases. Like >> license plate scanners for people. Not necessarily a good thing. >> - Iris biometrics work even better and with appropriate hardware can >> be almost passive. How do we control that in a DID context? >> - Palm biometrics (as introduced by Amazon) are less passive and >> somewhat expensive but could also enter widespread use. >> - Local biometrics like Apple FaceID is already used to authenticate >> into Apple Wallet. Will it be used as an ankle bracelet analog? The answer >> seems to be yes, because that's how Apple Watch is used to interact with >> the wallet. >> - DNA readers get cheaper all the time... >> >> Notice also that dealing with these issues is a matter of human >> rights, not ethics. >> >> >> >> I think self-sovereign authentication might be a worthwhile CCG work item. >> >> >> >> - Adrian >> >> >> >> On Fri, Jan 7, 2022 at 3:22 PM Orie Steele <orie@transmute.industries> >> wrote: >> >> I asked them whether they considered GNAP via slack. >> >> https://w3ccommunity.slack.com/archives/C02355QUL73/p1641585415001900 >> >> They are chartered here: https://fedidcg.github.io/ >> >> To look at AuthN that breaks when browser primitives are removed. >> >> They are currently focused on OIDC, SAML, WS-Fed. >> >> The reason I asked them was in relation to the questions we have >> discussed regarding "What can GNAP replace". >> >> Clearly GNAP can replace OAuth, but I think you both have now confirmed >> that GNAP does not replace OIDC, or federated identity... >> >> I am confirming this one more time, just in case I got that wrong. >> >> Has there yet been discussion on what some kind of OIDC built on GNAP >> instead of OAuth would look like?. >> >> OS >> >> >> >> -- >> >> *ORIE STEELE* >> >> Chief Technical Officer >> >> www.transmute.industries >> >> >> >> <https://www.transmute.industries/> >> >> ᐧ >> >>
Received on Saturday, 8 January 2022 20:45:59 UTC