[foaf-protocols] FW: [ABA-IDM-TASK-FORCE] Kantara slides from Jan 29

Peter Williams home_pw at msn.com
Sat Jan 30 18:21:43 CET 2010

We discussed trust, reliance and governance recently. Folks asked for links
etc - so as to understand the underlying notions and then the concepts folks
have formulated (and why *those* structures)?

You can see in the attached (excellent) presentation the notion of identity
"governance" all laid out, in pictures. It shows several of the concepts.

You will notice that the user is hardly mentioned. But, s/he is the

Now, there is nothing evil about this. It's only what underlay the PKI
vision for nationally-regulated and insured CAs issuing client certs. (it
was all setup to be a PriceWaterhouse Coopers managed trust fabric in the
UK, for example). 

In my view, it's a (valid) rehash of the apparatus that was developed for
that PKI model of CAs (that largely failed to take root in the late 90s).
The dotcom bubble eliminated what momentum there was. Since then, models for
self-assertion (self-signed SSL, ws-trust, infocard and now FOAF-SSL) have
matured, in the gap. In enterprise windows networks, certs are all
auto-issued these days, built into about 100 protocols pretty transparently.

The real crux for me when considering the applicability of "governance
regimes" that "regulate the web" is: what happens AFTER the sexy, initial
benefits of all that governance have occurred?

If the user and RP can then dump the "introductions" and opt out from the
intermediatiation, I see little problem with the governance apparatus. An
advanced form of "discovery", it  "connects" folks initially and "brokers"
the trust requirements in an environment of  mutually suspicion. Id even pay
a one-time fee, for that (or put up with ads, for 1 month).

If the user and RP continue to be governed and cannot "OPT OUT", then it
gets harder to trade off its benefits with the downsides of the "loss of
autonomy". The data portability issues come to the fore.

If one uses a facebook analogy, having benefitted from their ability to find
and connect folks, they wanted rights to your network (to sell targeted ads
to your network - that recoup the cost of all that discovery and then profit
from the new value it delivered to you).

Debates of course raged over who owned the collation of facts about "your"
network; with legal restrictions being applied by the asserting owner
(facebook) concerning what you MAY do with your (not your) contact list,
once you no longer seek the services of Facebook.
The topic of governance is basically the Faustian bargain story; and the
dilemmas are the same as in that tale. They are only the same however if one
accepts the assumptions of the devils logic though (that of course
pre-structure the conversation itself so the devil wins in any outcome,
including no outcome).

-----Original Message-----
From: Federated Identity Management Task Force Discussion
[mailto:BL-FIDM at MAIL.ABANET.ORG] On Behalf Of Brett McDowell
Sent: Saturday, January 30, 2010 4:49 AM
Subject: [ABA-IDM-TASK-FORCE] Kantara slides from Jan 29

Attached is a PDF of the slides I presented yesterday.

-- Brett
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Kantara @ ABA 2010-01-29_shared.pdf
Type: application/pdf
Size: 1376443 bytes
Desc: not available
Url : http://lists.foaf-project.org/pipermail/foaf-protocols/attachments/20100130/906c44ce/attachment-0001.pdf 

More information about the foaf-protocols mailing list