Re: Web Identity 1.0 -- Draft Spec

I'm not sure a person is adequately described by a webid. I think a webid is a reference, but moreover a tls/rdf enabled agent.

The web identity spec tries to describe a person, but it's not in a "walled garden environment", so the natural "gates" or "fences" created by web2 domains, don't exist anymore.   I note in that picture used most frequently, each wall has a brand hung from it, whilst "people" are climbing from one "walled space" to another.

The old systems are company or website centric (relational db), but semantic web needs to be user-centric.  We've got a bunch of keys on our key rings, and a bunch of cards in our wallets, and that's a good thing: most people don't carry their passports with them unless their travelling.

The WebID method provides a way of authorising a computer, and when there's a bunch of webid enabled certs, it starts to get confusing.  When machines are used by more than one person, I can only imagine it getting worse. 

Web identity only really caters for one identity: same as Facebook,  g+, apple, etc.  This does centralise the data; but means if you want to create a new "persona", data isn't easily transferable, even though in real life your the same person.  If you try to create a new Facebook or google account and transfer your data, you might start to see the problem.. 

I think In computer science terms for semantic internet: persona is the public representation of self used to interact.   A persona can be highly secure, with a bunch of sophisticated access control methods (ie: getting a new drivers license, or a passport application, etc.) through to anonymous (public, noid referenced).

Using identity and rww-storage (ldp, etc.) tim might have one main storage location,  he might have a bunch.  The ironman scene where he says "keep it on my private server" comes to mind. 

Timbl@w3c should probably say something along the lines if "chairman" and outline projects: timbl@home, might have family photos, personal accounts, digital deeds, method to get his car keys reissued if he looses them...  

I imagine though, that the webid used for w3c can't be used to open the garage door at home: and perhaps, supports lower resolution of GPS data: linked to his work details, not his personal details, perhaps with different contact settings, interacting with voicemail systems, etc.

Perhaps there should be an owl:OwnedBy reference, as the SameAs doesn't really apply, unless applied upon an element, rather than a record, when considering the different roles we facilitate in life, and how to apply them to the entity, which is the person: not any machine nor software tool used, for whatever purpose. 

The idea of unfettered access to identity is kinda what we're trying to move away from,  I think one of the missing links is the concept of "personas"

http://en.wikipedia.org/wiki/Persona


Sent from my iPad

> On 9 Jan 2014, at 5:17 pm, Henry Story <henry.story@bblfish.net> wrote:
> 
> The Persona distinction you want to draw can be made by distinguishing between sense and
> reference. If a same person has 3 WebIDs, for sake of example let us say:
> 
>    - http://tim.example/#me
>    - http://example.org/tim#i
>    - http://www.w3.org/People/Berners-Lee/card#i
> 
>  with accompanying WebID profiles, then as shown by the picture
>  in the overview section of the spec:
> 
> https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/identity-respec.html#overview
> 
> each of these URIs _refers_ to the same person ( as per hypothesis  Tim Berners Lee), 
> yet each  of them will have 3 different senses. The sense arrow will point to three different points in
> three different NamedGraphs.
> 
> ( Note: I have updated the graph so that the sense  arrow now points to the #i of Tim
>  in the W3C graph. So it is a Point-In-a-Named-Graph ( if people have better ideas
> for how to call this please let me know )).
> 
> The sense of each of the WebIDs is different. That is why the WebIDs can be used as
> three different personas for the same person. The distinct Persona's won't be very useful 
> as distinct persona's if of course each of the three documents asserts the
> owl:sameAs relation between them, as reasoning engines will then find information about each 
> of them quite easily (assuming there are no access control retrictions on each of the documents, 
> in which case reasoning engines might put that relation into doubt ). 
> 
> The advantage of this sense notion of Personas is that a person could later also owl:sameAs personas
> together to make a "coming out" statement one day.
> 
> Henry
> 
> 
>> On 9 Jan 2014, at 04:27, Timothy Holborn <timothy.holborn@gmail.com> wrote:
>> 
>> re: G+[1] i agree with Kingsley almost; and the underlying differentiation, is in seeking to define 'persona' as a separate 'identity' for the purpose of identity management. 
>> 
>> Some ideas (sorry for the length; ideas are still draft).
>> 
>> WEBID
>> There's a couple of different sorts of 'things' that interact.  WebID seems to make the most sense for 'things that speak internet' (and knows what to do with a cert).  WebID [2] seems to provide a method to deploy x509 with RDF, which is beneficial for IoT / WoT; therefore reinforcing identity / privacy methods, especially when applied to an RWW Account (LDP / RDF + storage + base services). 
>> 
>> Web We (DON'T) WANT
>> Web2 creates multiple persona via www.mysocialnetwork.com + www.myonlinemail.com + etc. 
>> 
>> However the aggregation method poorly supports user persona. 
>> 
>> using a historically fabricated example; if 1950's social issues were applied to facebook...
>> 
>> 1. I think Indigenous Australians[4] should be entitled to human rights, discuss it widely
>> 2. Met girl in drama class; Girl got pregnant, i'm poor and Anglican she's 18 in a well-off catholic family who wants to send her interstate to have the child, then leave it to be adopted out; then come back to uphold the family reputation.
>> 3. I like to do a bunch of political work for a political party, thinking i can contribute
>> 4. I've got a gold mining plot
>> 5. I'm learning about geology, to help me with my mining ideas of becoming wealthy
>> 6. I live in a small community. 
>> 
>> In that type of fabricated example; my desire to help black people get human rights might prevent me from politically participating, and the police might even take the gold mining plot.  Whilst i might love the girl, her family may uphold the views of the time; and to care for her needs, i might get all 'dressed-up' and see about finding a path that could mean we could be a couple, and she could retain her relationship with family; as i'm not sure if there's gold in that mine, or when i'll be able to bank it (especially due to my personal beliefs about human rights). 
>> 
>> The situation with the girl is tenuous, the community is small, i don't want to compromise my moral fiber but it's important i finish school so i've got a better chance at making the mining thing work; and i love the girl and need to figure out how we can support the child, so i'll need a bigger house and more income. 
>> 
>> SO:  In todays example, these types of elements are all mixed together into one 'identity' rather than a mixture of 'persona elements'.  if Facebook existed then; the family would look me up, find out I've got these strange ideas about human rights (indigenous Australian heritage isn't pretty), i'd then get queried on google; the names and resources shared with others, and the likely hood i could sort out the situation in the interests of the girl, the child or myself - may be damaged irrecoverably because 'persona' (or privacy) is not applied to these centralised systems. 
>> 
>> Of course that example, applies concepts which are now well accepted; and so the behavioral consequences of socializing that type of case-study is different once some of the 'current issues' of the time have been resolved, down the track.   This may be termed 'speculation' at the time; or gambling, perhaps - but if all such information were available at the time for people involved with changing some of those social issues - in a manner such as is expressed in facebook networks, google searches, etc. i'm not sure those people would have as easily (not saying it was easy at the time) found means to create change, in whatever way they did at the time. 
>> 
>> Whilst the material descriptions of 'current issues' (or emerging issues) change overtime, the behavioral processes do not; I think the 'diffusion of innovations'[5] theory provides a reasonable graph; to show the underlying drivers for the behavioral process
>> 
>> Current web2 sites manage 'persona' by 'owning them' in a db, managed by the site owner ('intellectual or knowledge capital'?).  What web2 does provide, is the ability to create accounts on sites 1,2,3,etc. 
>> 
>> SO: When thinking about user-environments the 'philosophical' approach needs to both provide capacity for different authoritative models / mechanisms whilst also providing means for users to assign different knowledge graphs; in effect, be capable of recognizing persona as a personal (identity related) transnational 'agent', where applied rules can be defined by an identity; upon an array of persona, and related assets / links.
>> 
>> PERSONA
>> Given a person is a person; and we're not playing TRON - the idea is that the online equivalent isn't an identity, but an interactive persona; of which any person will likely have a multitude to represent the role they play as an actor in a social-web. 
>> 
>> underlying the concept; is a philosophical consideration that identity is actually a private concept. 
>> 
>> identity is offline; but we use 'tools' (things) to interactively authenticates into web environments; where in-turn we create persona related elements or documents.  persona is interactive, directive via identity & interactive with agents.  An identity can have a multitude of persona, which is in-turn becomes bonded to identities using parameters set-out in persona doctrine; perhaps technically; authenticated via 'identity chains'.
>> 
>> IDENTITY CHAINS
>> 1.  An identity chain is a predefined process for authentication that may interact with agents and actors, 
>> 1.1 Described using RDF; and,
>> 1.2 Designed to interact with WebID enabled services.
>> 1.3 can provide a 'security level' analysis (trust levels?)
>> 
>> The level of security is defined by the elements and processes defined in the chain, rather than by specific agent as an independent 'authority' managing or addressing the actor (subject to law of course).
>> 
>> In theory; if i need to interactively call a bunch of people whilst interacting with specific URI's simultaniously to verbally parse info; and link that info back to an array of devices, in a sophisticated realtime methodology; then the key infrastructure for whatever i'd want to 'lock' using that type of design, would be more secure than simply a userid/pass on a machine with or without webid. 
>> 
>> without defining or prescribing the method used in a chain; it is simply the idea of a chain, that seems to make some sense to me overall.   Whether it be in creating an initial identity system in a manner that is least reliant on existing AUTH providers; or the ongoing use of accounts, that depend on compatible identity services. An identity chain method should be capable of providing a GUI where a user can create a method themselves, using resources, in a secure environment.
>> _________________________________________________________________________________
>> 
>> RWW-AUTH
>> It makes little sense to have a multitude of 'competing' AUTH standards; both methods have different purposes, which should work well together.  
>> 
>> Theoretically; someone sets-up an identity chain with a persona that lives on 'my knowledge banking account - which means an RWW Server somewhere...  I have enabled WebID, which means agents I create, authorized links (ACLS) and have a network of x509 certs they use to be authorized agents (WAC[3]) when undertaking a task interacting with with other agents.  
>> 
>> Basic Example An addresscard (basic kind of foaf profile) where persona1 (home) gives personal details[6] and persona2(work) gives business card; or allowing a friend to browse your photos with ACL info provided earlier. 
>> 
>> RWW/SemWebCommons
>> Another interesting example; is that a deceased person may have a WebID; for the purpose of 'linking records', much like any other flora, fauna or subjective concept; but in-turn, who owns the deceased persons WebID? does it live in a 'commons' territory?  how does it interact with Web Identity and/or persona? problem is of course; that some form of auth. is needed to ensure data / info is reliable and adaptable; yet an array of 'things' are 'commons' property (meaning, human knowledge which should be free, easily accessible and update-able or link-able).  It seems 'reputation' may need to play a role, and i'm not sure how that can be defined or managed yet. 
>> 
>> APPLICATION CONSIDERATIONS: PRIVATE EXAMPLES with a multitude of 'PERSONA' 
>> 
>> PERSONA 1: HOME / FAMILY - Home Shopping
>> I've applied to my account that i use my phone to get my digital receipts; which means i tap my phone at the register and click ok; on my phone.  if i forget my phone, i can use the RFID 'key' in my pocket.
>> 
>> I needed to get some toilet paper for the office; so assign that from my personal 'persona' to my work 'persona' for accounting purposes.
>> 
>> Don't like electronic check-outs, so i always go visit the check-out person (I think morally, supermarkets should employ people). 
>> 
>> PERSONA 2: Employment role 1 ('company persona')
>> 
>> COMPANY CAR
>> I drive my Tesla Model S; go park somewhere when going to work, and plug it in; I authorise when i'm in the car; tell it to do the integrated approach and pay for the parking and the power; i then go home, plug in the car; and set 50% of the battery charge to 'grid utility' (to stablise the grid, because solar panels don't generate much energy at night, and my trip to work tomorrow is only a 15 minutes drive.
>> 
>> My company persona, links to my home persona and its electricity account; the battery is leased as part of the energy equipment & services agreement with the car (allowing me to drop the battery out on a long-trip) and the account is managed by the business.  The business doesn't pay for my home electricity bill, so the accounts are offset using WebID's connected to different agents; in whatever business model is applied (cars stablising grids obtain 'feed in tariff's' for example).
>> 
>> Next day; i goto a cafe; my ipad connects using my webid to the cafe's hotspot, asks me about billing and connects me to the net billing to an account connected to my webid.  
>> 
>> Work doesn't pay for internet on my ipad because i like BYOD (like my logs to stay on my account); however it's a meeting, so i can assign the receipt to my business persona - for taxation purposes. 
>> 
>> Company gives me a tag to pay for coffee with clients though, so i use that and the digital receipt is assigned to the company, relating to the persona 'linked' to my identity. 
>> 
>> SUMMARY
>> We need to express persona. The examples above try to provide a bunch of situations where the ability to share persona in semantic web use-cases; is as important as being able to protect privacy, in-order to maintain liberty and privacy through identity services. The model therein; follows real-world examples, considering the 'units' expressed, and the difference between a persons intent to share 'identity' vs. 'persona' when interacting with others, in an array of different circumstances; for which, an identity should be made capable of defining themselves (rather than having definitions subjectively pushed upon them).. 
>> 
>> [1] https://plus.google.com/u/0/+ManuSporny/posts/94fooRHDb6T -- Manu's post
>> [2] https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/identity-respec.html -- WebID spec 
>> [3] http://www.w3.org/wiki/WebAccessControl
>> [4] http://en.wikipedia.org/wiki/Indigenous_Australians
>> [5] http://en.wikipedia.org/wiki/Diffusion_of_innovations
>> [6] http://linkeddata.github.io/rdflib.js/example/people/social_book.html
>> 
>>> On 9 January 2014 00:04, Kingsley Idehen <kidehen@openlinksw.com> wrote:
>>>> On 1/7/14 11:22 PM, Melvin Carvalho wrote:
>>>> 
>>>> This spec has been updated and fleshed out quite a bit.  Section 4 now includes reading, writing, access control, signatures, claims and endorsements.
>>>> 
>>>> https://web-payments.org/specs/source/web-identity/
>>> 
>>> This spec, as per comments I made to Manu on his G+ thread [1], currently doesn't acknowledge the fact that a WebID is an HTTP URI that denotes an agent. To avert confusion, it is really important that we have a common understanding of what the term WebID denotes. 
>>> 
>>> Accepting the established definition of WebID [2] is compatible with "Web Identity 1.0" once some tweaks are made to existing term definitions, basically we end up with:
>>> 
>>> identifier
>>> An HTTP URI that denotes an entity.
>>> 
>>> identity card
>>> Information that can be used to identify a particular entity such as a person, animal, or organization.
>>> 
>>> identity card owner
>>> An entity that is in control of a particular identity card. 
>>> 
>>> identity card provider (or host)
>>> A website providing access to an identity or set of identities.
>>> 
>>> requestor
>>> A user agent that is requesting to access and/or modify an identity.
>>> 
>>> Links:
>>> 
>>> [1] https://plus.google.com/u/0/+ManuSporny/posts/94fooRHDb6T -- Manu's post
>>> [2] https://dvcs.w3.org/hg/WebID/raw-file/tip/spec/identity-respec.html -- WebID spec (*which is currently marooned in this pre official release state*). 
>>>  -- 
>>> 
>>> Regards,
>>> 
>>> Kingsley Idehen	      
>>> Founder & CEO 
>>> OpenLink Software     
>>> Company Web: http://www.openlinksw.com
>>> Personal Weblog: http://www.openlinksw.com/blog/~kidehen
>>> Twitter Profile: https://twitter.com/kidehen
>>> Google+ Profile: https://plus.google.com/+KingsleyIdehen/about
>>> LinkedIn Profile: http://www.linkedin.com/in/kidehen
>>> 
>>> 
>>> 
>>> 
> 
> Social Web Architect
> http://bblfish.net/
> 

Received on Thursday, 9 January 2014 07:25:22 UTC