W3C home > Mailing lists > Public > public-webid@w3.org > October 2012

RE: Browser UI & privacy - a discussion with Ben Laurie

From: Brandt Dainow <bd@thinkmetrics.com>
Date: Thu, 4 Oct 2012 17:58:35 +0100
To: "'Kingsley Idehen'" <kidehen@openlinksw.com>, "'Hannes Tschofenig'" <hannes.tschofenig@gmx.net>
Cc: "'Melvin Carvalho'" <melvincarvalho@gmail.com>, "'Henry Story'" <henry.story@bblfish.net>, <public-webid@w3.org>, <public-identity@w3.org>, <public-philoweb@w3.org>, "'Ben Laurie'" <benl@google.com>
Message-ID: <01ea01cda251$7e6ff6d0$7b4fe470$@thinkmetrics.com>
Hi - I'm coming into this discussion late, and though I've tried to catch
up, please forgive me if you think I've missed something in earlier stages
of the debate.  However, as a philosopher concerned with online ethics (as
well as a web analyst), I'm disturbed by the tone of this discussion, so I'm
throwing in my point:

The idea that a person can be treated like a computing resource is
questionable.  It sounds like instrumentalism - treating people as things,
which is the starting point of most human evil.  The principle that an
identifier in one system is portable to others refers to computing
resources, not human beings.  There are no principles in web computing which
were ever intended to apply to people.  This is why initiatives like WebID
exist at all - they are trying to compensate for the fact the internet has
nothing within it pertaining to humans.  

The concept of a "reputation footprint" is also highly debatable.
Personally, I find the idea that I would have a single online profile,
uniting all my web activities, and traceable back to the real human me, as
horrifically totalitarian, and a step backward.  I don't have such a
limitation in the real world.  I can be anonymous when I walk the city,
enter shops, and pay by cash.  I can conceal my religious or political
beliefs from my workmates, so as to avoid being judged by them on irrelevant
criteria, or simply because I want to live privately.  I can decide my life
has been a mess, then move to a new city, where no one knows me, and start
afresh, my previous history forgotten.  We must have the same level of
forgetfulness on the web, the same ability to split our activities and
present only partial views of ourselves to different groups.  These are
fundamental aspects of human existence which have remained for thousands of
years.  They enable us to work and socialise with others who we otherwise
would be in conflict with.

Organisations are different.  They are not people.  Any initiative which
treats organisations, documents and human beings as the same is denying the
essential dignity of the individual, and their right to chose how openly or
privately they wish to live.  I can understand why I might want a system
which enables me to lock my identity to a resource, but that should be a
voluntary system, and it should enable me to have multiple WebID's (or
equivalent), and it should permit me to keep my personal identity totally
anonymous.  

WebId is a particularly dangerous concept.  It totally depends on the
unbreakability of the private key.  Does anyone in this group seriously
believe there's such a thing as unbreakable encryption, or a flawless
computing system?  If people trust WebID's, what chance do you think anyone
will have of convincing the world their WebID has been faked or hijacked, or
their certificate stolen, etc?  If WebID was used for government, financial
or employment purposes, what harm could fall on someone under such
circumstances? The same is true of any computing system which seeks to lock
an IT resource to a real person.  The connection between the two will always
be problematic and untrustworthy.

In terms of online privacy, we cannot possibly imagine what use nasty people
will make of personal data 10, 20, or 50 years from now.  We simply cannot
know what technology or business models people will invent.  All we can be
sure of is that stuff we can't imagine now will dominate the web of the
future.  This means we can't argue in terms of trying to achieve specific
effects, because we can't know what the full range of effects will be.  The
only solution is to focus on avoiding the potential for harm.  This means we
must take a fantastically conservative attitude to online privacy, and
resist every attempt to reduce it.  In this light, one has to ask - where
are the anonymity initiatives?  Where's my IP-rotation plug-in, my user
agent obfuscation add-on, etc?

The web is a fairly good thing as it is.  Before we seek to "improve" it, we
need to be absolutely certain we are addressing a genuine problem and that
the solution won't harm more than it helps.  In the larger context, this
means "Web-scale verifiable identity" should be no more than a minor item of
optional technology used by a few people for specific purposes.  It should
be enacted in a manner which is aware nasty people and governments could
force it on people as  a means of exploitation and control, which means
making it hard to manage centrally and avoiding uniform standards.  The
emphasis should always be on the avoidance of possible harm, even if this
means not getting the best technology.


Regards,
Brandt Dainow
bd@thinkmetrics.com
www.thinkmetrics.com
PH (UK): (020) 8123 9521
PH (USA): (801) 938 6808
PH (IRELAND): (01) 443 3834
iMedia Articles: www.imediaconnection.com/profiles/brandt.dainow
 
This email and any attachments are confidential and may be the subject of
legal privilege. Any use, copying or disclosure other than by the intended
recipient is unauthorised. If you have received this message in error,
please delete this message and any copies from your computer and network.

Whilst we run anti-virus software on all e-mails the sender does not accept
any liability for any loss or damage arising in any way from their receipt
or use. You are advised to run your own anti-virus software in respect of
this e-mail and any attachments. 
 



-----Original Message-----
From: Kingsley Idehen [mailto:kidehen@openlinksw.com] 
Sent: 04 October 2012 16:59
To: Hannes Tschofenig
Cc: Melvin Carvalho; Henry Story; public-webid@w3.org;
public-identity@w3.org; public-philoweb@w3.org; Ben Laurie
Subject: Re: Browser UI & privacy - a discussion with Ben Laurie

On 10/4/12 11:10 AM, Hannes Tschofenig wrote:
> Hi Melvin,
>
> On Oct 4, 2012, at 4:49 PM, Melvin Carvalho wrote:
>
>> I think the aim is to have an identity system that is universal.  The web
is predicated on the principle that an identifier in one system (eg a
browser) will be portable to any other system (eg a search engine) and vice
versa.  The same principle applied to identity would allow things to scale
globally.  This has, for example, the benefit of allowing users to take
their data, or reputation footprint when them across the web.  I think there
is a focus on WebID because it is the only identity system to date (although
yadis/openid 1.0 came close) that easily allows this.  I think many would be
happy to use another system if it was global like WebID, rather than another
limited context silo.
> I think there is a lot of confusion about the difference between
identifier and identity. You also seem to confuse them.
>
> Here is the difference:
>
>     $ Identifier:   A data object that represents a specific identity of
>        a protocol entity or individual.  See [RFC4949].
>
>   Example: a NAI is an identifier

A data object is denoted by an identifier. The representation of a data 
object is a graph. An data object identifier can resolve to said data 
objects representation.

A Web accessible profile document is an example of a data object.

On the Web a profile document can be denoted by an HTTP URI/URL. In 
addition, the subject (which can be *anything*) of a profile document 
can also be denoted by an HTTP URI. Basically, this is what the Linked 
Data meme [1]  by TimBL is all about. Note, WebID is fundamentally an 
application of Linked Data principles specifically aimed at solving the 
problem of Web-scale verifiable identity for people, organizations, 
software, and other conceivable entities.

>
>     $ Identity:   Any subset of an individual's attributes that
>        identifies the individual within a given context.  Individuals
>        usually have multiple identities for use in different contexts.
>
>   Example: the stuff you have at your Facebook account
>
> To illustrate the impact for protocols let me try to explain this with
OpenID Connect.
>
> OpenID Connect currently uses SWD (Simple Web Discovery) to use a number
of identifiers to discover the identity provider, see
http://openid.net/specs/openid-connect-discovery-1_0.html
>
> The identifier will also have a role when the resource owner authenticates
to the identity provider. The identifier may also be shared with the relying
party for authorization decisions.
>
> Then, there is the question of how you extract attributes from the
identity provider and to make them available to the relying party. There,
very few standards exist (this is the step that follows OAuth). The reason
for the lack of standards is not that it isn't possible to standardize these
protocols but there are just too many applications. A social network is
different from a system that uploads data from a smart meter. Facebook, for
example, uses their social graph and other services use their own
proprietary "APIs" as well.
>
> This is the identity issue.
>
> You are mixing all these topics together. This makes it quite difficult to
figure out what currently deployed systems do not provide.

Henry isn't mixing up the issues. What might be somewhat unclear to you 
is the critical role played by Linked Data, and the fact that a WebID is 
just a cryptographically verifiable denotation mechanism (an identifier) 
for people, organizations, software agents, and other real world 
entities that aren't Web realm data objects (or documents).

Linked Data introduces a power nuance that enables you leverage 
*indirection* via the use of HTTP URIs to unambiguously denote a Web 
realm data object (e.g., a profile document) and a real world entity 
(that's the subject of the profile document) described by said data 
object. Net effect, either denotation resolves to the same document 
content (actual data or Web resource). The documents in this context are 
comprised of RDF data model based structured content i.e., an 
entity-attribute-value or subject-predicate-object graph.

Also note that WebID and OpenID bridges already exist in the wild that 
work, and these serve as powerful demonstrations of the value that WebID 
brings to bear.

Links:

1. http://www.w3.org/DesignIssues/LinkedData.html -- Linked Data meme
2. http://bit.ly/OcbR8w -- WebID+OpenID proxy service showing how 
password authentication is eliminated from the OpenID flow via WebID
3. http://bit.ly/PcQg38 -- screenscast showcasing the combined prowess 
of OpenID and WebID.


Kingsley

>
> Ciao
> Hannes
>
>
>
>


-- 

Regards,

Kingsley Idehen	
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen
Received on Thursday, 4 October 2012 16:59:13 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:54:37 UTC