- From: Kingsley Idehen <kidehen@openlinksw.com>
- Date: Fri, 19 Aug 2016 09:30:35 -0400
- To: Adrian Hope-Bailie <adrian@hopebailie.com>
- Cc: public-webid <public-webid@w3.org>, Credentials Community Group <public-credentials@w3.org>, "public-rww@w3.org" <public-rww@w3.org>, business-of-linked-data-bold <business-of-linked-data-bold@googlegroups.com>
- Message-ID: <8c844903-140f-2298-cfb2-2bf389affbe9@openlinksw.com>
On 8/19/16 9:15 AM, Adrian Hope-Bailie wrote: > > End-users need to want to take control of their identity by being > curious about what that means and how its is achieved. Currently, most > aren't interested, so the vendors have full control. > > > As history teaches us, repeatedly, there will be an event that > triggers an inflection, and folks will become more interested in their > privacy en route to discovering Web-scale verifiable identity. > > +1000 > > You hit the nail on the head. > > The pressure must come from the users. I have called it the "privacy > backlash" in the past but I agree that there needs to be an inflection > point where users care more about their privacy than the quality of > the service they use because it will be very difficult to offer a > competitive service without the user-data generated revenue to fund it. > > All of this is very difficult while the vendors of the existing > services also provide the majority of browsers. Naturally. > > In the absence of the "privacy backlash" creating demand for new > vendors it would be valuable if the proponents of stacks like SoLiD > were able to demonstrate the business value to vendors so they feel > it's worth building on and trying to compete. Yes, applications are the key. The have to take the "magic" route initially. A car driver doesn't need education on mechanical engineering en route to purchase. They just want to know why this car is better than others, at a very high level. > > And it's worth differentiating between the value to the vendor and the > user because vendor lock-in is not a value to the vendor. Vendors build around stacks, so not being locked into an entire stack or its components affects their agility. > > Sidenote: I believe there could be something that comes from a new > browser like Brave that offers micropayments built-in and can therefor > compete commercially and offer users privacy and a better experience. > Perhaps a better identity experience built-in would also be a key > differentiator? You can improve the identity experience of existing browsers, as is. We do that already. [1] http://osds.openlinksw.com -- Open Structured Data Sniffer (note: the WebID toggling feature that works without browser TLS session restarts). Kingsley > > > On 19 August 2016 at 14:59, Kingsley Idehen <kidehen@openlinksw.com > <mailto:kidehen@openlinksw.com>> wrote: > > On 8/19/16 6:20 AM, Adrian Hope-Bailie wrote: >> Kingsley, >> >> I am playing devil's advocate here but I don't think you have >> answered my question. >> Gaining agility is not a business case. > > Enabling, enhancing, and achieving agility via data access, > integration, and management is a fundamental business case. If > that weren't the case, why would markets for Analytics, > Recommendation Systems, AI-driven Bots, Big Data etc., exists? > > It is always about data-driven agility. >> >> I am all for open standards, I spend the majority of my time >> working to promote them but I am still trying to understand what >> the economic incentive is for any service provider to adopt SoLiD >> as opposed to controlling their user's data. > > The economic benefit of open standards are as follows, always: > > 1. Flexibility -- when choosing platform components i.e, you can > mix and match a combination components in line with needs > 2. Vendor lock-in prevention > 3. Technology longevity -- you can always go back to a full spec > for a specific platform component. > > SoLiD isn't a standard, it is a combination of open standards and > best practices. Thus, its benefit is an open standards based > approach for a read-write web that benefits end-users and vendors. > > >> >> Google, Apple and Microsoft control the end-user experience for >> the majority of users on the Web by giving them free browsers, >> email, social etc. In return they make money from controlling the >> data those products and services generate. > > Correct! And history shows, companies don't adopt standards just > because they exists. They adopt standards as part of an > "opportunity cost" prevention or control mechanism, first. > >> >> Are you surprised that the browser vendors all actively block >> initiatives at W3C that would promote an open identity system >> that would unlock their user data silos? > > I am not convinced they are blocking initiatives per se. From my > vantage point, there is a general communication problems between > all the parties involved. For instance, there has been a lot of > fanfare about how browsers implement TLS and its impact on the > something like WebID+TLS protocol. That situation is rectified by > WebID+TLS+Delegation, but folks don't generally see or promote > that, on the pro WebID side of the argument. > > Bottom line, you can't declare standards adoption. You have > demonstrate the virtues of standards via applications that are > adopted by end-users and technology vendors. > >> There are always politically astute excuses but let's be honest, >> if the browsers wanted to they could have made adopting WebID an >> easy user friendly experience and the world would be full of >> people who all have their own WebID that is used to log into all >> the services they use on the Web. > > They don't need to. That's the problem. Here's a breakdown of the > issue, as I've come to understand it after hours of study and > experimentation: > > You have a digital highway provided by the Internet. That highway > (like in the real-world) enables movement of data from one point > to another where security is scoped to the agents (software) > transporting said data i.e., just like cars and car registration > numbers. > > The Web is an Internet abstraction that introduces the ability to > identify the user of an agent (like a car driver) distinct from an > agent (the software). Thus, you can demand reworking the highway > just because car drivers are now identifiable using their driver's > licenses. That will never wash in the real-world, so why would it > work in cyberspace. > > Example: > I want to transport some goods from Boston to New York. > The scenario above includes toll booths and a final destination. > > On the highway, my car registration is the identity focal point, > with regards to toll payments. When I reach my destination, my > personal identity card (license or something else) is how I prove > I am the delivery person expected at the final destination. > > Another example: I drive my car to a pub. At the pub my personal > ID is what's important. En route to the pub, my Car registration > is what's important. There are two distinct scenarios requiring > different kinds of identity. > > WebID+TLS doesn't have the fidelity required for traversing the > existing highway without asking its current maintainers > (Certificate Authorities and Browser Vendors) to change > infrastructure and practices. > > WebID+TLS+Delegation simply adds the "On-Behalf-Of" relationship > type to the mix (i.e., in the data) which distinguishes the user > from the software they use (drive) thereby enabling one toggle > WebIDs without browser restarts (due to TLS requirements) [1]. > >> >> I am certainly not assuming that these companies are ignorant or >> myopic, quite the opposite. I think they will continue to keep >> users locked into their semi-open ecosystems by competing to >> offer the best browsers (that mostly adhere to open standards) >> and other free services. But they will never change the many >> services they offer to allow users to export and control their >> own data. > > Power is never given. It has to be taken. End-users need to want > to take control of their identity by being curious about what that > means and how its is achieved. Currently, most aren't interested, > so the vendors have full control. > > As history teaches us, repeatedly, there will be an event that > triggers an inflection, and folks will become more interested in > their privacy en route to discovering Web-scale verifiable identity. > >> >> In fact, I'd go as far as to say that for them to do that would >> be in contravention of their legal obligations to their >> shareholders because it would be such a blatantly bad commercial >> move. > > You are oversimplifying a little bit. The issue, as per my > comments above, is more to do with end-users than vendors. The > obligation of the vendor is simply about ability in regards to > market inflections :) > > [1] > https://medium.com/virtuoso-blog/web-logic-sentences-and-the-magic-of-being-you-e2a719d01f73#.l0b1rvdsp > <https://medium.com/virtuoso-blog/web-logic-sentences-and-the-magic-of-being-you-e2a719d01f73#.l0b1rvdsp> > -- Demonstrates WebID toggling without Browser Restarts, courtesy > of WebID+TLS+Delegation > > > Kingsley >> >> >> >> On 18 August 2016 at 01:04, Kingsley Idehen >> <kidehen@openlinksw.com <mailto:kidehen@openlinksw.com>> wrote: >> >> Hi Adrian, >> >> On 8/16/16 8:51 AM, Adrian Hope-Bailie wrote: >>> What is the business case for a service provider to adopt Solid? >> >> There is always a business case for open standards, and it >> goes as follows: >> >> Agility to mix and match "best of class" technologies that >> underlie solutions, at any given point in time. >> >> When the Web's original open standards stack (URIs, URLs, >> HTTP, and HTML) arrived it unveiled the World Wide Web, an >> ecosystem that laid the foundation for Google, Facebook, >> Amazon, and many others. It also enabled behemoths like Apple >> (struggling badly at the time) to pivot and reinvent themselves. >> >>> >>> Why would Google, Facebook or anyone that build's their >>> business on user data choose to let users take that away? >> >> When the World Wide Web arrived, folks asked the question: >> Why would Microsoft allow anyone succeed without embracing >> their technology stack and related ecosystems. >> >> SoLiD is just a collection of existing open standards and >> best practices. >> >>> >>> Who will offer users a comparable service to these silos >>> that attracts them away but adopts Solid and can still make >>> enough money to survive competing with the biggest tech >>> companies in the world? >> >> See my comment about Microsoft and the World Wide Web. This >> is what happens with technology and industry evolution. >> Google and Facebook aren't static behemoths and they also >> understand history. Don't presume myopia and ignorance on the >> part of any of these companies, they have too many smart >> people on their payrolls. >>> >>> The point is not whether or not the architecture is easy the >>> point is whether it has the potential to make anybody any >>> money because if it doesn't then I think you will have a >>> hard time persuading people to use it, no matter how well it >>> scales. >> >> SoLiD scales and it simply adds dimensions to the Web >> ecosystem to be exploited by behemoths, startups, and smartups. >> >> New business and business models will coalesce around the >> Web's read-write dimension. That's an inevitability due to >> the nature of privacy. >> >> Kingsley >>> >>> On 15 August 2016 at 14:11, Melvin Carvalho >>> <melvincarvalho@gmail.com <mailto:melvincarvalho@gmail.com>> >>> wrote: >>> >>> >>> >>> On 15 August 2016 at 14:08, Timothy Holborn >>> <timothy.holborn@gmail.com >>> <mailto:timothy.holborn@gmail.com>> wrote: >>> >>> Solid isn't finished yet. >>> >>> >>> Solid is at version 0.6 rather than 1.0. >>> >>> But I dont really know what more can be added to it to >>> get it to v1.0. Im using it on a daily basis and it >>> works fine. Some people are perfectionists I suppose :) >>> >>> In any case its IMHO light years ahead of where the rest >>> of the web is, even if you only take small parts of it >>> and use it. >>> >>> You can also argue that solid will never be finished, in >>> the sense that, the web will never be "finished". >>> >>> Its definitely something that can be used today. >>> >>> >>> >>> On Mon, 15 Aug 2016, 10:07 PM Melvin Carvalho >>> <melvincarvalho@gmail.com >>> <mailto:melvincarvalho@gmail.com>> wrote: >>> >>> On 15 August 2016 at 11:50, Adrian Hope-Bailie >>> <adrian@hopebailie.com >>> <mailto:adrian@hopebailie.com>> wrote: >>> >>> From the article: "The question is whether >>> architecture will be enough." >>> >>> The answer is no. >>> We live in world where few ideas succeed >>> without a strong business case. The >>> architecture is the easy part. >>> >>> >>> Architecture is deceptively difficult to get >>> right. The vast majority if systems start to >>> fall over as they scale. The web and REST are >>> two architectures that buck that trend and just >>> get stronger as they scale. >>> >>> Solid is the next evolution in that >>> architectural trend, imho, because it simply >>> embraces the points that made the web great, and >>> extends it a little bit, while being 100% >>> backwards compatible. Right now, it's the only >>> system that I know of, with this property, in >>> fact, nothing else is close. So this in itself, >>> the ability to scale to billions of users, is a >>> business case. Quietly facebook adopted the >>> social graph approach to the web, and web >>> architectural principles with their graph >>> protocol, and also an implementation of WebID. >>> >>> I think what's true is that few ideas succeed, >>> because simply, we have a lot of ideas and a lot >>> of competition. Having a business can help, but >>> the right architecture is the magic sauce to get >>> through those scalability barriers. >>> >>> I personally think Solid is the business >>> opportunity of a lifetime, perhaps even bigger >>> than the first web. Im certainly investing on >>> that basis. >>> >>> >>> >>> On 14 August 2016 at 10:49, Timothy Holborn >>> <timothy.holborn@gmail.com >>> <mailto:timothy.holborn@gmail.com>> wrote: >>> >>> Hi Anders, >>> >>> I'm using this email to respond to both >>> [1] in creds; in addition to the below, >>> with some lateral considerations. >>> >>> See this video where Mr Gates and Mr >>> Musk are discussing in China AI [2]. >>> >>> I haven't fully considered the >>> implications, whilst i've certainly been >>> considering the issue; i have not fully >>> considered it, and as modern systems >>> become subject to government contracts >>> as may be the case with enterprise >>> solutions such as those vended by IBM >>> [3], may significantly lower the cost >>> for government / enterprise, in seeking >>> to achieve very advanced outcomes - yet >>> i'm unsure the full awareness of how >>> these systems work, what potential >>> exists for unintended outcomes when work >>> by web-scientists[4][5] becomes >>> repurposed without their explicit and >>> full consideration of the original >>> designers for any extended use of their >>> works, what the underlying >>> considerations are by those who are >>> concerned [6][7] and how these systems >>> may interact with more advanced HID as >>> i've kinda tried to describe recently to >>> an audience here [8] and has been >>> further discussed otherwise [9] [10]. >>> >>> I'm a little concerned about the >>> under-resourcing that seems to plague >>> Manu's / Dave's original vision (that >>> included WebDHT) to the consultative >>> approach that i believed had alot of >>> merit in how it may interact with the >>> works of RWW at the time (alongside >>> WebID) which have al progressed, yet, >>> not seemingly to a solution that i think >>> is 'fit for purpose' in attending to the >>> issues before us. >>> >>> I have considered the need for people to >>> own their own biometric signatures. I >>> have considered the work by >>> 'mico-project'[11] seems to be a good >>> supporter of these future works, >>> particularly given the manner in which >>> these works support LDP and other >>> related technologies... >>> >>> But the future is still unknown, and >>> what worries me most; is those who know >>> most about A.I. may not be able to speak >>> about it as a citizen or stakeholder in >>> the manner defined by way of a magna >>> carta, such as is the document that >>> hangs on my wall when making such >>> considerations more broadly in relation >>> to my contributory work/s. >>> >>> i understand this herein; contains an >>> array of fragments; yet, am trying to >>> format schema that leads others to the >>> spot in which i'm processing broader >>> ideas around what, where and how; >>> progress may be accelerated and indeed >>> adopted by those capable of pushing it >>> forward. >>> >>> I remember the github.com/Linkeddata >>> <http://github.com/Linkeddata> team (in >>> RWW years) wrote a bunch of things in >>> GO, which is what the IPFS examples >>> showcase, and without providing >>> exhaustive links, i know Vint has been >>> working in the field of inter-planetary >>> systems [13], therein also understanding >>> previous issues relating to JSON-LD >>> support (as noted in [1] or [14] ), >>> which in-turn may also relate to other >>> statements made overtime about my view >>> that some of the works incubated by >>> credentials; but not subject to IG or >>> potential WG support at present - may be >>> better off being developed within the >>> WebID community as an additional >>> constituent of work that may work >>> interoperable with WebID-TLS related >>> systems. >>> >>> Too many Ideas!!! >>> >>> (perhaps some have merit...) >>> >>> Tim.H. >>> >>> >>> [1] https://lists.w3.org/Archives/Public/public-credentials/2016Aug/0045.html >>> <https://lists.w3.org/Archives/Public/public-credentials/2016Aug/0045.html> >>> [2] https://youtu.be/TRpjhIhpuiU?t=16m26s >>> <https://youtu.be/TRpjhIhpuiU?t=16m26s> >>> [3] http://blog.softlayer.com/tag/watson >>> <http://blog.softlayer.com/tag/watson> >>> [4] http://webscience.org/ >>> [5] https://twitter.com/WebCivics/status/492707794760392704 >>> <https://twitter.com/WebCivics/status/492707794760392704> >>> [6] https://www.youtube.com/watch?v=tV8EOQNYC-8 >>> <https://www.youtube.com/watch?v=tV8EOQNYC-8> >>> [7] https://en.wikipedia.org/wiki/Open_Letter_on_Artificial_Intelligence >>> <https://en.wikipedia.org/wiki/Open_Letter_on_Artificial_Intelligence> >>> [8] (perhaps not the best reference, but >>> has a bunch of ideas in >>> it: https://docs.google.com/presentation/d/1RzczQPfygLuowu-WPvaYyKQB0PsSF2COKldj1mjktTs/edit?usp=sharing >>> <https://docs.google.com/presentation/d/1RzczQPfygLuowu-WPvaYyKQB0PsSF2COKldj1mjktTs/edit?usp=sharing> >>> [9] https://www.youtube.com/watch?v=iTqF3w2yrZI >>> <https://www.youtube.com/watch?v=iTqF3w2yrZI> >>> [10] https://www.youtube.com/watch?v=_x_VpAjim6g >>> <https://www.youtube.com/watch?v=_x_VpAjim6g> >>> [11] http://www.mico-project.eu/technology/ >>> <http://www.mico-project.eu/technology/> >>> [12] https://www.youtube.com/watch?v=8CMxDNuuAiQ >>> <https://www.youtube.com/watch?v=8CMxDNuuAiQ> >>> [13] http://www.wired.com/2013/05/vint-cerf-interplanetary-internet/ >>> <http://www.wired.com/2013/05/vint-cerf-interplanetary-internet/> >>> [14] https://github.com/ipfs/ipfs/issues/36 >>> <https://github.com/ipfs/ipfs/issues/36> >>> On Fri, 12 Aug 2016 at 14:47 Anders >>> Rundgren <anders.rundgren.net@gmail.com >>> <mailto:anders.rundgren.net@gmail.com>> >>> wrote: >>> >>> On 2016-08-11 15:16, Melvin Carvalho >>> wrote: > Really good article, >>> mentions Solid and other >>> technologies. WebID is mentioned by >>> the author in the comments too ... > >>> > >>> http://www.digitaltrends.com/web/ways-to-decentralize-the-web/ >>> <http://www.digitaltrends.com/web/ways-to-decentralize-the-web/> >>> One of the problems with the Web is >>> that there is no easy way letting a >>> provider know where you come from >>> (=where your Web resources are). >>> This is one reason why OpenID rather >>> created more centralization. The >>> same problem is in payments where >>> the credit-card number is used to >>> find your bank through complex >>> centralized registers. Both of these >>> use-cases can be addressed by having >>> URLs + other related data such as >>> keys in something like a digital >>> wallet which you carry around. There >>> is a snag though: Since each >>> use-case needs special logic, keys, >>> attributes etc. it seems hard >>> (probably impossible), coming up >>> with a generic Web-browser solution >>> making such schemes rely on >>> extending the Web-browser through >>> native-mode platform-specific code. >>> Although W3C officials do not even >>> acknowledge the mere existence(!) of >>> such work, the progress on native >>> extensions schemes has actually been >>> pretty good: >>> https://lists.w3.org/Archives/Public/public-webappsec/2016Aug/0005.html >>> <https://lists.w3.org/Archives/Public/public-webappsec/2016Aug/0005.html> >>> This is approach to decentralization >>> is BTW not (anymore) a research >>> project, it is fully testable in >>> close to production-like settings >>> today: >>> https://test.webpki.org/webpay-merchant >>> <https://test.webpki.org/webpay-merchant> >>> The native extensions also support a >>> _decentralized_development_model_for_Web_technology_, >>> something which is clearly missing >>> in world where a single browser >>> vendor has 80% of the mobile browser >>> market! Anders >>> >> -- Regards, Kingsley Idehen Founder & CEO OpenLink Software >> (Home Page: http://www.openlinksw.com) Medium Blog: >> https://medium.com/@kidehenBlogspot Blog: >> http://kidehen.blogspot.com Twitter Profile: >> https://twitter.com/kidehen Google+ Profile: >> https://plus.google.com/+KingsleyIdehen/about >> <https://plus.google.com/+KingsleyIdehen/about> LinkedIn >> Profile: http://www.linkedin.com/in/kidehen >> <http://www.linkedin.com/in/kidehen> Personal WebID: >> http://kingsley.idehen.net/dataspace/person/kidehen#this >> <http://kingsley.idehen.net/dataspace/person/kidehen#this> >> > -- > Regards, > > Kingsley Idehen > Founder & CEO > OpenLink Software (Home Page: http://www.openlinksw.com) > > Medium Blog: https://medium.com/@kidehen > Blogspot Blog: http://kidehen.blogspot.com > Twitter Profile: https://twitter.com/kidehen > Google+ Profile: https://plus.google.com/+KingsleyIdehen/about > <https://plus.google.com/+KingsleyIdehen/about> > LinkedIn Profile: http://www.linkedin.com/in/kidehen > <http://www.linkedin.com/in/kidehen> > Personal WebID: http://kingsley.idehen.net/dataspace/person/kidehen#this > <http://kingsley.idehen.net/dataspace/person/kidehen#this> > -- Regards, Kingsley Idehen Founder & CEO OpenLink Software (Home Page: http://www.openlinksw.com) Medium Blog: https://medium.com/@kidehen Blogspot Blog: http://kidehen.blogspot.com Twitter Profile: https://twitter.com/kidehen Google+ Profile: https://plus.google.com/+KingsleyIdehen/about LinkedIn Profile: http://www.linkedin.com/in/kidehen Personal WebID: http://kingsley.idehen.net/dataspace/person/kidehen#this
Attachments
- application/pkcs7-signature attachment: S/MIME Cryptographic Signature
Received on Friday, 19 August 2016 13:31:02 UTC