Re: 10 Use Cases for Trust on the Web using LOD

• From: Henry Story <henry.story@gmail.com>
• Date: Mon, 16 Mar 2020 18:55:41 +0100
• To: Owen Ambur <Owen.Ambur@verizon.net>
• Cc: public-lod@w3.org, Gannon Dick <gannon_dick@yahoo.com>, Sandro Hawke <sandro@w3.org>
• Message-Id: <C00FD6D1-ABE1-4A6C-A7D5-666843355E9E@gmail.com>

> On 16 Mar 2020, at 17:32, Owen Ambur <Owen.Ambur@verizon.net> wrote:
> 
> Henry, the use cases are now available in StratML format at https://stratml.us/drybridge/index.htm#UCWN
> 
> Your about statement for Co-operating Systems is also available in StratML format, at https://stratml.us/drybridge/index.htm#COOS

That’s fun, if a bit geeky. 

> 
> As time permits, I look forward to learning more about PROV-XML, particularly whether it has been coordinated with national records management authorities and implemented in records management applications. https://www.w3.org/TR/2013/NOTE-prov-xml-20130430/#term-Plan
> 
> Broadly speaking, the only logical basis for trust is verifiable performance ... which requires reliable records ... which at scale requires machine-readability.

Verifiable performance of whom?
Reliable records published by who?

Clearly the reliable records have to be published by someone who 
is also verifiably performant. This is what democratic institutions 
based on law are there to provide, namely: 

 1. reliable legal structures (a key concept in law is predictability)
 2. balance of powers, so that different institutions can adjust the others
 3. Voter feedback, so that their views are taken into account and are
  adapted to the evolving reality

When an 18 year old wants to start driving, how does one establish 
reliable performance? One needs a testing system to be put in place
to evaluate it. How can one decide if the testing system is reliable?
Well that’s what the institution of the DMV is for. It has checks and 
balances too. 

When a US car company wants to lease a car to someone from the rest of 
the world they need to know that the person has a drivers license, and
thus has been tested for reliable driving, and has upheld their ability
by not breaking the law, as tested over time by a law enforcement system
in their country and around the world.

The US car rental company is confronted with a person X. They have no way
of knowing that the person is a reliable driver other than by checking
a driving record. That can be done by verifying a Verifiable Credential,
that has to be signed by the recognized institution of that country.

I deal with that as Use Case 9 "Anchor flexible Verifiable Credentials (age, licences, …)"
https://medium.com/@bblfish/use-cases-for-the-web-of-nations-361c24d5eaee


> Ultimately, with apologies to the Queen, artificial geopolitically biased boundaries and authorities become irrelevant.  All that matters is results -- in a worldwide web of intentions, stakeholders, and results.

That’s just not how the world works. I recommend you look at books on
geopolitics or law. A very good one on the latter is the just release
free online book ”Law for Computer Scientists” by Prof Mireille Hildebrandt
https://lawforcomputerscientists.pubpub.org/

Henry Story
https://co-operating.systems/

> 
> Owen
> 
> On 3/15/2020 5:43 PM, Henry Story wrote:
>> Following my reply to Dick Gannon, I added two extra uses
>> cases to the 10 I had listed previously
>> 
>> • Trusting Linked Data
>> • Provenance
>> 
>> Both of those will also I think need an institutional Web of Trust.
>> I linked to the answer I gave in the mailing list for the first
>> one and cite the PROV work in the second.
>> 
>> https://medium.com/@bblfish/use-cases-for-the-web-of-nations-361c24d5eaee
>> 
>> I also improved the grammar of the blog post.
>> 
>> Look forward to some more feedback :-)
>> 
>> Henry
>> 
>> 
>>> On 15 Mar 2020, at 19:30, Henry Story <henry.story@gmail.com> wrote:
>>> 
>>> 
>>>> On 15 Mar 2020, at 18:35, Gannon Dick <gannon_dick@yahoo.com> wrote:
>>>> 
>>>> Hi Henry,
>>>> 
>>>> 
>>>> (Country Profiles)
>>>> https://www.purl.org/pii/country/profiles
>>> Let me go through a few epistemological steps, to
>>> make the point of the blog post. The question we are
>>> asking is: how can I trust the info I am reading?
>>> Let’s start.
>>> 
>>> ----
>>> 
>>> Your purl redirects to secure6.securewebexchange.com .
>>> Who owns that company?
>>> As a techy I can find this out like this:
>>> 
>>> $  whois  securewebexchange.com | grep Admin
>>> Registrant Name: Domain Admin
>>> Registry Admin ID:
>>> Admin Name: Domain Admin
>>> Admin Organization: Deluxe Enterprise Operations, LLC
>>> Admin Street: 2300 Glades Rd, Suite #301E
>>> Admin City: Boca Raton
>>> Admin State/Province: FL
>>> Admin Postal Code: 33431
>>> Admin Country: US
>>> Admin Phone: +1.8003229438
>>> Admin Phone Ext.:
>>> Admin Fax:
>>> Admin Fax Ext.:
>>> Admin Email: corp-domains@aplus.net
>>> Tech Name: Domain Admin
>>> 
>>> FL stands for Florida (I know that as a techy who has worked on the web
>>> for 28 years, and on started discovering the internet in the 1980ies).
>>> 
>>> So this is a company declared to be in Florida.
>>> But I also know that this information is self declared info, so is
>>> it correct? Is there a big legal obligation to keep this data correct?
>>> 
>>> When I first go to that Web Site the browser should be able to immediately
>>> find a link from the web site, and get official information from
>>> the Florida business state registrar, and show me that, to tell
>>> me what kind of company it is, who the owners are, what kind of
>>> business they are, etc… This should be done in an intuitive UI
>>> that everybody can understand, perhaps even with a map of the
>>> globe to show people where Florida is. (It may be obvious to
>>> people in the US, but many people around the world will not
>>> know and neither will children, or even many teenagers.)
>>> 
>>> Anyway I guess what you wanted to look at were the links in the
>>> data found there. Each one of them points to a CIA factsheet
>>> page. Eg. https://www.cia.gov/library/publications/the-world-factbook/geos/ax.html
>>> 
>>> Who is the CIA? Is that web site real? We here know because we know
>>> that .gov is owned by the US government. How many people know that?
>>> Especially outside the US? Do you know what the chinese government
>>> web site is, or the Japanese, or that of Pakistan? or Russia?
>>> (And if you do, how long did it take you to make sure?)
>>> 
>>> And then is it reasonable to ask people around the world to trust
>>> US Central Intelligence Agency data about what they think of countries?
>>> (Assuming you think that data should be used by browsers, or people
>>> should use it to evaluate countries? I am not sure because you
>>> don’t give any context to your links)
>>> 
>>> Furthermore the data there tells us what the CIA thinks of a country,
>>> but not about the company we landed on. Eg. securewebexchange.com.
>>> What I want to know as a UK citizen is what my country’s diplomatic
>>> relations with the country in which the company behind a web site is located,
>>> and what that country’s company registry says about that company,
>>> what its domain of expertise is.
>>> 
>>> 
>>>> (Dashboards)
>>>> https://www.purl.org/pii/usa/county/profiles
>>> Ok so here I guess you are trying to link to a profile on data on influenza.
>>> The company publishing this data is securewebexchange.com again.
>>> Who is that company? Can I rely on them? How do I know? What legal
>>> jurisdiction are they in? Are they really in florida or did they have
>>> a PO box there, and are actually remote? What is their financial situation?
>>> In short why should I trust the data there?
>>> 
>>> Furthermore part of the data is loaded from a different site, so that
>>> the browser gives me a warning as to the security of it.
>>> 
>>> The smileys on the page link to
>>> http://www.rustprivacy.org/2019/county/XHTML/45.40OK375.html
>>> 
>>> who are they? They also have an insecure connection my browser
>>> tells me. Whois tells me very little about the company behind
>>> the web site. It gives me an 0800 number and tells me it is in
>>> FL (Florida?). Are they in Medicine? Why should I trust their
>>> data?
>>> 
>>> So you gave me data that may be correct but that I can’t really use,
>>> because I have no idea what the agent making the claim is responsible
>>> for.
>>> 
>>> ——
>>> 
>>> Hopefully that helps make clear why the Web of Nations institutional
>>> web of trust is needed. :-)
>>> So thanks for the use case.
>>> 
>>> https://medium.com/@bblfish/use-cases-for-the-web-of-nations-361c24d5eaee
>>> 
>>> Henry Story
>>> 
>>>> 
>>>> On Sunday, March 15, 2020, 11:17:45 AM CDT, Henry Story <henry.story@gmail.com> wrote:
>>>> 
>>>> 
>>>> Hi all,
>>>> 
>>>>    ”Trust is the Oil of the Future” someone wrote
>>>> recently [1].
>>>> And so the question is how does one rebuild trust when,
>>>> at a global scale, peer to peer connections by themselves
>>>> cannot be enough. How can people who retweet some info
>>>> about say Covid19 know that the information comes from a
>>>> trusted  source? Indeed how do you know?
>>>> 
>>>>  I put together 10 use cases as to how Linked Data can
>>>> help here that cover everything from trusting small web sites,
>>>> to stopping phishing, to stemming fake news, helping
>>>> anchor verifiable claims, as well as help build less intrusive
>>>> interfaces for GDPR.
>>>> 
>>>> https://medium.com/@bblfish/use-cases-for-the-web-of-nations-361c24d5eaee
>>>> 
>>>> I’d be interested in any comments on this, and look forward to
>>>> adding any ideas that I may have missed.
>>>> 
>>>> Henry Story
>>>> 
>>>> [1] https://twitter.com/GarethPresch/status/1239144639782891520
>>> 
> 

Received on Monday, 16 March 2020 17:56:02 UTC