Re: [Din] WSJ article on Identity and Blockchains
Jon Crowcroft <jon.crowcroft@cl.cam.ac.uk> Sun, 08 April 2018 14:20 UTC
Return-Path: <crowcroft@gmail.com>
X-Original-To: din@ietfa.amsl.com
Delivered-To: din@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CE55B127444 for <din@ietfa.amsl.com>; Sun, 8 Apr 2018 07:20:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.4
X-Spam-Level:
X-Spam-Status: No, score=-1.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.25, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jd9xQkUKrEvu for <din@ietfa.amsl.com>; Sun, 8 Apr 2018 07:20:14 -0700 (PDT)
Received: from mail-wr0-x235.google.com (mail-wr0-x235.google.com [IPv6:2a00:1450:400c:c0c::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 97F20126DED for <din@irtf.org>; Sun, 8 Apr 2018 07:20:13 -0700 (PDT)
Received: by mail-wr0-x235.google.com with SMTP id c24so5870771wrc.6 for <din@irtf.org>; Sun, 08 Apr 2018 07:20:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=a9o9q0JVmPUquSNtTL5JKse3oeTaMmYuc4uqM8os3vA=; b=M6mma9aYexUEoHtoFJ7QXLt7QWaBO6Qtibr9UmjKov/rhtw/FOSpv9wfqelNpgIPha Ksfd2KJC9dz78KTy+qQEeXzNDWjXezOzN09fZpyU51RXB5jr9t1QSV/OL8yka2zr+wxD FUui7wIjSGzxEiFL/0T2OcVVx2BgTuoTy9YUtqPOZvA65hns4aIKkugKuY+7TomHjZW+ 6BLBnNbZeNslXY9XRfTIgV5CZldGNTUTUV9naS8azAIUrhAUl9yAN1yEcNj6OllyGKBG EvqkdHyvygZkc+5KDnGkqiDFuWJBDAmlsOTJY+x8AxRM1hLl8S7rIXFKqE8rPoCfDxH2 xM7g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=a9o9q0JVmPUquSNtTL5JKse3oeTaMmYuc4uqM8os3vA=; b=lJHW1QNNVpPkpiHN7Fy0S3DdmsjnT7PZ8OQMMqkPfFLYGw57cLW2sla1InbXfQqmXp U3UO6B6E0fwGmj6xc4p3JKhZwlulmH86wLozNziGA6ipwcOxSvF7cZ+X0JS9jy59QhXq hiFkdpsU0qtmI3o07+i4rR/OVhGUSx/+r99esg/zFVmwFL3s463nqIpE4nz18sHgJXHG CMTjYWC789RDrdM366d591yaRM3cSGWNSJUItJF1OuCL+xivfOldreh0C0nJEYo0G7/Z xMS2AH7rjIzPohZwzIa93IUdf8qQy37086GqJ8nrV4tKECFFA+JHYtjUX/EWFL2a8RFT ZmMw==
X-Gm-Message-State: ALQs6tCkVnqrRrJSmwtmVo+ijZFQcwQHdR1jUpMecvAh6gHcJMvGOxII LzbvXiLadXe6eU2HKNcET0Ovnqzrh8jXXmB+fjA=
X-Google-Smtp-Source: AIpwx49stqjJQ+E98RHnP8AQCL/2NhIoRU3BJSVNCKgd+QtnHiBqG5bntZaGYmoIiNZ+1tucbuuxAsg6NQtlAysQUGE=
X-Received: by 10.223.219.10 with SMTP id s10mr4237383wri.241.1523197212043; Sun, 08 Apr 2018 07:20:12 -0700 (PDT)
MIME-Version: 1.0
Sender: crowcroft@gmail.com
Received: by 10.28.167.86 with HTTP; Sun, 8 Apr 2018 07:20:10 -0700 (PDT)
In-Reply-To: <5E393DF26B791A428E5F003BB6C5342AE73FCF8A@OC11EXPO33.exchange.mit.edu>
References: <5E393DF26B791A428E5F003BB6C5342AE73F70FC@OC11EXPO33.exchange.mit.edu> <E1f57in-0004gH-Gx@mta0.cl.cam.ac.uk> <5E393DF26B791A428E5F003BB6C5342AE73FCF8A@OC11EXPO33.exchange.mit.edu>
From: Jon Crowcroft <jon.crowcroft@cl.cam.ac.uk>
Date: Sun, 08 Apr 2018 15:20:10 +0100
X-Google-Sender-Auth: voWVgPUn_JfDNDC5KJlfOe4hzbA
Message-ID: <CAEeTej+Oc1o4ScV9fvZ-1cWb-YUvN7XhHtx9BAV7uB04Htt3=g@mail.gmail.com>
To: Thomas Hardjono <hardjono@mit.edu>
Cc: "din@irtf.org" <din@irtf.org>
Content-Type: multipart/alternative; boundary="883d24f249c4bf2d75056956fcb7"
Archived-At: <https://mailarchive.ietf.org/arch/msg/din/Ne2d7vgYHZTdzhP5OGaWcJZdmtc>
Subject: Re: [Din] WSJ article on Identity and Blockchains
X-BeenThere: din@irtf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussion of distributed Internet Infrastructure approaches, aspects such as Service Federation, and underlying technologies" <din.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/din>, <mailto:din-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/din/>
List-Post: <mailto:din@irtf.org>
List-Help: <mailto:din-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/din>, <mailto:din-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 08 Apr 2018 14:20:17 -0000
this al sounds excellent - socially rooted, community operated communities - all good - we could think of building instances of this on the infrastructure we've been constructing (i know there are lots of other people building similar, so this is a bit of gratuitous self-aggrandizing:), viz http://www.databoxproject.uk/ there are some decentralisation movements in the certificate space (CA transparency) as wel as self-certifying address allocation. so I assume there's some hope for using these to bootstrap the platforms-on-demand, safely for communities you're envisaging - we're definitely on same page here! On Sun, Apr 8, 2018 at 3:06 PM, Thomas Hardjono <hardjono@mit.edu> wrote: > > Thanks Jon. > > Aside from the obvious goal of cutting through the current hype about > "Self-Sovereign Identity" and how Blockchains (BC) will achieve "my > sovereignty", we wanted to communicate to the general reader that the > problem of "identity" is not so simple. > > >>> so you _are_ your social network...in terms of trustworthy > identity...sure... > > No, not so simple, particularly when the social network is FB :-) > > > >>> there's two problems with this though in details... > >>> i.e. how we build on this idea technically in the Din context... > > >>> 1/ its still dependent on technologies, > >>> and there's a seperate issue of why we trust them to proxy our social > net - > >>> i certainly would it find it hard to trust any social media app, > running on a cloud platform, > >>> using a smart mobile device, to vouch for all these friends & > colleagues - too many layers, too many > >>> vested interests, too much Cambridge Analytica :) > > You've hit the nail, as usual - thank you Jon :-) > > The question is how to capture/use/protect the human-to-human interaction > as the basis for trust ("local trust"). > > Here is an example. So my local town here in the US has a private > mailing-list for local residents only. I have to attend town meetings > in-person before I can get on to that mailing-list. > > There is no reason why my local town cannot run their own "social > platform" (we are in the age of VMs, Containers, Clouds). It must legally > owned by the town/community, and available to residents only (i.e. who pay > local tax), etc. > > How do we create next-gen architectures/protocols/legal that support local > communities to interact on their own "social platform" , and become the > starting point for "trust" that can scale out (called "local trust" in the > WSJ paper). > > > I think there is huge role for DIN to help. For the future distributed > Internet infrastructure, is it possible to have the following: > > -- Can my town obtain a "social-platform-on-demand" from a cloud service > provider. > -- Can I legally prevent the service-operator from "making use" of my data > (yes they still may be able to steal my data). > -- Can I retain legal ownership of my data (same with my town). > -- Can I encrypt my data on my town's social-platform so that the > service-operator doesn't steal it. > -- How to do key management. > -- How can I use legal smart-contracts to bind the service-operator. > -- Etc. etc. lots more questions for DIN RG. > > > > >>> 2/ I though many people in the security community were moving away from > >>> proving identity, towards systems that prove entitlement (i.e. > credentials > >>> are on a need-to-know basis, so if you were say 19, you don't need to > say yur age or show id, > >>> but you can't buy a drink in cambridge MA, but you can in cambridge, > UK :) > > Yes, correct. Currently people are focusing on proving entitlements via > signed assertions. Great, no issue there. But the real question is about > the *data* and *algorithms* behind those assertions (that impact my life, > like credit-score): > > -- How do I know that an organization has subject-data about me (usual > questions of "how, what, when, what are you doing to my data"). > -- What is the provenance of the data in their possession (Did they get > it from a data-aggregator? Do they even know?) > -- Does the data set have in-built bias? (not intentionally) > -- Is the data "fair" (fairness in the sense of machine learning). > -- What is the accuracy of the algorithms computed on my data. Does it > propagate the bias in the data. > -- Do I get to see the algorithms that impact my life. > -- Can I hire an expert to provide objective review of these algorithms. > -- etc. etc. etc. > > > > >>> bootstrapping something from a BC to provide the credentials is also > problematic, in that > >>> BC needs a PKI to know whether nodes are not sybils, spoofs, etc, so > we have a circular dependance, no? > > Yes, agree. There is need to revisit PKI again, maybe opportunity in DIN > RG to improve it. > > Hashing an identifier (and back-links) to a BC doesn't help the > identity/trust problems. > Hashing a pub-key to a BC also doesn't add much. > > > >>> maybe i missed an important step, if so, sorry! > > Nope, you are on the right track :-) Hope you can help solve some these > problems. > > Best. > > > -- thomas -- > > ________________________________________ > From: Jon Crowcroft [Jon.Crowcroft@cl.cam.ac.uk] > Sent: Sunday, April 08, 2018 6:38 AM > To: Thomas Hardjono > Cc: din@irtf.org; Jon Crowcroft > Subject: Re: [Din] WSJ article on Identity and Blockchains > > very nice article... > > so you _are_ your social network...in terms of trustworthy > identity...sure... > > there's two problems with this though in details... > i.e. how we build on this idea technically in the Din context... > > 1/ its still dependent on technologies, > and there's a seperate issue of why we trust them to proxy our social net - > i certainly would it find it hard to trust any social media app, running > on a cloud platform, > using a smart mobile device, to vouch for all these friends & colleagues - > too many layers, too many > vested interests, too much Cambridge Analytica :) > > 2/ I though many people in the security community were moving away from > proving identity, towards systems that prove entitlement (i.e. credentials > are on a need-to-know basis, so if you were say 19, you don't need to say > yur age or show id, > but you can't buy a drink in cambridge MA, but you can in cambridge, UK :) > > bootstrapping something from a BC to provide the credentials is also > problematic, in that > BC needs a PKI to know whether nodes are not sybils, spoofs, etc, so we > have a circular dependance, no? > > maybe i missed an important step, if so, sorry! > > > > Folks, > > > > I thought to share this WSJ article with the DIN group. Relevant in the > > light of recent interest in using BC for identity. > > > > Advance apologies if it offends some people :-) > > > > https://blogs.wsj.com/cio/2018/04/03/digital-identity- > is-broken-heres-a-way-to-fix-it/ > > > > > > Below is a link to a PDF version. > > > > http://hardjono.mit.edu/sites/default/files/documents/WSJ_ > Digital_Identity_is_Broken.pdf > > > > > > Best > > > > -- thomas -- > > > > _______________________________________________ > > Din mailing list > > Din@irtf.org > > https://www.irtf.org/mailman/listinfo/din > > >
- [Din] WSJ article on Identity and Blockchains Thomas Hardjono
- Re: [Din] WSJ article on Identity and Blockchains Brian E Carpenter
- Re: [Din] WSJ article on Identity and Blockchains Jon Crowcroft
- Re: [Din] WSJ article on Identity and Blockchains Thomas Hardjono
- Re: [Din] WSJ article on Identity and Blockchains Jon Crowcroft
- Re: [Din] WSJ article on Identity and Blockchains Thomas Hardjono
- Re: [Din] WSJ article on Identity and Blockchains Arjuna Sathiaseelan
- Re: [Din] WSJ article on Identity and Blockchains Brian E Carpenter
- Re: [Din] WSJ article on Identity and Blockchains Thomas Hardjono
- Re: [Din] WSJ article on Identity and Blockchains Diego R. Lopez
- Re: [Din] WSJ article on Identity and Blockchains Brian E Carpenter
- Re: [Din] WSJ article on Identity and Blockchains David Mazieres
- Re: [Din] WSJ article on Identity and Blockchains Thomas Hardjono
- Re: [Din] WSJ article on Identity and Blockchains Brian E Carpenter
- Re: [Din] WSJ article on Identity and Blockchains David Mazieres
- Re: [Din] WSJ article on Identity and Blockchains Arjuna Sathiaseelan
- Re: [Din] WSJ article on Identity and Blockchains Brian E Carpenter
- Re: [Din] WSJ article on Identity and Blockchains Jehan Tremback
- Re: [Din] WSJ article on Identity and Blockchains Brian E Carpenter
- Re: [Din] WSJ article on Identity and Blockchains Jehan Tremback