- From: Thomas Roessler <tlr@w3.org>
- Date: Fri, 23 Jul 2010 17:42:34 +0200
- To: ashok.malhotra@oracle.com
- Cc: Thomas Roessler <tlr@w3.org>, public-vision-core <public-vision-core@w3.org>
On 23 Jul 2010, at 17:17, ashok malhotra wrote: > Let me comment on three items: > > 1. Privacy. To the man on the street privacy and security may be the two biggest problems with the Web. > OASIS is starting a TC on a privacy model. Charter is at http://www.oasis-open.org/committees/process-2009-07-30.php#formation That seems to be a link into the OASIS process document. Would you have a pointer to the charter? I'll add that one of the results in the workshop report will be that there are several ideas on the table, but a great deal of uncertainty about how deployable those ideas are. Structurally, they very much overlap with this piece: > This is a strong model where everytime a website wants some personal information it has > to indicate why it wants the information and request permission. Some feel this is too onerous and > recommend an alternate model where you indicate your privacy preferences (what data, who can see it, how long) > and the privacy preferences are carried along with the data. If they are violated, there are legal recourses. Can you say more about the extent to which the OASIS TC is doing concrete work, vs abstract modeling in the direction of ISO/IEC JTC 1 SC 37 WG 5's privacy model? > 2. Identity > Anyone can get an OpenId ... I have 3! But there is no way to verify if, indeed, what/who I claim to be is > accurate. This kind of Id is useful for single-sign on but it is not verified identity. The Social Security Office > will not accept it. So, should we try and start an agency that that provides verified identity? This should be > voluntary, so there is a means to verify your identity if you choose to provide it. The agency should keep > track of who requests your identity. The eGoverment folks may be interested. My take the fun out of online dating :-) Are you suggesting that this sort of assurance should be part of W3C's mission? Or are you suggesting that W3C should consider identity protocols part of of its mission?
Received on Friday, 23 July 2010 15:42:37 UTC