IETF Logo Mail Archive

Re: [Din] WSJ article on Identity and Blockchains

Jehan Tremback <jehan@altheamesh.com> Mon, 23 April 2018 23:31 UTC

Return-Path: <jehan@altheamesh.com>
X-Original-To: din@ietfa.amsl.com
Delivered-To: din@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 319A412DA50 for <din@ietfa.amsl.com>; Mon, 23 Apr 2018 16:31:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.935
X-Spam-Level:
X-Spam-Status: No, score=-1.935 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=messagingengine.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cq9gXHDNEbE7 for <din@ietfa.amsl.com>; Mon, 23 Apr 2018 16:31:14 -0700 (PDT)
Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 62F5F12DA4D for <din@irtf.org>; Mon, 23 Apr 2018 16:31:14 -0700 (PDT)
Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailout.nyi.internal (Postfix) with ESMTP id 6D62D21BF6; Mon, 23 Apr 2018 19:31:13 -0400 (EDT)
Received: from web4 ([10.202.2.214]) by compute6.internal (MEProxy); Mon, 23 Apr 2018 19:31:13 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=Ub0kkO W8dAahJJaDgCRDPRoxwJEaf7yzK0oROZP3FLA=; b=JEBywi7nCOMgQX/DZnyWP+ ohH/arkBXQkg+loZxbNEFKF5cRGZvhZNaQbkmIWLSm5iAi2E545cRbK73OZ06x3y LnL+YTawEWsvyUEaUtGPTM/QGytLtgyi28sVsio2/X7ikB/CxVMNtl34irfxB1aj 4o9ol5Z9jdlr/Z1NyJ1+wJld+IKw6/6B5FUtloO+ycmU17P+SJ1RgzpE2pE9bZzw +dErwz1oCcq3l9fSARFq345oDgyrP8Uoxir/oV4x411qqSrRrhgsrtZwPuufdzET i8cq/bu3g/NMRDBYTCly+b6z+cYujDfPzjyfhVINsIalRsSGVPxv9QQhDHxpsoDQ ==
X-ME-Sender: <xms:wWzeWgx42m5DEwhlN7rVw7Z6ifYbuuJ3MKe5gMp9ul0BtpslKPlEbg>
Received: by mailuser.nyi.internal (Postfix, from userid 99) id E0AB1BA780; Mon, 23 Apr 2018 19:31:12 -0400 (EDT)
Message-Id: <1524526272.2684411.1348280336.4C87EB7F@webmail.messagingengine.com>
From: Jehan Tremback <jehan@altheamesh.com>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>, din@irtf.org
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="utf-8"
X-Mailer: MessagingEngine.com Webmail Interface - ajax-f3006b89
In-Reply-To: <5b0a095f-dbc9-de1d-b317-82d14fd4baa0@gmail.com>
Date: Mon, 23 Apr 2018 16:31:12 -0700
References: <5E393DF26B791A428E5F003BB6C5342AE73F70FC@OC11EXPO33.exchange.mit.edu> <E1f57in-0004gH-Gx@mta0.cl.cam.ac.uk> <CAPaG1Amqd8DehMpvht8zEPzqHg00wqYcUDXb0g-bQebTvbXWzw@mail.gmail.com> <fb88b314-c402-7f39-79ea-01c46fdf16ec@gmail.com> <CAPaG1A=uRzy53zY2LFe6+EnNP2k8aheaAtNm9kXG3MDqU7pU1g@mail.gmail.com> <8dae9467-f190-6903-56d8-99a7effd4954@gmail.com> <1524510617.1799095.1348018112.59AF727D@webmail.messagingengine.com> <5b0a095f-dbc9-de1d-b317-82d14fd4baa0@gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/din/yD4NmxrRt-GPDSENlWMtUozTuX8>
Subject: Re: [Din] WSJ article on Identity and Blockchains
X-BeenThere: din@irtf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussion of distributed Internet Infrastructure approaches, aspects such as Service Federation, and underlying technologies" <din.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/din>, <mailto:din-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/din/>
List-Post: <mailto:din@irtf.org>
List-Help: <mailto:din-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/din>, <mailto:din-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Apr 2018 23:31:16 -0000

There are many jurisdictions in which it may be illegal to sell tokens to people not meeting certain criteria (they must be rich), so sellers must be careful to make sure that the buyers meet this criteria. However, proving this requires a lot of personal information, that the seller neither wants nor needs.

Having a service which would let you set up a smart contract and sell tokens to only those who you are allowed to sell to, while all of their actual personal details remained unknown. Not sure if this is what they are trying to do.

-- 
  Jehan Tremback
  jehan@altheamesh.com

On Mon, Apr 23, 2018, at 3:48 PM, Brian E Carpenter wrote:
> On 24/04/2018 07:10, Jehan Tremback wrote:
> > As far as I understand the use-case of blockchain in KYC (from the perspective of someone who is vouching for an identity), the main thing is that you can sign off that someone meets some standard of identification (they have a certain address, net worth, etc) and then put it on the blockchain. Of course you could also just give them the signature to present when they need to use it.
> > 
> > But putting it on the blockchain allows you to revoke it later.
> 
> Yes. But it was the "unkown" in "trust unknown customers and token 
> purchasers" that puzzled me on the verif-y.com site. As you imply, KYC 
> is about *knowing* your customer.
> 
> If it said "identify and trust new customers and token purchasers" I 
> would not have asked my question.
> 
>    Brian
> 
> > 
> > -- 
> >   Jehan Tremback
> >   jehan@altheamesh.com
> > 
> > On Sun, Apr 22, 2018, at 7:29 PM, Brian E Carpenter wrote:
> >> Arjuna
> >>
> >> On 16/04/2018 20:42, Arjuna Sathiaseelan wrote:
> >>> this is something we are working on via https://www.verif-y.com/
> >>
> >> "The Verif-y KYC service allows businesses utilizing blockchain 
> >> technology to trust unknown customers and token purchasers in an 
> >> efficient, auditable and secure manner."
> >>
> >> I'm confused. KYC is largely about detecting money laundering, and other 
> >> malfeasance, so the last thing a KYC desk cares about is unknown 
> >> customers. On the contrary, they want to know the legal identity of the 
> >> customer and of the source of funds. Direct access to PII is part of the 
> >> process.
> >>
> >> Believe me, I've been there, not 10 km from cl.cam.ac.uk, when my bank 
> >> tried to cut me off from my money soon after I relocated from Auckland 
> >> to Cambridge in 2012. Somehow they had failed to update my residence 
> >> address and I had to get documents certified and rubber-stamped at 
> >> Cambridge police station, and sent by snail mail to the bank's KYC desk, 
> >> before we got our money back. How does block chain solve that? (Not a 
> >> rhetorical question; I would really like to understand.)
> >>
> >>     Brian
> >>
> >>>
> >>> hope to get some experiences and I would share here for sure.
> >>>
> >>> Regards
> >>>
> >>> On 9 April 2018 at 02:44, Brian E Carpenter <brian.e.carpenter@gmail.com>
> >>> wrote:
> >>>
> >>>> On 09/04/2018 10:28, Arjuna Sathiaseelan wrote:
> >>>>>>
> >>>>>> 2/ I though many people in the security community were moving away from
> >>>>>> proving identity, towards systems that prove entitlement (i.e.
> >>>> credentials
> >>>>>> are on a need-to-know basis, so if you were say 19, you don't need to
> >>>> say
> >>>>>> yur age or show id,
> >>>>>> but you can't buy a drink in cambridge MA, but you can in cambridge, UK
> >>>> :)
> >>>>>>
> >>>>>
> >>>>> digital id plays a major role for all the KYC/AML - massive market.. +
> >>>> for
> >>>>> employment etc..
> >>>>
> >>>> Right, but *international* digital ID is a hopeless mess. Just try dealing
> >>>> with a USA bank's KYC department when living in New Zealand with a UK
> >>>> passport. Nothing works.
> >>>>
> >>>> That isn't a marginal case. Tens or hundreds of millions of people
> >>>> would need cross-border digital ID these days. Sales argument: would
> >>>> help to defeat money laundering.
> >>>>
> >>>>    Brian
> >>>>
> >>>>> like the idea of proving entitlement - works nicely with crypto
> >>>>> charities/aid delivery..
> >>>>>
> >>>>> Regards
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>> bootstrapping something from a BC to provide the credentials is also
> >>>>>> problematic, in that
> >>>>>> BC needs a PKI to know whether nodes are not sybils, spoofs, etc, so we
> >>>>>> have a circular dependance, no?
> >>>>>>
> >>>>>> maybe i missed an important step, if so, sorry!
> >>>>>>
> >>>>>>
> >>>>>>> Folks,
> >>>>>>>
> >>>>>>> I thought to share this WSJ article with the DIN group. Relevant in the
> >>>>>>> light of recent interest in using BC for identity.
> >>>>>>>
> >>>>>>> Advance apologies if it offends some people :-)
> >>>>>>>
> >>>>>>> https://blogs.wsj.com/cio/2018/04/03/digital-identity-
> >>>>>> is-broken-heres-a-way-to-fix-it/
> >>>>>>>
> >>>>>>>
> >>>>>>> Below is a link to a PDF version.
> >>>>>>>
> >>>>>>> http://hardjono.mit.edu/sites/default/files/documents/WSJ_
> >>>>>> Digital_Identity_is_Broken.pdf
> >>>>>>>
> >>>>>>>
> >>>>>>> Best
> >>>>>>>
> >>>>>>> -- thomas --

v2.23.0 | Report a Bug | By Email