- From: <jeff@sayremedia.com>
- Date: Tue, 8 Feb 2011 08:45:17 -0800
- To: "Henry Story" <henry.story@bblfish.net>
- Cc: jeff@sayremedia.com, "WebID Incubator Group WG" <public-xg-webid@w3.org>
> > On 8 Feb 2011, henry.story@bblfish.net wrote: > > Yes, indeed those come together. We should perhaps have a wiki > page eID > eID/Europe > eID/USA > > To track what is going on. I agree. A new wiki to pull together the various government identity initiatives is a good idea. > >> >> It is inevitable that sovereign governments will create their own >> identification protocols. > > Well, I think it is inevitable that they will all end up using TLS, > just simply because browsers are so widely deployed. We should not > assume that government officials are unable to see the obvious I should have been more precise. Instead of saying that governments will create their own identification protocols, I meant governments will politicize the issue of Internet-based identity. I think you are correct in suggesting that we should put forth possible WebID use cases for governments and NGOs alike. The financial sector is a great space on which to concentrate. Jeff >> I suggest that we consider combining all such government initiatives >> into >> a single issue so as to better track and organize our discussions around >> this important topic. > > yes, this is also tied of tracking hardware authentication devices it > seems, > which can be deployed by other institutions, such as banks for example. In > fact once one puts players like banks, states and others the role of > WebIDs becomes a lot clearer. > > There are a few use cases for governments. > > - Give the government a WebID. Each country can create a foaf:Group of > countries that it trusts to distributed WebIDs. This would be linked > data. The companies of that country could link to that list, to > regularly crawl the list of countries to get their latest WebIDs, and so > allow their users access. (assuming privacy issues are dealt with). > > - Perhaps a similar idea as above but with NASDAQ or some governement > directly keeping a list of companies WebIDs. So this is useful if I want > to know that I am doing business with a legal entity, or if my bank, or > a foreign bank wants to know if some company is legal... [this is very > vague] > > I am sure Tim Berners' Lee has put up ideas on the subject somehwere > already 20 years ago.... > > Henry > > >> >>> >>> WebID-ISSUE-27 (bblfish): track electronic IDentity (eID) initivatives >>> [liaison with other groups] >>> >>> http://www.w3.org/2005/Incubator/webid/track/issues/27 >>> >>> Raised by: Henry Story >>> On product: liaison with other groups >>> >>> >>> On 8 Feb 2011, at 11:11, Henry Story wrote: >>> >>> In Monday's teleconf Martin Gaedke pointed out >>> >>> gaedke: regarding electronic IDs, there is something going on in >>> Germany >>> ... also in other countries ongoing >>> <webr3> like the US too >>> <gaedke> http://www.epass.de/ >>> <gaedke> http://www.personalausweisportal.de/ >>> >>> This started the thread on German Identity Cards >>> http://lists.w3.org/Archives/Public/public-xg-webid/2011Feb/0097.html >>> >>> I added a lot of the links that came up on that thread on wikipedia's >>> page >>> >>> http://en.wikipedia.org/wiki/Electronic_identity_card >>> >>> which is a bit of a mess at present, and not very well written up. They >>> are still missing a good simple architectural overview of what eID's >>> do. >>> In 2009 the EU came out with "Privacy Features of European eID >>> CardSpecifications" >>> >>> http://www.enisa.europa.eu/act/it/eid/eid-cards-en >>> >>> What is worrying is that the German Identity card is RFID enabled. See >>> this video where Chris Piaget queries these cards >>> >>> http://www.youtube.com/watch?v=9isKnDiJNPk >>> >>> Not sure if there is a problem here. The german card has a pin, to >>> protect >>> it. >>> >>> A lot of the information is either too hight level marketing, or too >>> low >>> level technical. Some questions we need to answer are are: >>> - how do these interact with TLS? >>> - Is the TLS/Browser interaction the main use case? >>> (The linux article shows this nicely [1]) >>> => if they interact well then it should be a positive for WebID, as >>> it will just >>> increase the TLS userbase, and spread eID card readers that could >>> also be useful in a web >>> of trust >>> - they have signature functionality. When is that used? Via TLS? >>> - the german id cards readers seem to have SOAP interfaces to query >>> them. Is this just legacy stuff. >>> >>> >>> [1] But is the Belgian eID scheme the same as the german one? >>> http://nauseamedialis.org/belgian_eid_archlinux >>> My guess is that given the ubiquity of the browser, they will all be >>> using TLS >>> >>> >>> >>> >> >> >> > > Social Web Architect > http://bblfish.net/ > > >
Received on Tuesday, 8 February 2011 16:45:50 UTC