W3C home > Mailing lists > Public > public-webid@w3.org > October 2012

Re: Browser UI & privacy - a discussion with Ben Laurie

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Thu, 4 Oct 2012 19:11:11 +0200
Message-ID: <CAKaEYhKnUqVQsk6fEYU-88bv=u=hzAEmzLX_XyfG-pi3=fFxxA@mail.gmail.com>
To: bd@thinkmetrics.com
Cc: Kingsley Idehen <kidehen@openlinksw.com>, Hannes Tschofenig <hannes.tschofenig@gmx.net>, Henry Story <henry.story@bblfish.net>, public-webid@w3.org, public-identity@w3.org, public-philoweb@w3.org, Ben Laurie <benl@google.com>
On 4 October 2012 18:58, Brandt Dainow <bd@thinkmetrics.com> wrote:

> Hi - I'm coming into this discussion late, and though I've tried to catch
> up, please forgive me if you think I've missed something in earlier stages
> of the debate.  However, as a philosopher concerned with online ethics (as
> well as a web analyst), I'm disturbed by the tone of this discussion, so
> I'm
> throwing in my point:
>
> The idea that a person can be treated like a computing resource is
> questionable.  It sounds like instrumentalism - treating people as things,
> which is the starting point of most human evil.  The principle that an
> identifier in one system is portable to others refers to computing
> resources, not human beings.  There are no principles in web computing
> which
> were ever intended to apply to people.  This is why initiatives like WebID
> exist at all - they are trying to compensate for the fact the internet has
> nothing within it pertaining to humans.
>
> The concept of a "reputation footprint" is also highly debatable.
> Personally, I find the idea that I would have a single online profile,
> uniting all my web activities, and traceable back to the real human me, as
> horrifically totalitarian, and a step backward.  I don't have such a
> limitation in the real world.  I can be anonymous when I walk the city,
> enter shops, and pay by cash.  I can conceal my religious or political
> beliefs from my workmates, so as to avoid being judged by them on
> irrelevant
> criteria, or simply because I want to live privately.  I can decide my life
> has been a mess, then move to a new city, where no one knows me, and start
> afresh, my previous history forgotten.  We must have the same level of
> forgetfulness on the web, the same ability to split our activities and
> present only partial views of ourselves to different groups.  These are
> fundamental aspects of human existence which have remained for thousands of
> years.  They enable us to work and socialise with others who we otherwise
> would be in conflict with.
>

A reputation footprint need not imply a single identity.  With the "sameAs"
concept you can tie identities together in a transparent way.  There are
also techniques to tie identities together in a more private way, such as
ACLs, hashing and "zero knowledge proofs".


>
> Organisations are different.  They are not people.  Any initiative which
> treats organisations, documents and human beings as the same is denying the
> essential dignity of the individual, and their right to chose how openly or
> privately they wish to live.  I can understand why I might want a system
> which enables me to lock my identity to a resource, but that should be a
> voluntary system, and it should enable me to have multiple WebID's (or
> equivalent), and it should permit me to keep my personal identity totally
> anonymous.
>
> WebId is a particularly dangerous concept.  It totally depends on the
> unbreakability of the private key.  Does anyone in this group seriously
> believe there's such a thing as unbreakable encryption, or a flawless
> computing system?  If people trust WebID's, what chance do you think anyone
> will have of convincing the world their WebID has been faked or hijacked,
> or
> their certificate stolen, etc?  If WebID was used for government, financial
> or employment purposes, what harm could fall on someone under such
> circumstances? The same is true of any computing system which seeks to lock
> an IT resource to a real person.  The connection between the two will
> always
> be problematic and untrustworthy.
>
> In terms of online privacy, we cannot possibly imagine what use nasty
> people
> will make of personal data 10, 20, or 50 years from now.  We simply cannot
> know what technology or business models people will invent.  All we can be
> sure of is that stuff we can't imagine now will dominate the web of the
> future.  This means we can't argue in terms of trying to achieve specific
> effects, because we can't know what the full range of effects will be.  The
> only solution is to focus on avoiding the potential for harm.  This means
> we
> must take a fantastically conservative attitude to online privacy, and
> resist every attempt to reduce it.  In this light, one has to ask - where
> are the anonymity initiatives?  Where's my IP-rotation plug-in, my user
> agent obfuscation add-on, etc?
>
> The web is a fairly good thing as it is.  Before we seek to "improve" it,
> we
> need to be absolutely certain we are addressing a genuine problem and that
> the solution won't harm more than it helps.  In the larger context, this
> means "Web-scale verifiable identity" should be no more than a minor item
> of
> optional technology used by a few people for specific purposes.  It should
> be enacted in a manner which is aware nasty people and governments could
> force it on people as  a means of exploitation and control, which means
> making it hard to manage centrally and avoiding uniform standards.  The
> emphasis should always be on the avoidance of possible harm, even if this
> means not getting the best technology.
>
>
> Regards,
> Brandt Dainow
> bd@thinkmetrics.com
> www.thinkmetrics.com
> PH (UK): (020) 8123 9521
> PH (USA): (801) 938 6808
> PH (IRELAND): (01) 443 3834
> iMedia Articles: www.imediaconnection.com/profiles/brandt.dainow
>
> This email and any attachments are confidential and may be the subject of
> legal privilege. Any use, copying or disclosure other than by the intended
> recipient is unauthorised. If you have received this message in error,
> please delete this message and any copies from your computer and network.
>
> Whilst we run anti-virus software on all e-mails the sender does not accept
> any liability for any loss or damage arising in any way from their receipt
> or use. You are advised to run your own anti-virus software in respect of
> this e-mail and any attachments.
>
>
>
>
> -----Original Message-----
> From: Kingsley Idehen [mailto:kidehen@openlinksw.com]
> Sent: 04 October 2012 16:59
> To: Hannes Tschofenig
> Cc: Melvin Carvalho; Henry Story; public-webid@w3.org;
> public-identity@w3.org; public-philoweb@w3.org; Ben Laurie
> Subject: Re: Browser UI & privacy - a discussion with Ben Laurie
>
> On 10/4/12 11:10 AM, Hannes Tschofenig wrote:
> > Hi Melvin,
> >
> > On Oct 4, 2012, at 4:49 PM, Melvin Carvalho wrote:
> >
> >> I think the aim is to have an identity system that is universal.  The
> web
> is predicated on the principle that an identifier in one system (eg a
> browser) will be portable to any other system (eg a search engine) and vice
> versa.  The same principle applied to identity would allow things to scale
> globally.  This has, for example, the benefit of allowing users to take
> their data, or reputation footprint when them across the web.  I think
> there
> is a focus on WebID because it is the only identity system to date
> (although
> yadis/openid 1.0 came close) that easily allows this.  I think many would
> be
> happy to use another system if it was global like WebID, rather than
> another
> limited context silo.
> > I think there is a lot of confusion about the difference between
> identifier and identity. You also seem to confuse them.
> >
> > Here is the difference:
> >
> >     $ Identifier:   A data object that represents a specific identity of
> >        a protocol entity or individual.  See [RFC4949].
> >
> >   Example: a NAI is an identifier
>
> A data object is denoted by an identifier. The representation of a data
> object is a graph. An data object identifier can resolve to said data
> objects representation.
>
> A Web accessible profile document is an example of a data object.
>
> On the Web a profile document can be denoted by an HTTP URI/URL. In
> addition, the subject (which can be *anything*) of a profile document
> can also be denoted by an HTTP URI. Basically, this is what the Linked
> Data meme [1]  by TimBL is all about. Note, WebID is fundamentally an
> application of Linked Data principles specifically aimed at solving the
> problem of Web-scale verifiable identity for people, organizations,
> software, and other conceivable entities.
>
> >
> >     $ Identity:   Any subset of an individual's attributes that
> >        identifies the individual within a given context.  Individuals
> >        usually have multiple identities for use in different contexts.
> >
> >   Example: the stuff you have at your Facebook account
> >
> > To illustrate the impact for protocols let me try to explain this with
> OpenID Connect.
> >
> > OpenID Connect currently uses SWD (Simple Web Discovery) to use a number
> of identifiers to discover the identity provider, see
> http://openid.net/specs/openid-connect-discovery-1_0.html
> >
> > The identifier will also have a role when the resource owner
> authenticates
> to the identity provider. The identifier may also be shared with the
> relying
> party for authorization decisions.
> >
> > Then, there is the question of how you extract attributes from the
> identity provider and to make them available to the relying party. There,
> very few standards exist (this is the step that follows OAuth). The reason
> for the lack of standards is not that it isn't possible to standardize
> these
> protocols but there are just too many applications. A social network is
> different from a system that uploads data from a smart meter. Facebook, for
> example, uses their social graph and other services use their own
> proprietary "APIs" as well.
> >
> > This is the identity issue.
> >
> > You are mixing all these topics together. This makes it quite difficult
> to
> figure out what currently deployed systems do not provide.
>
> Henry isn't mixing up the issues. What might be somewhat unclear to you
> is the critical role played by Linked Data, and the fact that a WebID is
> just a cryptographically verifiable denotation mechanism (an identifier)
> for people, organizations, software agents, and other real world
> entities that aren't Web realm data objects (or documents).
>
> Linked Data introduces a power nuance that enables you leverage
> *indirection* via the use of HTTP URIs to unambiguously denote a Web
> realm data object (e.g., a profile document) and a real world entity
> (that's the subject of the profile document) described by said data
> object. Net effect, either denotation resolves to the same document
> content (actual data or Web resource). The documents in this context are
> comprised of RDF data model based structured content i.e., an
> entity-attribute-value or subject-predicate-object graph.
>
> Also note that WebID and OpenID bridges already exist in the wild that
> work, and these serve as powerful demonstrations of the value that WebID
> brings to bear.
>
> Links:
>
> 1. http://www.w3.org/DesignIssues/LinkedData.html -- Linked Data meme
> 2. http://bit.ly/OcbR8w -- WebID+OpenID proxy service showing how
> password authentication is eliminated from the OpenID flow via WebID
> 3. http://bit.ly/PcQg38 -- screenscast showcasing the combined prowess
> of OpenID and WebID.
>
>
> Kingsley
>
> >
> > Ciao
> > Hannes
> >
> >
> >
> >
>
>
> --
>
> Regards,
>
> Kingsley Idehen
> Founder & CEO
> OpenLink Software
> Company Web: http://www.openlinksw.com
> Personal Weblog: http://www.openlinksw.com/blog/~kidehen
> Twitter/Identi.ca handle: @kidehen
> Google+ Profile: https://plus.google.com/112399767740508618350/about
> LinkedIn Profile: http://www.linkedin.com/in/kidehen
>
>
>
>
>
>
>
Received on Thursday, 4 October 2012 17:11:47 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:54:37 UTC