Re: [dispatch] [Secdispatch] [art] Open Ethics Transparency Protocol
Nikita Lukianets <n.lukianets@openethics.ai> Mon, 14 March 2022 18:19 UTC
Return-Path: <n.lukianets@openethics.ai>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1AEE63A1C9B; Mon, 14 Mar 2022 11:19:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.964
X-Spam-Level:
X-Spam-Status: No, score=-0.964 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTML_MIME_NO_HTML_TAG=0.377, MIME_HTML_ONLY=0.1, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_SOFTFAIL=0.665, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=openethics.ai
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z9bxlZNNfcmC; Mon, 14 Mar 2022 11:19:31 -0700 (PDT)
Received: from nlskm21.hostsila.org (nlskm21.hostsila.org [88.218.28.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CEC143A152F; Mon, 14 Mar 2022 11:18:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=openethics.ai; s=default; h=Content-Transfer-Encoding:Content-Type: MIME-Version:Cc:To:From:In-Reply-To:Message-ID:Subject:Date:Sender:Reply-To: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:References:List-Id:List-Help: List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=QKAciHHkTAj08qu+SqKhgG/IbKKsy1a3i4o/4jb1PjE=; b=Fq4mRElRf+EnPB4M+Ak/bctlTf LJRWDGAVXXm0lDqh6jwy2U5BiMHDfhxxFxtziK5KW4381ze+Lb2GTabDITT/gbD+fnt9qm/rDppz9 3uMv2CyXH7H+pEXC7CPyiKhcTzUBHKgjXfCVOWIJRlM0cnf73OaCVrMfurbOBmhoEuNqEUsFCGp0P 7gnDYXSAmj3DDsypFp5fZeD/9COWH8UdsCFLUaEaX4yiXvPno6zPUTIl8My+OjCS8HaWD35qpZNbn 79Pay1C+xFRDt6ESPwMz1S7cVw9zBzgjTGdqNCSfv5iq7894/uS0b92/9S1D4JQ7Vi3lR9JChYfq5 mEz9zTzQ==;
Received: from [193.93.216.247] (port=41316 helo=[192.168.0.112]) by nlskm21.hostsila.org with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from <n.lukianets@openethics.ai>) id 1nTpGm-005zDH-7P; Mon, 14 Mar 2022 20:18:10 +0200
Date: Mon, 14 Mar 2022 20:18:09 +0200
Message-ID: <6e01731e-1473-4240-843a-5d6b365f1012@email.android.com>
X-Android-Message-ID: <6e01731e-1473-4240-843a-5d6b365f1012@email.android.com>
In-Reply-To: <CAHbuEH6Y=xuoJ-5tRuB7kyjA4_CR00z4VxBXbv_xsWS-que12A@mail.gmail.com>
From: Nikita Lukianets <n.lukianets@openethics.ai>
To: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Cc: "Dale R. Worley" <worley@ariadne.com>, DISPATCH <dispatch@ietf.org>, "gen-art@ietf.org" <art@ietf.org>, IETF SecDispatch <secdispatch@ietf.org>, hrpc@irtf.org, Nikita Lukianets <n.lukianets@openethics.ai>
Importance: Normal
X-Priority: 3
X-MSMail-Priority: Normal
MIME-Version: 1.0
Content-Type: text/html; charset="utf-8"
Content-Transfer-Encoding: base64
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - nlskm21.hostsila.org
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - openethics.ai
X-Get-Message-Sender-Via: nlskm21.hostsila.org: authenticated_id: n.lukianets@openethics.ai
X-Authenticated-Sender: nlskm21.hostsila.org: n.lukianets@openethics.ai
X-Source:
X-Source-Args:
X-Source-Dir:
Archived-At: <https://mailarchive.ietf.org/arch/msg/dispatch/4x86EJ1kLkbAjL0Nmhi6CwQl2Aw>
Subject: Re: [dispatch] [Secdispatch] [art] Open Ethics Transparency Protocol
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Mar 2022 18:19:44 -0000
Greetings!I agree with the prior assessment that this is similar to the Software Bill of Materials work, at least in objectives. That is flexible in terms of what formats will be acceptable (3) to provide a manifest on software and many have selected SPDX, then it's digitally signed (code signing). There's another proposal for this upcoming meeting that will link these for use in supply chain assurance using Remote Attestation. It might be worth reviewing that proposal to look for similarities in addition to reviewing the document from the NTIA on the minimum set of elements for an SBOM.There's a requirement in the US to any organization that sells to the federal government to provide an SBOM related to the US executive order from May 2021. As such, there's traction on this approach already. With that said, EKR also pointed out the proposal in this thread is at the application layer. There may be a possibility for your work to use the standards being adopted that could accelerate your progress. The next part would be to determine if that work requires adoption and further standardization or if the existing formats suffice for what needs to be interoperable.At this point, I don't see a time slot being useful, but please respond with your thoughts if I'm missing something. I hope this is helpful.Thank you,Kathleenco-chair of SecDispatchn.lukianets@openethics.ai writes:
> Nikita Lukianets from the Open Ethics initiative here.
>
> I've been working on the mechanisms to enable transparency for data
> collection and data processing practices for autonomous systems and
> specifically, those powered by machine learning models. Since 2020 I
> have started to draft a guiding document to reflect ways disclosures
> could be submitted, verified, and exchanged. Eventually, I would like to
> see how this work could result in an open standard.
I have feelings which are similar to other respondents. I phrase it
that the IETF is not the correct place for this work because the central
problem is at the application layer (and possibly above that, at the
political layer ... and certainly above that, at the cultural layer):
being transparent presupposes a suitable way to describe "data
collection and data processing practices" in "disclosures".
Once somebody defines a way to represent these disclosures as concrete
document objects, then there may be some protocol issues regarding how
to "submit, verify, and exchange" them. But that still seems to be more
like the presentation layer, how you associate disclosure documents with
web sites etc. which they describe, which sounds like a W3C specialty.
Dale
_______________________________________________
Secdispatch mailing list
Secdispatch@ietf.org
https://www.ietf.org/mailman/listinfo/secdispatch" rel="nofollow">https://www.ietf.org/mailman/listinfo/secdispatch
--Best regards,Kathleen
- [dispatch] Open Ethics Transparency Protocol n.lukianets
- Re: [dispatch] [Secdispatch] Open Ethics Transpar… Michael Richardson
- Re: [dispatch] [art] [Secdispatch] Open Ethics Tr… Larry Masinter
- Re: [dispatch] [hrpc] [art] [Secdispatch] Open Et… John Curran
- Re: [dispatch] [hrpc] [art] [Secdispatch] Open Et… n.lukianets
- Re: [dispatch] [Secdispatch] Open Ethics Transpar… Eric Rescorla
- Re: [dispatch] [art] Open Ethics Transparency Pro… worley
- Re: [dispatch] [Secdispatch] [art] Open Ethics Tr… Kathleen Moriarty
- Re: [dispatch] [Secdispatch] [art] Open Ethics Tr… Nikita Lukianets