Re: [Secdispatch] Open Ethics Transparency Protocol
Michael Richardson <mcr+ietf@sandelman.ca> Mon, 31 January 2022 20:46 UTC
Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 42B913A172C; Mon, 31 Jan 2022 12:46:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sandelman.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id miu3Yp_oojJq; Mon, 31 Jan 2022 12:46:27 -0800 (PST)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9C37E3A1731; Mon, 31 Jan 2022 12:46:27 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id 0AFE038EE0; Mon, 31 Jan 2022 15:53:34 -0500 (EST)
Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 21TWZuTus16L; Mon, 31 Jan 2022 15:53:30 -0500 (EST)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id E3E5E38ED4; Mon, 31 Jan 2022 15:53:29 -0500 (EST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=sandelman.ca; s=mail; t=1643662409; bh=EWIKmqAjZTktsvBGXQ/oegpYYjehVnGT/R7ow5h2yIQ=; h=From:To:cc:Subject:In-Reply-To:References:Date:From; b=ojyPlxr0Gb6eVztoLlYWZrQGNLdDOV/FwFHjMOImaDwfY45ifnCIOyS4PXf63pwC8 yU0l6v3eYDo3EXSDKwrLIGc4DEXxiM3qo4EQWWKuvCJ2u5KMMIX2CyW2ljXtfyjkdI LZcY1W68zFoge43suhfKBpd+UrSkU0a0D2KjTVV0otLz/hdY6mouEPL+iI2MMmIQH5 92Wg2b2UkwUBUm/LxMihKvDvpO7D1etVRoFrKxFXGXn/1SInbkgHPtR4AQlfuv3DNX kPCjf4NRBvX85BM3S3ZRnNOBjfwt6OIHUCBbI0Gek25/SCu/oFCa0PJhwjVTn/GVCc GG/zbY8oYIABw==
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 7DA0C1CC; Mon, 31 Jan 2022 15:46:21 -0500 (EST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: n.lukianets@openethics.ai
cc: art@ietf.org, secdispatch@ietf.org, dispatch@ietf.org, hrpc@irtf.org
In-Reply-To: <6dac86b0eb3b96490dadffdc0f1d307a@openethics.ai>
References: <6dac86b0eb3b96490dadffdc0f1d307a@openethics.ai>
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 26.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Mon, 31 Jan 2022 15:46:21 -0500
Message-ID: <3343.1643661981@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/rzW-_D6V1lUPrlxb7PMbuinGNMY>
Subject: Re: [Secdispatch] Open Ethics Transparency Protocol
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Jan 2022 20:46:34 -0000
n.lukianets@openethics.ai wrote: > I've been working on the mechanisms to enable transparency for data > collection and data processing practices for autonomous systems and > specifically, those powered by machine learning models. Since 2020 I > have started to draft a guiding document to reflect ways disclosures > could be submitted, verified, and exchanged. Eventually, I would like > to see how this work could result in an open standard. Are you talking about security disclosures? Or something else? I read the connected links and I think it has something to do with disclosing risks with Machine Learning systems. > I've chosen IETF as a home for this work as AI-powered applications are > becoming ubiquitous. Therefore, we should start looking at them from > the internet standard and supply chain perspectives. There's an > emergent need to bring a legally-agnostic and standardized way to > describe these systems from privacy, security, fairness, datasets, and > explainability stances. ... > The idea is simple * Following the example of the food (construction, > pharma, electrical appliance) industry, we need every application to > (voluntary) disclose the "ingredients", e.g. how data is collected and > outputs are produced. * We need to have a standard way (protocol) to Sounds like a kind of (software) Bill of Materials. SBOM is not really occuring inside the IETF, but rather at places like NIST. We have some of it in the MUD (RFC8520) space, some in SACM (CoRIM), but mostly it is at NIST/NTIA. I don't think SBOM fits at all though. > Below are the links with more info Article to bring the context, in > plain English > https://lukianets.medium.com/why-algorithmic-transparency-needs-a-protocol-2b6d5098572f I read this, but and while it explained some of the why, it didn't make it clear what your how is. > The IETF I-D > https://datatracker.ietf.org/doc/draft-lukianets-open-ethics-transparency-protocol/ I scanned your document. You have a pretty good grasp of a reasonable syntax, and in some ways it is similiar to securitytxt in syntax. But, I don't really understand the semantics of the content, and your example in section 5 didn't help me at all. I think you need a more detailed, more well worked set of examples to motivate things. Avoid getting into the syntax: how would practices be described, attested to, etc? -- Michael Richardson <mcr+IETF@sandelman.ca> . o O ( IPv6 IøT consulting ) Sandelman Software Works Inc, Ottawa and Worldwide
- [Secdispatch] Open Ethics Transparency Protocol n.lukianets
- Re: [Secdispatch] Open Ethics Transparency Protoc… Michael Richardson
- Re: [Secdispatch] [art] Open Ethics Transparency … Larry Masinter
- Re: [Secdispatch] [hrpc] [art] Open Ethics Transp… John Curran
- Re: [Secdispatch] [hrpc] [art] Open Ethics Transp… n.lukianets
- Re: [Secdispatch] Open Ethics Transparency Protoc… Eric Rescorla
- Re: [Secdispatch] [art] Open Ethics Transparency … worley
- Re: [Secdispatch] [art] Open Ethics Transparency … Kathleen Moriarty
- Re: [Secdispatch] [art] Open Ethics Transparency … Nikita Lukianets