IETF Logo Mail Archive

Re: [arch-d] Proposed IAB program on Wholistic Human-Oriented Discussions on Identity Systems (WHODIS)

Eliot Lear <lear@lear.ch> Thu, 22 June 2023 08:26 UTC

Return-Path: <lear@lear.ch>
X-Original-To: architecture-discuss@ietfa.amsl.com
Delivered-To: architecture-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 67442C151066 for <architecture-discuss@ietfa.amsl.com>; Thu, 22 Jun 2023 01:26:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.889
X-Spam-Level:
X-Spam-Status: No, score=-0.889 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_ALL=0.8, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, NICE_REPLY_A=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SPF_HELO_PERMERROR=0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=lear.ch
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ntFe1d1UIWlC for <architecture-discuss@ietfa.amsl.com>; Thu, 22 Jun 2023 01:26:25 -0700 (PDT)
Received: from upstairs.ofcourseimright.com (upstairs.ofcourseimright.com [IPv6:2a00:bd80:aa::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2EF34C14CE5F for <architecture-discuss@ietf.org>; Thu, 22 Jun 2023 01:26:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=lear.ch; s=upstairs; t=1687422377; bh=zgqntZdwcrQgrXCKVYfIz2SrGeDiNjrffdCXkzgfRwI=; h=Date:To:References:From:Subject:In-Reply-To:From; b=NfxxlQDcNYlNIhJ+h2xkxbq0a3jzLZ7Dlor7BZafPGcADU/0xaqz+ufpzG/R2/xvp S2MEauxTrr+jIwsMuhhYvbowbeXdNu0its0G+JZK6r/8b8dITHGsRuYsU9Jma1II4e /vRIaNOQYny2L67GEkyB0gCLlUHGhGm7BRgOf+3E=
Received: from [192.168.0.99] (77-58-144-232.dclient.hispeed.ch [77.58.144.232]) (authenticated bits=0) by upstairs.ofcourseimright.com (8.15.2/8.15.2/Debian-22ubuntu3) with ESMTPSA id 35M8QHTt575994 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO); Thu, 22 Jun 2023 10:26:17 +0200
Message-ID: <bf21ab40-593b-a598-5f69-1bc58ca23667@lear.ch>
Date: Thu, 22 Jun 2023 10:26:16 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Thunderbird/102.11.2
Content-Language: en-US
To: Martin Thomson <mt@lowentropy.net>, Christopher Wood <caw@heapingbits.net>, architecture-discuss@ietf.org
References: <17514E09-F39D-425C-970C-BC14C70F15B9@heapingbits.net> <d65583b8-7706-ddbd-1430-ba353e05bfee@lear.ch> <0439cbdf-fe23-4ffd-8b43-3d1494d7eb73@betaapp.fastmail.com> <47a9db87-9e08-4c7c-c213-68ee36aa0385@lear.ch> <f280e3ff-e498-47e8-aac5-1f320b47c827@betaapp.fastmail.com>
From: Eliot Lear <lear@lear.ch>
In-Reply-To: <f280e3ff-e498-47e8-aac5-1f320b47c827@betaapp.fastmail.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------Mdtadac0BRmwhKeT5cQnLyf7"
Archived-At: <https://mailarchive.ietf.org/arch/msg/architecture-discuss/B2yPHcNHKaovc-Pa2CuMfDeGyUE>
Subject: Re: [arch-d] Proposed IAB program on Wholistic Human-Oriented Discussions on Identity Systems (WHODIS)
X-BeenThere: architecture-discuss@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: open discussion forum for long/wide-range architectural issues <architecture-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/architecture-discuss/>
List-Post: <mailto:architecture-discuss@ietf.org>
List-Help: <mailto:architecture-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Jun 2023 08:26:30 -0000

On 22.06.23 09:23, Martin Thomson wrote:
> On Thu, Jun 22, 2023, at 16:52, Eliot Lear wrote:
>>>   From my perspective, devices are relevant only to the extent that they are agents of or proxies for people.
>> They all are, and the program text indicated that they were in scope.
> Hi Eliot,
>
> I carefully worded this and I think that your conception of this is different than mine.
>
> My phone is a physical device that is, most of the time, acting as an agent for me.  Same as my laptop.  In many cases, the identity of that device also acts as a proxy for my identity (such as when sites track me using my IP address, but let's not get into that).
>
> I don't agree that a humidity sensor in an office building fits either of those categories.  Or the whatsit that regulates the speed of an escalator.  Or the doodad that regulates the temperature in heated car seats.  Or the numerous other "devices" that might exist.  Sure, these devices all work toward human goals, but they are not an agent for a human in the direct sense that I intended. It is not useful to consider these a proxy for a human either.

Ok, we disagree that proxying is a meaningful concept here, but assuming 
that for the moment, given how well trodden user-centric identity is in 
both industry and academia (see for example [1,2,3]), the program 
amounts to either “Did we miss anything?” or “What other industry and 
academia work needs to be brought into the IETF or other venues?”

Either case will require external participation, something that programs 
are not good at, and the program runs the risk of Yet Another Conference 
Syndrome (YACS).  My suggestion would be for the IAB to at least toy 
with the idea of running some sort of a joint program with other 
organizations like FIDO, GÉANT, OASIS, etc.  This has happened in the 
past at the workshop level (cf, STRINT, RFC 7687).

Eliot

[1] https://www.kuppingercole.com/events/eic2023
[2] https://identiverse.com/
[3] https://diceurope.org/



>
> I explicitly want those devices left out of any human-oriented discussion of identity systems, not because they aren't relevant in some ways, but because the narrower goal is helpful in focusing the discussion.  We can simultaneously recognize that the universe is all connected, but not let ourselves get paralyzed by bringing all the things into all the discussions.
>

v2.23.0 | Report a Bug | By Email