[foaf-protocols] FW: [ABA-IDM-TASK-FORCE] Kantara slides from Jan 29

Sat Jan 30 19:44:19 CET 2010

Peter Williams wrote:
> We discussed trust, reliance and governance recently. Folks asked for links
> etc - so as to understand the underlying notions and then the concepts folks
> have formulated (and why *those* structures)?
>
> You can see in the attached (excellent) presentation the notion of identity
> "governance" all laid out, in pictures. It shows several of the concepts.
>
> You will notice that the user is hardly mentioned. But, s/he is the
> "beneficiary".
>
> Now, there is nothing evil about this. It's only what underlay the PKI
> vision for nationally-regulated and insured CAs issuing client certs. (it
> was all setup to be a PriceWaterhouse Coopers managed trust fabric in the
> UK, for example). 
>
> In my view, it's a (valid) rehash of the apparatus that was developed for
> that PKI model of CAs (that largely failed to take root in the late 90s).
> The dotcom bubble eliminated what momentum there was. Since then, models for
> self-assertion (self-signed SSL, ws-trust, infocard and now FOAF-SSL) have
> matured, in the gap. In enterprise windows networks, certs are all
> auto-issued these days, built into about 100 protocols pretty transparently.
>
> The real crux for me when considering the applicability of "governance
> regimes" that "regulate the web" is: what happens AFTER the sexy, initial
> benefits of all that governance have occurred?
>
> If the user and RP can then dump the "introductions" and opt out from the
> intermediatiation, I see little problem with the governance apparatus. An
> advanced form of "discovery", it  "connects" folks initially and "brokers"
> the trust requirements in an environment of  mutually suspicion. Id even pay
> a one-time fee, for that (or put up with ads, for 1 month).
>
> If the user and RP continue to be governed and cannot "OPT OUT", then it
> gets harder to trade off its benefits with the downsides of the "loss of
> autonomy". The data portability issues come to the fore.
>
> If one uses a facebook analogy, having benefitted from their ability to find
> and connect folks, they wanted rights to your network (to sell targeted ads
> to your network - that recoup the cost of all that discovery and then profit
> from the new value it delivered to you).
>
> Debates of course raged over who owned the collation of facts about "your"
> network; with legal restrictions being applied by the asserting owner
> (facebook) concerning what you MAY do with your (not your) contact list,
> once you no longer seek the services of Facebook.
>  
> The topic of governance is basically the Faustian bargain story; and the
> dilemmas are the same as in that tale. They are only the same however if one
> accepts the assumptions of the devils logic though (that of course
> pre-structure the conversation itself so the devil wins in any outcome,
> including no outcome).
>
>
> -----Original Message-----
> From: Federated Identity Management Task Force Discussion
> [mailto:BL-FIDM at MAIL.ABANET.ORG] On Behalf Of Brett McDowell
> Sent: Saturday, January 30, 2010 4:49 AM
> To: BL-FIDM at MAIL.ABANET.ORG
> Subject: [ABA-IDM-TASK-FORCE] Kantara slides from Jan 29
>
> Attached is a PDF of the slides I presented yesterday.
>
> -- Brett
>   
> ------------------------------------------------------------------------
>
> _______________________________________________
> foaf-protocols mailing list
> foaf-protocols at lists.foaf-project.org
> http://lists.foaf-project.org/mailman/listinfo/foaf-protocols
Peter,

Nice stuff!

Others:
I really the time is ripe for a co-authored presentation (we can use 
Google Docs or some other facility) re. Federated Identity and FOAF+SSL, 
something that builds on Henry's initial presentation.

HTTP fixed Open Data Access via Linked Data. Now lets show how it fixes 
Federated Identity (the biggest headache of all).

-- 

Regards,

Kingsley Idehen	      
President & CEO 
OpenLink Software     
Web: http://www.openlinksw.com
Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter: kidehen 