[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xdi] Re: Quick review requested: short paper on XDI and privacy
Drummond, You state the question was : "to submit a very short paper (<2 pages) describing how XDI and specifically XDI link contracts could be relevant to Internet privacy." I think you don't make the point you are setting out to make... you don't sufficiently explain link contracts or XDI. You need to make a more compelling explanation of both in simple terms. If you want to set the context with a one liner about RDF, great. But your assumption that everyone appreciates that connection is probably flawed. PDS technology, VRM, and Trust Frameworks are technology neutral. You spend a lot of your two pages on that, and I think you are avoiding the real question. What is XDI, what are link contracts, and why does this technology help address privacy? A concrete example and maybe even a diagram would help your case also. - Mike -------------------------------------------------------------------------------------- Michael Schwartz Gluu Founder, CEO mike@gluu.org https://www.gluu.org +1 646-810-8761 On Tue, 9 Nov 2010, Drummond Reed wrote: > [Sorry, accidentally hit the send button. See the response to Mary in this > completed version, inline below.] > > On Tue, Nov 9, 2010 at 12:08 PM, Drummond Reed <drummond.reed@xdi.org>wrote: > >> [NOTE: For some unknown reason, email from this list is bouncing on my >> XDI.org email address. I am checking into this, but in the meantime, please >> cc my Cordance email address -- drummond.reed at the domain cordance.net-- on any replies. In this email I'll reply to Mike's and Mary's emails, >> quoted below.] >> >> 1) MIKE'S EMAIL >> >> ***** QUOTE ****** >> >> Drummond, >> >> Quick feedback.... >> >> I know I sound like a broken record on this point, but I feel the opening >> paragraph's emphasis on RDF graphs minimalizes the importance of XDI. It >> >> makes XDI/XRI sound like an insignificant subset of an arcane, unknown >> technology. Also, I think the opening sentence and paragraph should be >> more thought provoking. >> >> The common theme among people I talk to is that they don't understand what >> >> XDI is good for. We need to state our case in a way that a normal person >> can understand the value proposition. >> >> How about something like this: >> >> The Internet is broken. While DNS solves the issue of an Internet scale >> >> infrastructure for distributed host name resolution, no such >> infrastructure exists with regard to naming objects, for example people, >> groups or organziations. Without an Internet scale, federated naming >> infrastructure, all attempts to make global security policies are in vein. >> >> If you want to make a rule to protect a resource, and you can't name the >> subject that has access to a resource, you simply cannot implement >> technology to enforce the rule. XRI solves part of the problem: naming the >> >> resources. XDI solves the other portion: enabling a standard way for to >> communicate with XRI endpoints to gather the requisite information. >> >> [I think we should go on to explain now that the data is addressable, >> >> where link contracts fit in...] >> >> I think mention of trust frameworks and VRM is a waste of valuable space >> if I read the question correctly: describing how XDI and specifically XDI >> link contracts could be relevant to Internet privacy. Obviously I'm aware >> >> of the critical importance of these components, I just don't think mention >> of these addresses the question at hand. >> >> I would go more deeply into the mechanism of link contracts, and address >> with a specific example how link contracts make possible what is >> >> impossible in LDAP : ACI's that address data in other LDAP servers. >> >> I would also give diagrams as page 3. >> >> If you use any of my blather, include me as an author. Otherwise I >> wouldn't want to take credit for someone else's work :) >> >> thx, >> >> - Mike >> >> ********* ENDQUOTE ****** >> >> Mike, you make some very good points. Unfortunately we have only 2 pages >> (max), and we also need to address an audience that consists of many of the >> people building on today's "broken Internet". The people I've talked to that >> don't "get" the full picture of XDI do seem to understand the need for XDI >> link contracts because of the gap they fill in other protocols (e.g., OAuth >> and UMA), so for this particular audience I believe this is the most >> effective message we can deliver so that they approach XDI with an open >> mind. I also try to emphasize the synergy with RDF and not the differences >> due to the stake I anticipate many in this audience has with RDF. >> >> Hope this helps. >> >> 2) MARY >> >> ******** QUOTE ******** >> >> Hi Drummond, >> >> In order for anything to be submitted on behalf of the TC it must go >> through the Non-Standards Track process, which requires at minimum a 30-day >> public review before it can be presented. The alternative is to submit the >> paper as individuals/representatives of your companies rather than speaking >> on behalf of the TC itself. >> >> Regards, >> >> Mary P McRae >> >> ******** ENDQUOTE ******** >> > > Mary, I removed the reference to the TC in the authors line. It is now just > from a group of individuals. > > Thanks, > > =Drummond > > >> >> >> On Mon, Nov 8, 2010 at 6:25 PM, Drummond Reed <drummond.reed@xdi.org>wrote: >> >>> XDI TC Members, >>> >>> We have been asked by a member of the program committee for the Internet >>> Privacy Workshop (http://www.iab.org/about/workshops/privacy/) to submit >>> a very short paper (<2 pages) describing how XDI and specifically XDI link >>> contracts could be relevant to Internet privacy. The workshop is >>> co-organized by the following groups: Internet Architecture Board<http://www.iab.org/>(IAB), World >>> Wide Web Consortium <http://www.w3.org/> (W3C), Internet Society<http://www.isoc.org/>(ISOC), and Massachusetts >>> Institute of Technology <http://www.csail.mit.edu/> (MIT). >>> >>> Technically the paper was due a week ago (the workshop is Dec. 8 & 9) but >>> I told them we couldn't do it until early this week due to Internet Identity >>> Workshop being last week. >>> >>> I had time to discuss this topic with a few TC members at IIW and pulled >>> their input together into the attached 2 pager. Several of them are willing >>> to be co-authors on this (even though it's so short, I'm open to anyone on >>> the TC being a co-author) >>> >>> Please look it over and, if possible, do 2 things: >>> >>> 1) Send me any feedback (keep in mind we must keep it under 2 pages, which >>> it just barely is now, so you can only suggest replacing, not adding, >>> content) >>> >>> 2) Let me know if you want to be included as an author, and if so, exactly >>> how your name should appear (no affiliations - we'll all just be identified >>> as members of the OASIS XDI TC) >>> >>> Thanks, >>> >>> =Drummond >>> >> >> >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]