IETF Logo Mail Archive

Re: [arch-d] Proposed IAB program on Wholistic Human-Oriented Discussions on Identity Systems (WHODIS)

Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com> Wed, 28 June 2023 22:11 UTC

Return-Path: <rifaat.s.ietf@gmail.com>
X-Original-To: architecture-discuss@ietfa.amsl.com
Delivered-To: architecture-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2EBCBC15106B for <architecture-discuss@ietfa.amsl.com>; Wed, 28 Jun 2023 15:11:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.094
X-Spam-Level:
X-Spam-Status: No, score=-7.094 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q3o4hLVuPKwW for <architecture-discuss@ietfa.amsl.com>; Wed, 28 Jun 2023 15:11:23 -0700 (PDT)
Received: from mail-wm1-x330.google.com (mail-wm1-x330.google.com [IPv6:2a00:1450:4864:20::330]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9A9D5C14F747 for <architecture-discuss@ietf.org>; Wed, 28 Jun 2023 15:11:23 -0700 (PDT)
Received: by mail-wm1-x330.google.com with SMTP id 5b1f17b1804b1-3fa96fd79feso308135e9.2 for <architecture-discuss@ietf.org>; Wed, 28 Jun 2023 15:11:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1687990282; x=1690582282; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=/bF41I+9fwkGKEioJMHBH1klcNBhDiFjjd5oywD/ZaU=; b=auUrM7PVXCdEZpabUDpH7evKTYSbJx3yCswmRskFuJVB7cd1ZY/7ED0T5FKiLjDJeW oeJwcpRDfPqjOcU7DaxS/Uumqazb4nlhCZtnsQL3Ctiy1PdzEoxPYAgJ9R9Q435EWVu2 ttlGpB8URPUcb+gGvsJAjrZpTQ62JL6qjJzddf2YQ+MIbxJ5jLz1SO057500Q1Jr1cpX fjoZq/6lSnEBYxkxwYIQOo8zVnmTeCYZ6hQSlhRkR7hFNWUPrxlRa/rc+lGvVDVTYeGy +ilfCtsvtm8aV6bZ2+Xj7x2pRLTkOjZ6pB6PS02JLgWCoCiIwIR6rnUc0TBJlEKVuSPZ hA7g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1687990282; x=1690582282; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=/bF41I+9fwkGKEioJMHBH1klcNBhDiFjjd5oywD/ZaU=; b=G2hC0Cslq+kr3gf5DkC9Fihgo8Yf2V+3t2c4ZwikIQVJrLIMzdF70yNoyFCnZh53tX VgboM3x6h0ZbFvYcvW9G/Kkbjd9QieaF5c/IaDWfE4cY7r0DFkrvLf4a9539vGc4ll0m KnGtY2b0AoJTAC/rHftDXqEyA2nLOglhTUfKjbYt8wSLt53WC0DDmsTNlg5JaCMN3GzJ N4QGf1aO1/FKxKxisG+k9mLalgUqIdaj3luxii24tlipWmzdXXX7MGla+wUCGm1YL+mR sXBvVP05Pgsk5v471zwEL4by6ZIOX0bPaSAqFw9q/0i4C66Xmk3mVPmUSsFiv/FHZbeN lkSg==
X-Gm-Message-State: AC+VfDzIx1UreF4sF6iZnuG5Ld2qBa9afE9oyT/L1sBon4idk5/jR9Gh 3FCe4KnRilfTiYS8lqS8reuj+VsQfKoNSrL2os8=
X-Google-Smtp-Source: ACHHUZ45U97qrJ4GUr15IH4N8FkZuSojDlLQzgENEF/mjWtyGvkShIfIf4fMwi2+cp+4E3OTJKNlxe6EJdD7/HvOHh4=
X-Received: by 2002:adf:ef42:0:b0:314:c14:64d2 with SMTP id c2-20020adfef42000000b003140c1464d2mr2579718wrp.42.1687990281664; Wed, 28 Jun 2023 15:11:21 -0700 (PDT)
MIME-Version: 1.0
References: <d65583b8-7706-ddbd-1430-ba353e05bfee@lear.ch> <0439cbdf-fe23-4ffd-8b43-3d1494d7eb73@betaapp.fastmail.com> <47a9db87-9e08-4c7c-c213-68ee36aa0385@lear.ch> <f280e3ff-e498-47e8-aac5-1f320b47c827@betaapp.fastmail.com> <CADNypP_csCfe1W4ZMUhtQkurDKS+=FBDiGY7OaW4b37ipoKckQ@mail.gmail.com> <e553cc3e-5c3e-46e9-baf1-fe41af2e90c1@betaapp.fastmail.com> <CADNypP8WPOoPkFfn5o-dbRB50bXRT2yvhA6Y18RcrkRsJLb14w@mail.gmail.com> <4a2c5184-692b-4e2c-b1e8-7e480c60e897@betaapp.fastmail.com> <DBAPR83MB0422C8933498E0924D2C7F1B9124A@DBAPR83MB0422.EURPRD83.prod.outlook.com> <f669ff24-b9de-f320-4aae-b403903a74aa@huitema.net> <ZJyCp059sflHuQjb@faui48e.informatik.uni-erlangen.de> <CAD9ie-uERTXZy=Y+nc7CN7xWvEDSz5iTCPkFiQpNKCh4UFox2A@mail.gmail.com>
In-Reply-To: <CAD9ie-uERTXZy=Y+nc7CN7xWvEDSz5iTCPkFiQpNKCh4UFox2A@mail.gmail.com>
From: Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com>
Date: Wed, 28 Jun 2023 18:10:53 -0400
Message-ID: <CADNypP_Jydw1xLeY+SK0KWSQNVTxBuRF6tCOaLJ8hj_cdCuvBg@mail.gmail.com>
To: Dick.Hardt@gmail.com
Cc: Toerless Eckert <tte@cs.fau.de>, Pieter Kasselman <pieter.kasselman=40microsoft.com@dmarc.ietf.org>, "architecture-discuss@ietf.org" <architecture-discuss@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000001f7ac405ff37dd0c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/architecture-discuss/kr-U-idxPjXMg1Hcy4AiXiPeASA>
Subject: Re: [arch-d] Proposed IAB program on Wholistic Human-Oriented Discussions on Identity Systems (WHODIS)
X-BeenThere: architecture-discuss@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: open discussion forum for long/wide-range architectural issues <architecture-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/architecture-discuss/>
List-Post: <mailto:architecture-discuss@ietf.org>
List-Help: <mailto:architecture-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Jun 2023 22:11:28 -0000

On Wed, Jun 28, 2023 at 4:19 PM Dick Hardt <dick.hardt@gmail.com> wrote:

> First off, I love the WHODIS title. :)
>
> Having worked on "identity" for a couple decades now, I have found the
> term to cause significant confusion. "identity" is like the elephant being
> described by the blind men. The elephant's leg and trunk are similar in
> many ways -- but they are not the same thing -- but people will each be
> using the term "identity" to describe what they are talking about. They are
> both right in that the leg and trunk are part of an elephant, but "leg" and
> "trunk" would be better terms.
>
> For example, in marketing parlance, the term identity is how a person or
> firm presents themselves. For example https://identity.coop is about
> projecting your cooperative identity.
>
> In the proposed program, "identities" is being used instead of identifiers
> when discussing email addresses etc. "Identities built on OAuth" does not
> make sense to me as a phrase (an RFC I am very familiar with). The lack of
> precision in the terms used in the proposal is alarming to me.
>

I agree that there is a lack of precision here, which was also pointed out
by Ekr.
In fact, one of the motivations for this effort is to address these gaps in
the understanding of these basic identity concepts in the wider community.

Regards,
 Rifaat





>
> The IETF has a storied history with respect to working on identity. The
> OpenID Foundation would not have been created if the IETF would have
> engaged in identity back when OpenID was proposed to be worked on in the
> IETF.
>
> In this thread, a major functional hole is touched on -- the lack of
> reusable digital claims -- IE how do we share a claim made by a trusted
> issuer to a relying party. This of course is only part of what makes up a
> person's identity, but it is a foundational function IRL that is not widely
> available online. One set of claims where this has been mostly standardized
> and deployed are claims made by an enterprise about employees. SAML / OIDC
> / SCIM allow a user to present a claim that they work at a specific
> company, that they have recently authenticated, and that they belong to
> certain groups, have certain roles, or entitlements. The problem space for
> citizens and consumers is much more complex, and is a many to many
> relationship.
>
> While this is a problem, there are numerous standards that could be used
> to solve it. While it is possible that we don't yet have the right
> standard, the challenge is around alignment and adoption, and it is not
> clear to me what role the IETF could or should play to address that
> challenge.
>
> Having said that and rambled on somewhat, I think it would be very
> valuable for the IETF to have a lay of the land of identity and get a sense
> for which parts are in scope for IETF, and which parts are out of scope and
> that others are working on that IETF can coordinate with. Will this be a
> scheduled meeting in SF?
>
> There is significant existing work from the identity community for the
> IETF to build upon. Off the top of my head are:
>
> The late Kim Cameron's Laws of Identity (2005)
> https://www.identityblog.com/?p=352
> My Identity 2.0 talk (2006) https://youtu.be/JzuCE7lDYrM -- popularized
> the concept of user centric identity as well as high slide count
> presentations
>
> /Dick
>
>
>
>
>
>
>
>
>
>
>
>
>
> People will use "auth" as a shorthand for authentication, not realizing it
> could also be short for authorization, or intentionally cnflating the two.
>
>
> On Wed, Jun 28, 2023 at 11:58 AM Toerless Eckert <tte@cs.fau.de> wrote:
>
>> +1. Well said.
>>
>> IMHO, such credentials solution are not only a challenge butalso an
>> opportunity for work in IETF. Such as for anonymized authorizations.
>>
>> E.g.: Imagine instead of having to show a drivers license when buying
>> alcohol and
>> worst case the drivers license is scanned and abused for identity fraud.
>> Instead you perform
>> an anonymous authorization that you are over 18 by NFC via your cell
>> phone.
>>
>> Not too difficult to imagine how to do this technically, but certainly
>> hard to believe that
>> current business and government entities would design such solution that
>> your
>> privacy / anonymity is maximized.
>>
>> Obviously this is likely also where there might be a commercial interest
>> of sponsors
>> of IETF participants to develop standardized solutions for exactly this
>> type of use cases,
>> but really making sure that those solutions will then still protect your
>> privacy against
>> those commercial entities that contributed to the IETF effort, that is
>> our IETF challenge -
>> or limitation.
>>
>> Cheers
>>     Toerless
>>
>> On Wed, Jun 28, 2023 at 11:25:35AM -0700, Christian Huitema wrote:
>> >
>> >
>> > On 6/28/2023 6:17 AM, Pieter Kasselman wrote:
>> > > Martin, I read the "Human Oriented Discussion" part of the title as a
>> statement about making the discussion accessible to humans (all of us who
>> are not identity experts), not excluding machines (devices and workloads).
>> The proposed program text clearly calls those out as being in scope.
>> > >
>> > > Authorization decisions (part of an identity system) needs to take
>> into account all identities (human and machine) acting on a resource. There
>> are also examples of machine identities accessing sensitive data, even when
>> there is no user present (batch processes for example).
>> > >
>> > > Given the rapid growth of machine identities, the shortage of
>> expertise in the identity field, the rising need for
>> multi-cloud/multi-platform systems (and managing identities in those
>> environments), the move towards least privilege systems and the changing
>> threat landscape (a compromised device identity may be far more impactful
>> than a compromised human identity), this may well be one of the most useful
>> areas of exploration.
>> >
>> > I am worried about "human oriented" for another reason. As EKR said, a
>> lot
>> > of what we handle are "credentials", such as authorizations to use a
>> > particular resource on the Internet. There is of course a lot of work
>> to be
>> > done to properly manage credentials, but moving from "credentials" to
>> "human
>> > oriented identity" implies something else: that a set of credentials is
>> > linked to the identity of a particular human person. And that makes me
>> > shudder, because this ties directly to tracking people activities
>> around the
>> > Internet.
>> >
>> > Separating "credentials" from "human identity" is a pretty important
>> tool
>> > for privacy. It allows people to compartment their activities, so that
>> for
>> > example your activities in a church, in a sport club or in a work place
>> are
>> > not linked. It also allow credentials to be shared by groups of people,
>> so
>> > that outsiders cannot easily track which person in the group engaged in
>> a
>> > specific activity.
>> >
>> > I can see how governments and businesses would like linking credentials
>> to a
>> > specific human person. Advertisements would be so much more relevant!
>> Laws
>> > about viewing ages would be so easier to enforce! The police would be so
>> > much more efficient! Cheating spouses would be so easy to find out! But
>> > then, these very reasons are why "unique Internet identity" is so
>> > controversial.
>> >
>> > If the IAB does proceed with this Human-Oriented Identity program, I
>> sure
>> > hope that treating privacy issues and providing privacy guarantees will
>> be
>> > the number one priority.
>> >
>> > -- Christian Huitema
>> >
>> >
>> > _______________________________________________
>> > Architecture-discuss mailing list
>> > Architecture-discuss@ietf.org
>> > https://www.ietf.org/mailman/listinfo/architecture-discuss
>>
>> --
>> ---
>> tte@cs.fau.de
>>
>> _______________________________________________
>> Architecture-discuss mailing list
>> Architecture-discuss@ietf.org
>> https://www.ietf.org/mailman/listinfo/architecture-discuss
>>
> _______________________________________________
> Architecture-discuss mailing list
> Architecture-discuss@ietf.org
> https://www.ietf.org/mailman/listinfo/architecture-discuss
>

v2.23.0 | Report a Bug | By Email