W3C home > Mailing lists > Public > public-xg-webid@w3.org > April 2011

RE: Position Paper for W3C Workshop on Identity

From: peter williams <home_pw@msn.com>
Date: Wed, 27 Apr 2011 15:23:49 -0700
Message-ID: <SNT143-ds1523B1A262E31AA623EB7092980@phx.gbl>
To: "'Henry Story'" <henry.story@bblfish.net>
CC: <public-xg-webid@w3.org>
So, all it comes down to is, as relying party, pick your favorite go club?
Is all we offer: just form up your own link graph?

Then, on that basis, there are a n million parties claiming to be
authorities, all with nothing to substantiate their claims. It's all just a
mouth off - including the infamous Oxford School of Auto Engineering (a
technical school teaching motor mechanics, leeching off the Oxford name,
apparently). Perhaps you prefer the Polish national CA, because at least is
Polish (vs American). Perhaps one has a pretty rainbow flag. Pick something
that fits with your sense of identity?

Is that it? Is this what we now offer as a global trust model: pick an
interest group, where the tone feels right?

What is semweb offering that I cannot do, right now, with a facebook friends
list (which already largely does the above)?

There is nothing in technology that makes the slightest difference to the
interest-group association model, we have to be able to admit that to
ourselves, at this point, I hope. One can build links of certs, cross certs
(in the Entrust world view), links of facebook groups, or links of websites
(in the webid view). All of them are a mere representation of a linked

(a definitive breakthrough we have made is to make public key crypto a
fundamentum of semweb, which was not true before provenance and webid. There
was a bit of PGP in university land, but that was as far as the thinking had

If we truly are denying that there can be any notion of authority, then Im
not sure what we are replacing it with. It all seems very tribal.

The only thing Ive ever heard you argue in the authority asix is that you
want the US government in charge of server certs and the underlying naming
authorities - since that underlying assurance (a bit like the broken US
dollar) is nonetheless better than any other option. It's the least worst

I cannot wait to see the Berlin paper, I have to admit. There, we see the
trust model outlined, in which Im hoping that the raw technology written up
in the identity paper reasons why the additional theorems added by the
semweb technologies - suppressed in that paper  for an US audience concerned
with today and next week - define an entirely new class of trust model that
can (and should) exist. Then, we have to ensure we state why a tweak of SSL
and  X.509 ( as awful as it is) cannot implement the same once its defined
(since fixes to the commodity is a constant threat to our "advanced" work,
and consistent with how American infrastructure typically capitalizes).

Im not sure what I can add to that Berlin paper, except to do what we have
been doing today - which is to frame that *against which* we collectively
lay a *contrasting* position. We have to be seen to understand the reality
of today (as it was supposed to be by its designers, and as it actually is
15 years later as represented by "domain-certs"), and then offer a solution.

Im not sure anyone cares about creating a tribal planet, though, full of
virtual tribes. Attacking the trust in the nation state and its public
institutions is going to be a hard sell. We may be a 100 years too early, on
that one. 

Anyways, off to watch a pomp and circumstance parade.

-----Original Message-----
From: public-xg-webid-request@w3.org [mailto:public-xg-webid-request@w3.org]
On Behalf Of Henry Story
Sent: Wednesday, April 27, 2011 2:15 PM
To: Peter Williams
Cc: <public-xg-webid@w3.org>
Subject: Re: Position Paper for W3C Workshop on Identity

On 27 Apr 2011, at 19:52, Peter Williams wrote:

> If the uni has a business school specializing in accounting, an MBA will
make the person not bad at accounting assurance. It's a lot better than me,
with my science degrees.
> If the uni is royal holloway (London) and you do the specialized master on
information security, again a masters or diploma (higher) is not bad - for
information assurance.
> But an accounting/security audit performed by either person does not meet
public policy. neither use prescribed methods, so the result from any audit
firm us equivalent.

That's because the uni does not audit the work of those accountants, it
audits their education. 
I audit my friends.
You audit yours.
The go club audits people's ability to play go.

> If the uni-qualified person gets a cissp certification (should be easy for
royal holloway folks). You are now fit to be trusted in a ca firm - to
cooperate with an FBI order say (assuming personality and politics fits). A
wikileaks activist would qualify but be rejected on politics (assume the
covert part would be compromised). If the person shows lack of political
disclosure, hiding wikileaks association say, again this is a reason for
elimination (from a ia trust job, specifically).
> If the auditor performs tests, the certified ia engineer can be assumed
familiar and can assist get to the facts desired. If the facts depend on
records, in an periodic audit, one can be assumed to know how not to fail
the audit due to missing procedural steps ( numbered pages are missing...
> If one offers a compensating control (all our employees are born and
raised citizens with current disa clearances) we don't need to rely on those
evil foreign university transcripts (full of assumed malice and
unreliability - being from foreign sources, Assumed inherently untrustworthy
by us govt processes). Thus one show by design and operations the risk of
foreign influence is controlled by assumption (reasonable), so that the
auditor does not need to now go sample the foreign transcript process (which
doesnt exist, being made irrelevant by the citizen test).
> The ca audit I passed was carefully structured to play the ia game. One of
the hardest criteria sets to pass concerns networking (just choc full of
gotchas, and expense). So, for a root ca (and it's audit) don't network the
computer. Really.
> Another gotcha set concerns correctness , of key management. Software
crypto is hard to test and audit. F0r root ca, one had to show fips 140-1
level 3 compliance - which essentially denies any software claims, and tests
the entire lifecycle of keys (distinguishing the semantics of key erasure
from key destruction say), with an accountability trail for each and every
cloned key (for dr purposes, since all devices fail). All is subject to
realtime sampling, testing, and comparison with the stated handling rules.
One test wheter junior staff know the rules, and what happens when both
senior folks are on trips (during the 2am emergency).

yes, and after all those audits the CA's just check people's e-mail
addresses and send them the CA!

> Etc etc
> It gies on for 100 more pages, like this. No. Its A 1000 pages. It's
> This is information assurance.
> NSA has a nice website on the topic, being the ia lead in the us. Getting
anyone to do it , given the cost and hassle factor, is hard - especially
when revenues just don't support the overhead (eg realty mls business). Its
easy to do if your a defense contractor on billion dollar contracts (being
an aspect of general quality management). If consumers pay per person $50 a
year for cloud office, with sufficient numbers and a standard set of
software perhaps it's economic. For small mainstreet firms hosting web apps
, it's prohibitively expensive. The mere fact Henry installed the 59 router
from the supermarket dooms the audit to fail (or be prohibitively expensive,
more likely).
> So reason by analogy. What test does the ministry of education perform on
the test centers for public school exams done in high schools , to assure
the public that the proctoring is doing what the (non deceived) public
expect of proctoring and national education certificates?

yes, something like that. If you want to look at it through auditing
glasses, that's how it works. Not everything has to be fail proof to work.
You know a lot of things around you, as I pointed out before, even though
you don't and cannot know you are not a brain in a vat on alpha centauri
being made to think you are typing these e-mails. 

> My cissp is something I cite (since I struggled to pass, even after all my
years of security experience). My ccna is something I failed  (despite 20
years of doing certain but not all packet switching defile) but I cite too
(being reassurance I'm not a fraud, in basic data switching)  I don't cite
my ccsp or  much as the course runners gave me what I now judge to be 90%
the actual exams to practice, beforehand. This makes them pointless American
it certifications (for assurance purposes, as any science major can cheat,
having great exam technique by that point). Not totally useless (I did 12
months self study in 2 weeks, and could really understand the curriculum,
allowing a year of further very focussed self teaching). But not something
I'd cite to get a job actually fixing high end cisco or Microsoft systems.
I'd be a fraud, offering false assurances.
> Make sense now?
> Nothing to do with cert technology. Applies to 15th century ciphers too.
Just more important for certs, as the damage is so much greater (worldwide
public confidence).
> On Apr 27, 2011, at d8:39 AM, Henry s <henry.story@bblfish.net> wrote:
>> On 27 Apr 2011, at 17:21, peter williams wrote:
>>> You might want to browse it - being all about the technology topics 
>>> you often struggle with. ON the other hand, when looking at life 
>>> anew, sometimes ignorance helps - so you is not drawn into the older
mental models.
>>> Anyways, there are three terms of art:
>>> Identity  verification
>>> User authentication
>>> Information assurance
>> Ok, so when you go to a university, the Uni educates you, then tests 
>> you, then gives you a degree. That is information assurance! What is the
>> Uni assures { X has Degree;
>>               field :medicine
>>               course </2011/Med/Liver> .. }
>> Presumably that means that he knows a certain amount about the 
>> subject. But nothing is absolutely final of course as you point out. 
>> His thesis may have been plagiarised, as recently happened in Germany 
>> when the Minister of Defence was found to have employed someone else to
write his thesis.
>> http://online.wsj.com/article/SB1000142405274870450600457617397076502
>> 0528.html
>> If the university had given Karl-Theodor zu Guttenberg a WebID, they 
>> would not remove their claim from his doctoral certificate page.
>> So it is easy to do assurance using WebID, and to remove assurance too.
>> Henry
>>> A term of art is rarely discussed in Wikipedia or a common dictionary.
>>> Identity verification is that act which a notary performs when 
>>> he/she authenticated an individual through personal knowledge or, 
>>> more likely, checking your passport or drivers license as evidence 
>>> of id. The notary attests to having done that act, while then making 
>>> a statement. Early in certs, for use by early Apple Mac users, one 
>>> got a X.509 cert by first going to a notary, obtaining the affidavit 
>>> mentioned, and then sending that as evidence of (notary-based) id
verification to the CA .
>>> User authenication is the presentation of the cert to a relying 
>>> party, along with a signature showing control over the private key.
>>> Information assurance has nothing to do with any of the above, 
>>> except when computers are used in the processes above. If you want a 
>>> birth cert from the state of Hawaii, there is information assurance 
>>> practices - that support the status of a bit of paper as a "record". 
>>> Long form records may be valid legally, for the purposes of id 
>>> verification; or may not. Because assurance rules change, only shoft 
>>> form record may not be valid, legally. Assurance rules may require 
>>> "originals", and not copies, and may distintuish certified copies 
>>> (from copies, and from originals). A certified copy may have to be 
>>> emboseed, by a particular seal (acting as a unique signing device.)
>>> In the computer world, IA often comes down to the security audit, 
>>> for the data center. If you are Comodo selling cert, and your 
>>> resellers apply computers to access the minting services, and that 
>>> channel is protected poorly, one can have the ridiculous situation 
>>> in which the auditor performed investigations and tests that 
>>> qualified the information assurance legvel as "sufficient", but non 
>>> the less the channel is insecure. That's because, IA is about rules, 
>>> not security. Its similar to an accounting audit that says the firm 
>>> is not crooked, but it goes bust anyways. What matters is that the 
>>> tests shew it was not crooked, to "assure" the public, using the
services of public certified accountants.
>>> Yes apple assure the public their phone is safe. Doesn't mean the 
>>> fine print of the contract is not set to allow them and their 
>>> friends to spy on you, in a manner you find offense - since you 
>>> didn't KNOW you agreed to it!? Its deceptive, despite the assurance. 
>>> The US government assures the public that new citizens are suitable 
>>> citizens. Doesn't mean they are not ex-SS officers, having spent 
>>> years designed terror weapons, having run factorys making them and 
>>> having actually killed 20k civilians...(in London) in attempt to 
>>> terrorise an entire population. Assurance means they now fit American
rules, which change with the times.
>>> In the CA world, the government generally seeks assurance that the 
>>> firms will "do the right thing" - when asked. (This means spy, when 
>>> served a covert order.) Its an important assurance, that the firm 
>>> has CEO and staff that are "oriented" - and trustworthy, and can be 
>>> trusted (to maintain the secrecy of the covert surveillance order, 
>>> and scope the interception to the named individual, not the operators
>>> Put a key in the RDFa of the document. See what happens... its not 
>>> logical, but then neither is a non-deterministic search that guesses.
>>> -----Original Message-----
>>> From: public-xg-webid-request@w3.org 
>>> [mailto:public-xg-webid-request@w3.org]
>>> On Behalf Of Henry Story
>>> Sent: Tuesday, April 26, 2011 11:44 AM
>>> To: peter williams
>>> Cc: 'Dominik Tomaszuk'; public-xg-webid@w3.org
>>> Subject: Re: Position Paper for W3C Workshop on Identity
>>> On 26 Apr 2011, at 20:34, peter williams wrote:
>>>> Please remove the link to
>>>> http://agendabuilder.gartner.com/IAM4/WebPages/SessionList.aspx?Spe
>>>> ake
>>>> r=7019
>>>> 95 for my name. Or just remove my name all together (whichever is
>>> easiest).
>>>> I do not want an association with Rapattoni to be inferred by readers.
>>>> Im mostly making a point, tuned to webid, that individuals are in 
>>>> charge - and do NOT need an organizational affiliation. They also 
>>>> do NOT need evidence of standing (such as garner though me worth 
>>>> inviting to talk about the needs of realty, to others deploying
>>>> I know, it's a hard habit to break, since individuals have no 
>>>> standing in academia; only having any authority when introduced as
>>>> (which then governs one's credentials and one's reputations).
>>> But I thought many of your points on this list was on the importance 
>>> of Information Assurance.
>>> Are universities, companies posting profiles about people not well 
>>> establish ways of doing information assurance?
>>> Henry
>>>> -----Original Message-----
>>>> From: public-xg-webid-request@w3.org 
>>>> [mailto:public-xg-webid-request@w3.org]
>>>> On Behalf Of Dominik Tomaszuk
>>>> Sent: Tuesday, April 26, 2011 7:43 AM
>>>> To: public-xg-webid@w3.org; Henry Story
>>>> Subject: Re: Position Paper for W3C Workshop on Identity
>>>> On 26.04.2011 12:09, Dominik Tomaszuk wrote:
>>>>> On 26.04.2011 10:36, Henry Story wrote:
>>>>>> Ok, the paper is ready for xhtml export. Any further changes can 
>>>>>> then be edited in the xhtml.
>>>>> OK. In a few hours XHTML+RDFa version will be ready.
>>>> Alpha version without CSS, valid XHTML+RDFa:
>>>> http://ii.uwb.edu.pl/~dtomaszuk/webid.html
>>>> Regards,
>>>> Dominik Tomaszuk
>>> Social Web Architect
>>> http://bblfish.net/
>> Social Web Architect
>> http://bblfish.net/

Social Web Architect
Received on Wednesday, 27 April 2011 22:24:19 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:39:44 UTC