Re: [dispatch] [Secdispatch] [art] Open Ethics Transparency Protocol
Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Mon, 14 March 2022 17:48 UTC
Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 50B043A0EAC; Mon, 14 Mar 2022 10:48:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7K_1yiZRLkjP; Mon, 14 Mar 2022 10:48:02 -0700 (PDT)
Received: from mail-ua1-x929.google.com (mail-ua1-x929.google.com [IPv6:2607:f8b0:4864:20::929]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 739DE3A0E9A; Mon, 14 Mar 2022 10:48:02 -0700 (PDT)
Received: by mail-ua1-x929.google.com with SMTP id 63so6938403uaw.10; Mon, 14 Mar 2022 10:48:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=CZbukwNW/dFU1Voju35rVmSlGGkoXR5Wd45xreU5KXE=; b=TMq7RoC6hH1IW8xMKn3ZrihhUHYvxQCvD52ZmZ/o2B5LDRhLSyMJT4dzjigkAnQCcE z1bOsv3cNrQJfhQfiA0nDr8LwaCAvh2PBWas1KlUn0mi4sPOdAJikdWArcXokW5ES9Kp tqwBkWyaMHVfsUFw6rwJtGFmDuOj7ImDHi+IjQcXrEx1GNrmjyu64akMATvEqMJtQYUu 8LQldG0926cRnpjjsiMU4ZAuXQe0BZ2/qRA5boUBeWKgw8lI/cfVnQdj4ahh23cdFrsq b/1Rqn82do5rwGvVb3s/o0kYV6AEb6hCmrILmQyoqCs38MLr8GB6RC+TZvbzzs1jl4ne rYYQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=CZbukwNW/dFU1Voju35rVmSlGGkoXR5Wd45xreU5KXE=; b=WPleDuoF3RQMxRarbPbJwm70GZQy/igevNaIVclz0i2kNjCG7WekoIqy99UPl+AIb2 8Gh7V3WkNIc3/LblvXXbNAbCMEnbaIhKmb73OgB4BrPnk8746+dKiBcnpb4k6jZGYZ4t CycyrQu27OyzXjwP5pgtlrbyJ8WbS6cQRuep4IR3UDzzWW80iBWrvW3rXkaBj9QjEFP9 W/Y0fJS0yggwPsASXkClb2FOT+HiEh1C2crmVHXfFGponRrw5q4Y4K/4t4g9JtJvZkxG Mo0laqULuNHRK0aod1so9f3VR/A39aS5F6w42ySJVUQ5Jw+3wn0J87oZ/AbPp53w6jn2 Fdqg==
X-Gm-Message-State: AOAM53272QQ4PBbmIBGfBZpcA6vCY1o2A1CDU6HksgKcEpiV6WMxbgiz pPuEmBtPtvGWWfRXqnza+t3/UFo8/ADRIS5rx/rsEgIaTvc=
X-Google-Smtp-Source: ABdhPJxU6fMyDEVSV6+JNfxlvv3eeEnzicHlfFQyGNEs0oz13Pp8Edj7jb/ATeCSVTyOrdiYftcMjRjqEyaCXdW83NI=
X-Received: by 2002:ab0:6192:0:b0:34a:1607:b2fd with SMTP id h18-20020ab06192000000b0034a1607b2fdmr9356467uan.65.1647280081172; Mon, 14 Mar 2022 10:48:01 -0700 (PDT)
MIME-Version: 1.0
References: <6dac86b0eb3b96490dadffdc0f1d307a@openethics.ai> <87fsnlcnz6.fsf@hobgoblin.ariadne.com>
In-Reply-To: <87fsnlcnz6.fsf@hobgoblin.ariadne.com>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Date: Mon, 14 Mar 2022 13:47:25 -0400
Message-ID: <CAHbuEH6Y=xuoJ-5tRuB7kyjA4_CR00z4VxBXbv_xsWS-que12A@mail.gmail.com>
To: "Dale R. Worley" <worley@ariadne.com>
Cc: n.lukianets@openethics.ai, DISPATCH <dispatch@ietf.org>, "gen-art@ietf.org" <art@ietf.org>, IETF SecDispatch <secdispatch@ietf.org>, hrpc@irtf.org
Content-Type: multipart/alternative; boundary="000000000000157d6905da31483e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dispatch/CHJ0Olsv1v4tDiRB39mdM5joqoI>
Subject: Re: [dispatch] [Secdispatch] [art] Open Ethics Transparency Protocol
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Mar 2022 17:48:08 -0000
Greetings! I agree with the prior assessment that this is similar to the Software Bill of Materials work, at least in objectives. That is flexible in terms of what formats will be acceptable (3) to provide a manifest on software and many have selected SPDX, then it's digitally signed (code signing). There's another proposal for this upcoming meeting that will link these for use in supply chain assurance using Remote Attestation. It might be worth reviewing that proposal to look for similarities in addition to reviewing the document from the NTIA on the minimum set of elements for an SBOM. There's a requirement in the US to any organization that sells to the federal government to provide an SBOM related to the US executive order from May 2021. As such, there's traction on this approach already. With that said, EKR also pointed out the proposal in this thread is at the application layer. There may be a possibility for your work to use the standards being adopted that could accelerate your progress. The next part would be to determine if that work requires adoption and further standardization or if the existing formats suffice for what needs to be interoperable. At this point, I don't see a time slot being useful, but please respond with your thoughts if I'm missing something. I hope this is helpful. Thank you, Kathleen co-chair of SecDispatch On Sun, Mar 13, 2022 at 9:39 PM Dale R. Worley <worley@ariadne.com> wrote: > n.lukianets@openethics.ai writes: > > Nikita Lukianets from the Open Ethics initiative here. > > > > I've been working on the mechanisms to enable transparency for data > > collection and data processing practices for autonomous systems and > > specifically, those powered by machine learning models. Since 2020 I > > have started to draft a guiding document to reflect ways disclosures > > could be submitted, verified, and exchanged. Eventually, I would like to > > see how this work could result in an open standard. > > I have feelings which are similar to other respondents. I phrase it > that the IETF is not the correct place for this work because the central > problem is at the application layer (and possibly above that, at the > political layer ... and certainly above that, at the cultural layer): > being transparent presupposes a suitable way to describe "data > collection and data processing practices" in "disclosures". > > Once somebody defines a way to represent these disclosures as concrete > document objects, then there may be some protocol issues regarding how > to "submit, verify, and exchange" them. But that still seems to be more > like the presentation layer, how you associate disclosure documents with > web sites etc. which they describe, which sounds like a W3C specialty. > > Dale > > _______________________________________________ > Secdispatch mailing list > Secdispatch@ietf.org > https://www.ietf.org/mailman/listinfo/secdispatch > -- Best regards, Kathleen
- [dispatch] Open Ethics Transparency Protocol n.lukianets
- Re: [dispatch] [Secdispatch] Open Ethics Transpar… Michael Richardson
- Re: [dispatch] [art] [Secdispatch] Open Ethics Tr… Larry Masinter
- Re: [dispatch] [hrpc] [art] [Secdispatch] Open Et… John Curran
- Re: [dispatch] [hrpc] [art] [Secdispatch] Open Et… n.lukianets
- Re: [dispatch] [Secdispatch] Open Ethics Transpar… Eric Rescorla
- Re: [dispatch] [art] Open Ethics Transparency Pro… worley
- Re: [dispatch] [Secdispatch] [art] Open Ethics Tr… Kathleen Moriarty
- Re: [dispatch] [Secdispatch] [art] Open Ethics Tr… Nikita Lukianets