[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Trust
I am afraid that I caused something of an 'upset' at today's telcon concerning trust :) Here are the issues as I see them: 1. I am unhappy substituting participant for agent. My reasoning is that automated systems need to be trusted at least as much as people. There was no clear idea on the call for what participant should be replaced by; although removing the qualifier at the beginning about mostly human participants may be removed. In normal English usage, participants are essentially human in character. 2. The relationship between credentials and identity and action is *not* one of authorization. I am not sure at the moment what it should be but authorization is about the empowerment to perform actions, not whether the person doing them should be trusted. (The CIC has the power to take us to war; but I would not trust him if he asked us to.) 3. Some of the modeling around trust is inextricably linked to the issues covered in Section 3, and so I think that some of this needs to be moved there. That is because the appropriate level of abstraction for trust requires discussing the relationships between organizations, actions, participants etc. 4. A Section 5 discussion on trust should focus on what is needed to support clarity on trust and what is involved in running such a system (In fact, I see elements around trust in all three sections: 3,4 and 5.) So, thinking more generally about this, I feel that (a) we are getting close to the total amount of content for the document but that (b) we are likely to need some reorganization. This is not reason to stop our first public review though. Frank
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]