IETF Logo Mail Archive

Re: [arch-d] Proposed IAB program on Wholistic Human-Oriented Discussions on Identity Systems (WHODIS)

Mirja Kuehlewind <ietf@kuehlewind.net> Mon, 26 June 2023 07:50 UTC

Return-Path: <ietf@kuehlewind.net>
X-Original-To: architecture-discuss@ietfa.amsl.com
Delivered-To: architecture-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2F053C151700 for <architecture-discuss@ietfa.amsl.com>; Mon, 26 Jun 2023 00:50:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PX1zfQFo45TT for <architecture-discuss@ietfa.amsl.com>; Mon, 26 Jun 2023 00:49:56 -0700 (PDT)
Received: from wp513.webpack.hosteurope.de (wp513.webpack.hosteurope.de [80.237.130.35]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BC650C15170B for <architecture-discuss@ietf.org>; Mon, 26 Jun 2023 00:49:56 -0700 (PDT)
Received: from dslb-002-205-104-196.002.205.pools.vodafone-ip.de ([2.205.104.196] helo=smtpclient.apple); authenticated by wp513.webpack.hosteurope.de running ExIM with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) id 1qDgyv-0004Qr-3I; Mon, 26 Jun 2023 09:49:53 +0200
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.600.7\))
From: Mirja Kuehlewind <ietf@kuehlewind.net>
In-Reply-To: <bf21ab40-593b-a598-5f69-1bc58ca23667@lear.ch>
Date: Mon, 26 Jun 2023 09:49:42 +0200
Cc: Martin Thomson <mt@lowentropy.net>, Christopher Wood <caw@heapingbits.net>, architecture-discuss@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <0AC1322F-3043-4102-8C8A-8A7F6B1C3223@kuehlewind.net>
References: <17514E09-F39D-425C-970C-BC14C70F15B9@heapingbits.net> <d65583b8-7706-ddbd-1430-ba353e05bfee@lear.ch> <0439cbdf-fe23-4ffd-8b43-3d1494d7eb73@betaapp.fastmail.com> <47a9db87-9e08-4c7c-c213-68ee36aa0385@lear.ch> <f280e3ff-e498-47e8-aac5-1f320b47c827@betaapp.fastmail.com> <bf21ab40-593b-a598-5f69-1bc58ca23667@lear.ch>
To: Eliot Lear <lear@lear.ch>
X-Mailer: Apple Mail (2.3731.600.7)
X-bounce-key: webpack.hosteurope.de;ietf@kuehlewind.net;1687765796;8558890c;
X-HE-SMSGID: 1qDgyv-0004Qr-3I
Archived-At: <https://mailarchive.ietf.org/arch/msg/architecture-discuss/a758_dJSDeuZ9vytbXgyM9hvMPo>
Subject: Re: [arch-d] Proposed IAB program on Wholistic Human-Oriented Discussions on Identity Systems (WHODIS)
X-BeenThere: architecture-discuss@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: open discussion forum for long/wide-range architectural issues <architecture-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/architecture-discuss/>
List-Post: <mailto:architecture-discuss@ietf.org>
List-Help: <mailto:architecture-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Jun 2023 07:50:01 -0000

Hi Eliot, hi all,

On your last point, from my point of view the purpose if this program is not to invent new technology or do research (these things should be done in working or research groups) but to actually connect the existing pieces together or identify gaps. This might mean working with other orgs, potential the ones you mentioned below, and we very likely want to organise a worksop, however, even these things are not fully clear to us now and need more discussion to get the scope and involved people/orgs right. That’s why we believe program might be a good option to provide a slightly more organised venue for this kind of discussion (than just a mailing list and some side meetings).

Mirja



> On 22. Jun 2023, at 10:26, Eliot Lear <lear@lear.ch> wrote:
> 
> 
> On 22.06.23 09:23, Martin Thomson wrote:
>> On Thu, Jun 22, 2023, at 16:52, Eliot Lear wrote:
>>>>  From my perspective, devices are relevant only to the extent that they are agents of or proxies for people.
>>> They all are, and the program text indicated that they were in scope.
>> Hi Eliot,
>> 
>> I carefully worded this and I think that your conception of this is different than mine.
>> 
>> My phone is a physical device that is, most of the time, acting as an agent for me.  Same as my laptop.  In many cases, the identity of that device also acts as a proxy for my identity (such as when sites track me using my IP address, but let's not get into that).
>> 
>> I don't agree that a humidity sensor in an office building fits either of those categories.  Or the whatsit that regulates the speed of an escalator.  Or the doodad that regulates the temperature in heated car seats.  Or the numerous other "devices" that might exist.  Sure, these devices all work toward human goals, but they are not an agent for a human in the direct sense that I intended. It is not useful to consider these a proxy for a human either.
> 
> Ok, we disagree that proxying is a meaningful concept here, but assuming that for the moment, given how well trodden user-centric identity is in both industry and academia (see for example [1,2,3]), the program amounts to either “Did we miss anything?” or “What other industry and academia work needs to be brought into the IETF or other venues?”
> 
> Either case will require external participation, something that programs are not good at, and the program runs the risk of Yet Another Conference Syndrome (YACS).  My suggestion would be for the IAB to at least toy with the idea of running some sort of a joint program with other organizations like FIDO, GÉANT, OASIS, etc.  This has happened in the past at the workshop level (cf, STRINT, RFC 7687).
> 
> Eliot
> 
> [1] https://www.kuppingercole.com/events/eic2023
> [2] https://identiverse.com/
> [3] https://diceurope.org/
> 
> 
> 
>> 
>> I explicitly want those devices left out of any human-oriented discussion of identity systems, not because they aren't relevant in some ways, but because the narrower goal is helpful in focusing the discussion.  We can simultaneously recognize that the universe is all connected, but not let ourselves get paralyzed by bringing all the things into all the discussions.
>> 
> <OpenPGP_0x87B66B46D9D27A33.asc>_______________________________________________
> Architecture-discuss mailing list
> Architecture-discuss@ietf.org
> https://www.ietf.org/mailman/listinfo/architecture-discuss

v2.23.0 | Report a Bug | By Email