- From: Kingsley Idehen <kidehen@openlinksw.com>
- Date: Wed, 24 Sep 2014 08:09:22 -0400
- To: Anders Rundgren <anders.rundgren.net@gmail.com>, public-webpayments@w3.org
- Message-ID: <5422B472.8030508@openlinksw.com>
On 9/23/14 1:12 AM, Anders Rundgren wrote: > On 2014-09-22 21:15, Kingsley Idehen wrote: >> On 9/22/14 11:32 AM, Anders Rundgren wrote: >>> On 2014-09-22 13:16, Kingsley Idehen wrote: >>>> On 9/22/14 2:31 AM, Anders Rundgren wrote: >>>>> I'm by no means an enemy to Linked Data, I just don't see what it >>>>> would do for *conventional* payments except for introducing privacy >>>>> and access control concerns. >>>> >>>> Please take time to digest: >>>> >>>> [1] >>>> http://bit.ly/enterprise-identity-management-and-attribute-based-access-controls >>>> >>>> [2] >>>> http://bit.ly/loosely-coupled-read-write-web-and-web-access-controls-using-webid >>>> >>>> . >>>> >>>> You cannot make a moderately usable system without an identification >>>> mechanism that isn't yet another data silo. >>>> >>>> *conventional* payments are an application of data driven >>>> identification, interaction, and management. >>> >>> My only ambition has been describing how you could "webify" an >>> existing payment system, >>> *without* changing data ownership, relationships, business-, trust-, >>> or privacy-models. >> >> You can't achieve that goal, in any non contradictory way, if you've >> somehow convinced yourself that Linked Open Data and Webify aren't >> inextricably linked. >> >> "*without* changing data ownership, relationships, business-, trust-, or >> privacy-models." is just another way of saying: structured data >> representation + entity relationship semantics, without >> data-silo-fication. That's exactly what RDF based Linked Open Data is >> fundamentally about, period [1]. >> >>> >>> Since the main problem with identity information is not the >>> information itself but >>> how it will be used after being submitted, it seems like a safe(r) bet >>> minimizing >>> exposure of such data. >> >> Linked Open Data never means "uncontrolled or unconstrained access to >> data" [1]. >> >>> This is a corner-stone of my write-up. Another example is >>> FIDO which (at least on paper...) is the opposite to Linked Data since >>> each site >>> is supposed to be an identity silo. In practice FIDO doesn't work as >>> Google claims >>> but that's altogether different discussion :-) >> >> You can conditionally constrain access to data using data access >> policies. > > Yes, but if there is a way getting away from that by for example doing > what my write-up does (encrypting the user's response and identity so > that > it is only readable by the sole party that needs it), I think it is worth > considering. You don't want to get away from "data access policies" that are driven by logic baked into structured data representation. You don't need to encrypt a subject's identity. Just as you don't need deeply personally identifiable data in a security token e.g., and X.509 cert. When you purchase a Ticket [1] for an event, does that ticket contain personally identifiable data that goes beyond enabling the ticket-holder attend an event? Does the event organizer know the name, home address, email address etc.. of the ticket-holder at row #7 seat #2 ? A ticket is like a security token, and vice versa. Links: [1] http://linkeddata.uriburner.com/c/9G36GVL -- About Ticket . Kingsley > > Anyway, since my write-up is fairly complete, would it be possible to get > concrete input on how it could be improved by adding Linked Data or do > we always have to start from zero? > > BTW, I think this is VERY important because I'm surely not the only one > out there who do not necessarily understand what the WebPayments CG > is saying. Personally, I think it would be quite useful if somebody > did a simple write-up of how *they* would address credit-card payments > on the web because then we would have something to compare with. If we > are lucky we may even find a way combining the old and the new :-) > > If nothing helps we will surely go into the black: > https://www.youtube.com/watch?v=0O1v_7T6p8U > > Cheers > Anders > >> >> >> [1] >> http://bit.ly/enterprise-identity-management-and-attribute-based-access-controls >> >> -- presentation that covers Linked Open Data and Attribute based Access >> Controls working in tandem. >> >> >> Kingsley >>> >>> Anders >>> >>> >>> >>>> >>>> Your point is inherently contradictory. >>>> >>>> -- >>>> Regards, >>>> >>>> Kingsley Idehen >>>> Founder & CEO >>>> OpenLink Software >>>> Company Web:http://www.openlinksw.com >>>> Personal Weblog 1:http://kidehen.blogspot.com >>>> Personal Weblog 2:http://www.openlinksw.com/blog/~kidehen >>>> Twitter Profile:https://twitter.com/kidehen >>>> Google+ Profile:https://plus.google.com/+KingsleyIdehen/about >>>> LinkedIn Profile:http://www.linkedin.com/in/kidehen >>>> Personal >>>> WebID:http://kingsley.idehen.net/dataspace/person/kidehen#this >>>> >>> >>> >>> >> >> > > -- Regards, Kingsley Idehen Founder & CEO OpenLink Software Company Web: http://www.openlinksw.com Personal Weblog 1: http://kidehen.blogspot.com Personal Weblog 2: http://www.openlinksw.com/blog/~kidehen Twitter Profile: https://twitter.com/kidehen Google+ Profile: https://plus.google.com/+KingsleyIdehen/about LinkedIn Profile: http://www.linkedin.com/in/kidehen Personal WebID: http://kingsley.idehen.net/dataspace/person/kidehen#this
Attachments
- application/pkcs7-signature attachment: S/MIME Cryptographic Signature
Received on Wednesday, 24 September 2014 12:09:44 UTC