Re: [Ideas] Diasambugating Identifier and Identity

Michael Menth <> Fri, 14 April 2017 18:35 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 3932112953E for <>; Fri, 14 Apr 2017 11:35:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id EogdP5eyWx_I for <>; Fri, 14 Apr 2017 11:35:16 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 61AF5129535 for <>; Fri, 14 Apr 2017 11:35:16 -0700 (PDT)
Received: from [] ( []) by (Postfix) with ESMTPSA id DBE7D57C33; Fri, 14 Apr 2017 20:35:14 +0200 (CEST)
To: Robert Moskowitz <>,
References: <> <> <> <>
From: Michael Menth <>
Message-ID: <>
Date: Fri, 14 Apr 2017 20:34:53 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 8bit
Archived-At: <>
Subject: Re: [Ideas] Diasambugating Identifier and Identity
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 14 Apr 2017 18:35:19 -0000

Looks good to me.


Am 14.04.2017 um 20:26 schrieb Robert Moskowitz:
> On 04/14/2017 02:45 AM, Michael Menth wrote:
>> Hi Robert, hi all,
>> thanks for your thought-provoking mail. Reading the definitions gave me
>> the impression that identities can have very different properties
>> depending on their domains. I feel the text is stimulating but too long
>> for a definition.
>> What about:
>> An identity (Idy) is a distinguishable entity within its domain.
>> An identifier (Idf) is a label for an Idy. An Idy may have multiple
>> Idfs.
> An identity (Idy) is a collection of data that distinguishes an entity
> within its domain. An entity may have different Idy for different domains.
> An identifier (Idf) is a label for an Idy, often following construction
> rules. An Idy may have multiple Idfs.
>> Anything beyond this definition are valid observations that show the
>> diverse properties of domain-specific Idys. A discussion including
>> examples for entities and domains is helpful for illustration. This also
>> pertains to the relation between objects and Idys.
>> Regards,
>> Michael
>> Am 14.04.2017 um 01:58 schrieb Robert Moskowitz:
>>> I am finally getting back to this subject.
>>> On 03/28/2017 12:07 PM, Robert Moskowitz wrote:
>>>> The Identifier/Identity definitions in
>>>> draft-padma-ideas-problem-statement-01.txt is a good start, it fails
>>>> in the appreviations used. (There is NO abbreviation for Identity!)
>>>> ID should NOT be the appreviation of Identitfier.  People will default
>>>> to thinking 'Identity' when they see it.  Think about people outside
>>>> our discussion group.
>>>> I propose 'IDf' for Identifier.  'ID' is too owned by Identity.
>>>> I will be working on proposed wording to improve these definitions.
>>> I have worked up definitions, sent it out to a few reviewers, got some
>>> comments and questions.  First my current draft, then a few questions:
>>> Replacement text for:    draft-padma-ideas-problem-statement
>>> Identity (Abbr: IDT or IDt):    A collection of information that is
>>> unique to an object and differentiates it from all other objects.
>>> An identity consists of information that is stated about the object by
>>> itself or a governing authority. It consists of a set of attributes
>>> and/or actions the object can take.  An Identity may be assigned a
>>> lifetime (e.g., a time period), which is determined by either the object
>>> or the governing authority responsible for defining the identity of the
>>> object, or a designated third party. An object can have multiple
>>> Identities and can create and discard Identities at will.  An Identity
>>> may be ‘indestructible’. That is, it is so unique and non replicatible
>>> that no other object could ever duplicate it, nor can the object discard
>>> it within its lifetime without being a ‘clone’ object.  Identity is used
>>> in authentication registration and policy ownership proofs.
>>> Identifier (Abbr: IDF or IDf):    A label that is unique for an object a
>>> particular scope.
>>> The label follows strict construction rules for the objects and the
>>> context that the label is applied to.  For a particular context, an
>>> Identifier is used to reference an Identity for the object.  In most
>>> cases, an Identifier is bound to an Identity through some trusted
>>> mechanism.  An Identity can have different Identifiers, potentially
>>> following different construction rules, for different contexts and/or
>>> domains of applicability.
>>> ==========
>>> Now onto a few questions:
>>> Per: "An object can have multiple Identities" clause, I am challenged
>>> with
>>> "This is VERY dangerous. In most software systems, it is the
>>> responsibility of the management system to assign a single identity to
>>> an object when it is created. If an object has multiple identities, it
>>> could suffer from 'multiple personality syndrome'.
>>> More importantly, if the object is allowed to create and discard
>>> identities at will, how do other objects know that the object is who it
>>> attests to be?"
>>> I think it is very important for some situations for support of multiple
>>> Identities.  No all.  There are domains as indicated above where it
>>> causes big problems.
>>> Per: "An Identity may be ‘indestructible’." clause, I am challenged with
>>> "This doesn’t make any sense. Why would anyone care if the identity is
>>> indestructible or not?"
>>> I can think of examples of such Identities, or claim of such Identities,
>>> like DNA.
>>> And finally, Per: "Identity is used in authentication registration and
>>> policy ownership proofs." clause, I am challenged with
>>> "What does this mean?"
>>> I will have to work on this some more, or perhaps it does not belong in
>>> the definition section.
>>> Comments please
>>> _______________________________________________
>>> Ideas mailing list

Prof. Dr. habil. Michael Menth
University of Tuebingen
Faculty of Science
Department of Computer Science
Chair of Communication Networks
Sand 13, 72076 Tuebingen, Germany
phone: (+49)-7071/29-70505
fax: (+49)-7071/29-5220