Re: [Din] WSJ article on Identity and Blockchains
Thomas Hardjono <hardjono@mit.edu> Sun, 08 April 2018 20:41 UTC
Return-Path: <hardjono@mit.edu>
X-Original-To: din@ietfa.amsl.com
Delivered-To: din@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 26A3A12D7F3 for <din@ietfa.amsl.com>; Sun, 8 Apr 2018 13:41:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s1np5PGJbKpy for <din@ietfa.amsl.com>; Sun, 8 Apr 2018 13:41:31 -0700 (PDT)
Received: from dmz-mailsec-scanner-4.mit.edu (dmz-mailsec-scanner-4.mit.edu [18.9.25.15]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7A7671205D3 for <din@irtf.org>; Sun, 8 Apr 2018 13:41:31 -0700 (PDT)
X-AuditID: 1209190f-42dff700000020d2-13-5aca7e7ae737
Received: from mailhub-auth-1.mit.edu ( [18.9.21.35]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-4.mit.edu (Symantec Messaging Gateway) with SMTP id 98.0C.08402.A7E7ACA5; Sun, 8 Apr 2018 16:41:30 -0400 (EDT)
Received: from outgoing-exchange-3.mit.edu (OUTGOING-EXCHANGE-3.MIT.EDU [18.9.28.13]) by mailhub-auth-1.mit.edu (8.13.8/8.9.2) with ESMTP id w38KfT0d026766; Sun, 8 Apr 2018 16:41:29 -0400
Received: from OC11EXEDGE4.EXCHANGE.MIT.EDU (OC11EXEDGE4.EXCHANGE.MIT.EDU [18.9.3.27]) by outgoing-exchange-3.mit.edu (8.13.8/8.12.4) with ESMTP id w38KfRR1013442; Sun, 8 Apr 2018 16:41:27 -0400
Received: from W92EXCAS22.exchange.mit.edu (18.7.71.37) by OC11EXEDGE4.EXCHANGE.MIT.EDU (18.9.3.27) with Microsoft SMTP Server (TLS) id 14.3.235.1; Sun, 8 Apr 2018 16:41:11 -0400
Received: from OC11EXPO33.exchange.mit.edu ([169.254.1.111]) by w92excas22.exchange.mit.edu ([18.7.71.37]) with mapi id 14.03.0352.000; Sun, 8 Apr 2018 16:41:26 -0400
From: Thomas Hardjono <hardjono@mit.edu>
To: "jon.crowcroft@cl.cam.ac.uk" <jon.crowcroft@cl.cam.ac.uk>
CC: "din@irtf.org" <din@irtf.org>
Thread-Topic: [Din] WSJ article on Identity and Blockchains
Thread-Index: AQHTzcUHgLU9VkLMR0+I6ZGjg4OG6aP28xeA///pVR+AAFR/AIAAJgUB
Date: Sun, 08 Apr 2018 20:41:25 +0000
Message-ID: <5E393DF26B791A428E5F003BB6C5342AE73FD85D@OC11EXPO33.exchange.mit.edu>
References: <5E393DF26B791A428E5F003BB6C5342AE73F70FC@OC11EXPO33.exchange.mit.edu> <E1f57in-0004gH-Gx@mta0.cl.cam.ac.uk> <5E393DF26B791A428E5F003BB6C5342AE73FCF8A@OC11EXPO33.exchange.mit.edu>, <CAEeTej+Oc1o4ScV9fvZ-1cWb-YUvN7XhHtx9BAV7uB04Htt3=g@mail.gmail.com>
In-Reply-To: <CAEeTej+Oc1o4ScV9fvZ-1cWb-YUvN7XhHtx9BAV7uB04Htt3=g@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [18.9.1.93]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrLKsWRmVeSWpSXmKPExsUixCmqrFtVdyrK4OpPWYulH/eyWDy4+ITJ gclja+txFo/JGw+zBTBFcdmkpOZklqUW6dslcGVM/veVtWCXU8WDXzPZGxj3mHYxcnJICJhI HGl5ztzFyMUhJLCYSeLX+TdMEM5+Ron392Eyxxglnqx4DpXZxijxYf4sFghnFaPE9tULmECG sQloSLT96GUHsUUEbCUOXjwMZjMLKEp0TW4CqxEWsJJYf289WxcjB1CNtcSe5eEQ5W4Skxcf ZAaxWQRUJL78XAnWyisQJLFn4nVGiF0dTBL/5/1iAUlwCgRKtD94yAZiMwqISXw/tYYJYpe4 xK0n85kgnhOUWDR7DzOELSbxbxdEvYSArMSv0yBDQep1JBbs/sQGYWtLLFv4mhlisaDEyZlP WCYwSsxCMnYWkpZZSFpmIWlZwMiyilE2JbdKNzcxM6c4NVm3ODkxLy+1SNdELzezRC81pXQT IzgOJfl3MM5p8D7EKMDBqMTDO0P1ZJQQa2JZcWXuIUZJDiYlUd6D9sejhPiS8lMqMxKLM+KL SnNSiw8xSnAwK4nw3q06FSXEm5JYWZValA+TkuZgURLnXbR/b5SQQHpiSWp2ampBahFMVoaD Q0mC17gWqFGwKDU9tSItM6cEIc3EwQkynAdouClIDW9xQWJucWY6RP4UozHHpI89PcwcHe+n 9DALseTl56VKifNGgpQKgJRmlObBTYOkUmbpV4ziQM8J87KBVPEA0zDcvFdAq5iAVn1KOAGy qiQRISXVwNgyZS4TA0dZd+gUntr8QxIxzv3bW3yex56P+/98xh/Hu1Ya/so738+f85rBb1VJ fBPDWjXGt+r/zcyvLv3YskHsUFnUZ+Zz5WmPPqUY93748dGsbzNfxPlp7St61sgE3PYoEDn5 r0lJ7dvK0nz/hw8OqUi6PNv2/taaj+xuezb+c01Y/MZxmagSS3FGoqEWc1FxIgBtEGr/gAMA AA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/din/exPQvg_-CwWb86A4W0_H8sK73qY>
Subject: Re: [Din] WSJ article on Identity and Blockchains
X-BeenThere: din@irtf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussion of distributed Internet Infrastructure approaches, aspects such as Service Federation, and underlying technologies" <din.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/din>, <mailto:din-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/din/>
List-Post: <mailto:din@irtf.org>
List-Help: <mailto:din-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/din>, <mailto:din-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 08 Apr 2018 20:41:39 -0000
Thanks Jon, >>> this al sounds excellent - socially rooted, community operated >>> communities - all good - we could think of building instances >>> of this on the infrastructure we've been constructing >>> (i know there are lots of other people building similar, >>> so this is a bit of gratuitous self-aggrandizing:), viz >>> http://www.databoxproject.uk/ Very interesting. In the Kantara Initiative we've been looking it mechanisms for controlling access to "resources" -- which translates to files etc located in a data store (including personal data store). There is the access control aspect & and also the consent/receipts aspect. One thing that would be useful is a "Standardized API" (e.g. REST API) for personal data stores (regardless where they sit, e.g. in Cloud; on Mobile; on Home-PC). Would this (APIs) be something DIN RG could explore? I will take a close look at databoxproject. -- thomas -- ________________________________________ From: crowcroft@gmail.com [crowcroft@gmail.com] on behalf of Jon Crowcroft [jon.crowcroft@cl.cam.ac.uk] Sent: Sunday, April 08, 2018 10:20 AM To: Thomas Hardjono Cc: din@irtf.org Subject: Re: [Din] WSJ article on Identity and Blockchains this al sounds excellent - socially rooted, community operated communities - all good - we could think of building instances of this on the infrastructure we've been constructing (i know there are lots of other people building similar, so this is a bit of gratuitous self-aggrandizing:), viz http://www.databoxproject.uk/ there are some decentralisation movements in the certificate space (CA transparency) as wel as self-certifying address allocation. so I assume there's some hope for using these to bootstrap the platforms-on-demand, safely for communities you're envisaging - we're definitely on same page here! On Sun, Apr 8, 2018 at 3:06 PM, Thomas Hardjono <hardjono@mit.edu<mailto:hardjono@mit.edu>> wrote: Thanks Jon. Aside from the obvious goal of cutting through the current hype about "Self-Sovereign Identity" and how Blockchains (BC) will achieve "my sovereignty", we wanted to communicate to the general reader that the problem of "identity" is not so simple. >>> so you _are_ your social network...in terms of trustworthy identity...sure... No, not so simple, particularly when the social network is FB :-) >>> there's two problems with this though in details... >>> i.e. how we build on this idea technically in the Din context... >>> 1/ its still dependent on technologies, >>> and there's a seperate issue of why we trust them to proxy our social net - >>> i certainly would it find it hard to trust any social media app, running on a cloud platform, >>> using a smart mobile device, to vouch for all these friends & colleagues - too many layers, too many >>> vested interests, too much Cambridge Analytica :) You've hit the nail, as usual - thank you Jon :-) The question is how to capture/use/protect the human-to-human interaction as the basis for trust ("local trust"). Here is an example. So my local town here in the US has a private mailing-list for local residents only. I have to attend town meetings in-person before I can get on to that mailing-list. There is no reason why my local town cannot run their own "social platform" (we are in the age of VMs, Containers, Clouds). It must legally owned by the town/community, and available to residents only (i.e. who pay local tax), etc. How do we create next-gen architectures/protocols/legal that support local communities to interact on their own "social platform" , and become the starting point for "trust" that can scale out (called "local trust" in the WSJ paper). I think there is huge role for DIN to help. For the future distributed Internet infrastructure, is it possible to have the following: -- Can my town obtain a "social-platform-on-demand" from a cloud service provider. -- Can I legally prevent the service-operator from "making use" of my data (yes they still may be able to steal my data). -- Can I retain legal ownership of my data (same with my town). -- Can I encrypt my data on my town's social-platform so that the service-operator doesn't steal it. -- How to do key management. -- How can I use legal smart-contracts to bind the service-operator. -- Etc. etc. lots more questions for DIN RG. >>> 2/ I though many people in the security community were moving away from >>> proving identity, towards systems that prove entitlement (i.e. credentials >>> are on a need-to-know basis, so if you were say 19, you don't need to say yur age or show id, >>> but you can't buy a drink in cambridge MA, but you can in cambridge, UK :) Yes, correct. Currently people are focusing on proving entitlements via signed assertions. Great, no issue there. But the real question is about the *data* and *algorithms* behind those assertions (that impact my life, like credit-score): -- How do I know that an organization has subject-data about me (usual questions of "how, what, when, what are you doing to my data"). -- What is the provenance of the data in their possession (Did they get it from a data-aggregator? Do they even know?) -- Does the data set have in-built bias? (not intentionally) -- Is the data "fair" (fairness in the sense of machine learning). -- What is the accuracy of the algorithms computed on my data. Does it propagate the bias in the data. -- Do I get to see the algorithms that impact my life. -- Can I hire an expert to provide objective review of these algorithms. -- etc. etc. etc. >>> bootstrapping something from a BC to provide the credentials is also problematic, in that >>> BC needs a PKI to know whether nodes are not sybils, spoofs, etc, so we have a circular dependance, no? Yes, agree. There is need to revisit PKI again, maybe opportunity in DIN RG to improve it. Hashing an identifier (and back-links) to a BC doesn't help the identity/trust problems. Hashing a pub-key to a BC also doesn't add much. >>> maybe i missed an important step, if so, sorry! Nope, you are on the right track :-) Hope you can help solve some these problems. Best. -- thomas -- ________________________________________ From: Jon Crowcroft [Jon.Crowcroft@cl.cam.ac.uk<mailto:Jon.Crowcroft@cl.cam.ac.uk>] Sent: Sunday, April 08, 2018 6:38 AM To: Thomas Hardjono Cc: din@irtf.org<mailto:din@irtf.org>; Jon Crowcroft Subject: Re: [Din] WSJ article on Identity and Blockchains very nice article... so you _are_ your social network...in terms of trustworthy identity...sure... there's two problems with this though in details... i.e. how we build on this idea technically in the Din context... 1/ its still dependent on technologies, and there's a seperate issue of why we trust them to proxy our social net - i certainly would it find it hard to trust any social media app, running on a cloud platform, using a smart mobile device, to vouch for all these friends & colleagues - too many layers, too many vested interests, too much Cambridge Analytica :) 2/ I though many people in the security community were moving away from proving identity, towards systems that prove entitlement (i.e. credentials are on a need-to-know basis, so if you were say 19, you don't need to say yur age or show id, but you can't buy a drink in cambridge MA, but you can in cambridge, UK :) bootstrapping something from a BC to provide the credentials is also problematic, in that BC needs a PKI to know whether nodes are not sybils, spoofs, etc, so we have a circular dependance, no? maybe i missed an important step, if so, sorry! > Folks, > > I thought to share this WSJ article with the DIN group. Relevant in the > light of recent interest in using BC for identity. > > Advance apologies if it offends some people :-) > > https://blogs.wsj.com/cio/2018/04/03/digital-identity-is-broken-heres-a-way-to-fix-it/ > > > Below is a link to a PDF version. > > http://hardjono.mit.edu/sites/default/files/documents/WSJ_Digital_Identity_is_Broken.pdf > > > Best > > -- thomas -- > > _______________________________________________ > Din mailing list > Din@irtf.org<mailto:Din@irtf.org> > https://www.irtf.org/mailman/listinfo/din >
- [Din] WSJ article on Identity and Blockchains Thomas Hardjono
- Re: [Din] WSJ article on Identity and Blockchains Brian E Carpenter
- Re: [Din] WSJ article on Identity and Blockchains Jon Crowcroft
- Re: [Din] WSJ article on Identity and Blockchains Thomas Hardjono
- Re: [Din] WSJ article on Identity and Blockchains Jon Crowcroft
- Re: [Din] WSJ article on Identity and Blockchains Thomas Hardjono
- Re: [Din] WSJ article on Identity and Blockchains Arjuna Sathiaseelan
- Re: [Din] WSJ article on Identity and Blockchains Brian E Carpenter
- Re: [Din] WSJ article on Identity and Blockchains Thomas Hardjono
- Re: [Din] WSJ article on Identity and Blockchains Diego R. Lopez
- Re: [Din] WSJ article on Identity and Blockchains Brian E Carpenter
- Re: [Din] WSJ article on Identity and Blockchains David Mazieres
- Re: [Din] WSJ article on Identity and Blockchains Thomas Hardjono
- Re: [Din] WSJ article on Identity and Blockchains Brian E Carpenter
- Re: [Din] WSJ article on Identity and Blockchains David Mazieres
- Re: [Din] WSJ article on Identity and Blockchains Arjuna Sathiaseelan
- Re: [Din] WSJ article on Identity and Blockchains Brian E Carpenter
- Re: [Din] WSJ article on Identity and Blockchains Jehan Tremback
- Re: [Din] WSJ article on Identity and Blockchains Brian E Carpenter
- Re: [Din] WSJ article on Identity and Blockchains Jehan Tremback