Netmino scenario (was RE: [xdi] Agenda for XDI TC Call Monday 3/22 5PM Pacific)

["Drummond Reed" <drummond.reed@cordance.net>]

Jean-Luc,

First, on the call, no problem, this is the call that favors Japan, vs. the
Wednesday calls that favor Europe.

Second, in my opinion, your Netmino approach is well-thought out and takes
great care to preserve all privacy options. I believe it will fit perfectly
as a "profile" of XDI, meaning a way for community of users to specify a)
the data to be exchanged, b) the link contract elements governing,
protecting, and controlling the exchange, and also c) a specific business
model for an XDI service provider.

I would by all means proceed to write this up as a use case, but trying to
specify just the business requirements, and then using the
Issues/Requirements section of the template to point out the architectural
means of implementing them.

Best,

=Drummond

-----Original Message-----
From: jlschellens@netmino.org [mailto:jlschellens@netmino.org]
Sent: Saturday, March 20, 2004 2:00 AM
To: xdi@lists.oasis-open.org
Subject: RE: [xdi] Agenda for XDI TC Call Monday 3/22 5PM Pacific

Hello Drummond,

I'm not yet sure I'll be able to attend this meeting. For me it'll 2 am and
I've to convince my wife for such an early wake-up!

Before I will join the use cases works, I would like to summarize the 3
steps of the negotiation process we defined in Netmino for the exchange of
personal data.

1. In the first step, the two persons (individual or organisation)
candidates for a relationship will exchange their public keys.
-       In a "face to face", they will use Keymino, the software we are
developing for PDAs and GSMs. Keymino allows the exchange (through IrDA,
Bluetooth or MMS - SMS is to small to carry a Public Key) of basic data
about a person: his first name and name, picture, e-mail address and public
key. The data will be different following the type of relationship, e.g. for
anonymous relationship, the first name and name are not disclosed and the
e-mail address will be like BE1234567.56@netmino.com; for a business
relationship, the address will be the firstname.name@company.com with maybe
another public key...
-       In the other cases, e.g. through the Web, the exchange of the basic
data will be done by e-mails through a Netmino server and require an
authentication process (where indeed SAML can be used).

2. In the second step, the two persons will exchange by encrypted (with the
previously exchanged public keys) e-mails their "Privacy & Identity
Contract" (a link contract) using XPIML (eXtensible Privacy & Identity
Markup Language, previously XPrML) to confirm the type of relationship they
want to have (anomino, pseudomino, family, friend, business, employee,
prospect, customer, administrated...) and the authorised uses of the to be
exchanged personal data in relation to their privacy preferences (e.g.
automatic update, copy & back-up but no print or forward to third parties -
I hate the vCard forward feature e.g. in Outlook, it's totally against my
privacy principle!).
The PICs will be signed using the private keys of the two persons.
This step is fundamental for a trusted relationship between the persons and
can be seen as the acceptation you're asked to give when you install
software.

3. In the third step and only if the two persons have exchanged by encrypted
e-mails their signed PICs, the personal data will be exchanged again by
encrypted e-mails, the data being (pre-) formatted in "virtual cards" again
following the type of relationship between the two persons (from anomino to
full disclosure e.g. for your next employer).

I would like to know if you share this very definite approach and would
appreciate all your reactions and comments.

Regards,

Jean-Luc