- From: Kingsley Idehen <kidehen@openlinksw.com>
- Date: Fri, 19 Oct 2012 10:56:37 -0400
- To: Klaas Wierenga <klaas@cisco.com>
- CC: Anders Rundgren <anders.rundgren@telia.com>, Ben Laurie <benl@google.com>, Henry Story <henry.story@bblfish.net>, "public-identity@w3.org" <public-identity@w3.org>
- Message-ID: <50816A25.2060906@openlinksw.com>
On 10/19/12 8:43 AM, Klaas Wierenga wrote: > Let's refrain from ad hominem attacks in a technical discussion…. > > I don't think anyone has argued that linkability is a bad thing per se, what I believe is the crux is whether the links exists -by default- (like locators for a person that can be looked up by 3d parties in DNS) rather than -by choice-. You lookup machine names via DNS. Neither you nor I are machines. > It is the difference between being listed in the phone directory versus giving someone your phone number. I am not my phone or combination of phone and phone number. As per my earlier post, the Web of Linked Document (yet another network) has resolvable names for documents which combined with a user agent and machine name give you a composite key. This composite key still doesn't denote you. Then we have the Web of Linked Data where the a name for entity: you, is added to the composite. This URI that denotes entity isn't as linkable as Ben presumes. It isn't an entropy favorable email address (aka. mailto: scheme URI), it can embody all of the dexterity required to handle the intersection of context fluidity and nebulous identity. > I think the likes of Tor are not sufficient here, if the norm is that you are linkable than someone that is using Tor is by definition suspicious… Depends on the context, and herein lies the problem. Identity is nebulous and context is fluid. Thus, you have to leverage entity relationship graphs, their relationship semantics, and logic. > David Chadwick rightfully remarks that there is a balance that you need to strike based on a risk analysis, for me the question is how much of that risk analysis you want to leave to the protocol designer versus the end-user. As an end-user I like to have sufficient control over my privacy without having to understand how to do Tor. Correct re. Tor. I don't see Tor as the answer per say, but I understand why Henry presents in response to Ben's arguments. What we all need is a solution that's capable of handling the challenging intersection of context fluidity and nebulous identity, at Web-scale. This is really what you end up with when you combine the following items that are naturally integrated into architecture of the Web: 1. URIs 2. WebID -- cryptographically verifiable personal de-referencabe URI 3. WebID protocol -- the verification/authentication mechanism 4. Linked Data -- entity relationship graph based structured data representation that leverages de-referencable URIs 5. Entity Relationship Semantics -- that leverages first-order logic as the basis for a conceptual schema 6. Data Access Policies or Rules -- based on Logic. > > Klaas -- Regards, Kingsley Idehen Founder & CEO OpenLink Software Company Web: http://www.openlinksw.com Personal Weblog: http://www.openlinksw.com/blog/~kidehen Twitter/Identi.ca handle: @kidehen Google+ Profile: https://plus.google.com/112399767740508618350/about LinkedIn Profile: http://www.linkedin.com/in/kidehen
Attachments
- application/pkcs7-signature attachment: S/MIME Cryptographic Signature
Received on Friday, 19 October 2012 14:57:03 UTC