WebID Incubator Group Teleconference

01 Aug 2011

See also: IRC log




<trackbot> Date: 01 August 2011

<jeffsayre> Who's on the phone

is there a URL web service URL for the irc channel?

<MacTed> Zakim. ??p16 is bergi

<MacTed> bblfish - by web service URL, do you mean a public web-served IRC client?

yes MacTed

if so could you please add a link from the wiki and post me the link to the wiki here

so I can give this to our guest speaker

<MacTed> this may work -- http://lists.w3.org/Archives/Public/public-semweb-lifesci/2008Aug/0038.html

<MacTed> (that page has details specific to a different group, but points out mibbit)

zaim, agenda?

<Francisco> Web site of NSTIC: http://www.nist.gov/nstic/

agendum next




<jeffsayre> +1

<bergi> +1

<MacTed> +1

"National Strategy for Trusted Identities in Cyberspace"

and "Proposed NSTIC Architecture"


RESOLUTION: Minutes approved

pomcor is small research institution in San Diego (2 people)

Nascar was started in April 15th

RESOLUTION: Minutes approved

NSTIC started in April 20th is open to many people and was only $20 to participate

is trying to solve the password problem

next meeting is in September probable be September 19 in bay area

300 people at first meeting, 150 at MIT next meeting

francisco likes the emphasis on privacy at NSTIC

one should not be able to track the user

3 requirements of NSTIC

- should not be able to track the user form one session to the next

- should not be able to exchange information between Relying Party

(UProof Microsoft, IBM Idemix)

- different use cases of authentication require different types of trust. Many use cases require multiple credentials and multiple elves of trust

eg: going to buy wine at a wine merchants

needs 2 credentials:

- requires proof of age, without revealing date of brith

- credit card certificate (not sure what info is in the cert)

Other situation:

- your bank needs you id

- your social security number

(this is the bank scenario from the architecture)

There is also a part of the paper consider for session

and how one could use a public key there

The notion of a login certificate

so the notion of a personal data site

which would allow you to not have to re-enter the information in every site you log in

How much change to the browser is needed for this to be enabled?

Ie: what are the mechanisms

oops lost contact

zakim ??P3 is me

I am back

<gaedke> yes

<gaedke> discussion on idea: From the login button to cgi to tls connection

<gaedke> problem when does connection start

<gaedke> server has to ask client for tls connection (part of the handshake)

<gaedke> question to address - can we do this at any time or without changing the state of the art

<gaedke> one way could be breaking session on the server side (bblfish is working this)

<gaedke> another approach (as we are currently working on) would to take the power of the semantic web / FOAF - but this comes with privacy issues

<gaedke> interesting scenario: setting up a site for collaboration

<gaedke> requires to set all roles in the early beginning (has also privacy implications)


<gaedke> US citizen trust in US banks, French trust in in their banks etc. - for most banks this might be ok on a global scale, but not for all.

<gaedke> Scenario: Different groups trust different authorities

<gaedke> Question: Relying party takes social graph into account

<gaedke> So, authorities could define groups whom to trust (or whom they rate as trustworthy), just by setting up groups of URIs to these trusted parties


<gaedke> Privacy is a main concern at the US approach. BUT Paper says if you have three attributes of someone - you can identify that person. Reference required (can someone add this please)

some paper says that yes


I have lost connection

<gaedke> So, is privacy an issue that is possible to address at all?

someone ask a question

<gaedke> Question: how much privacy is possible - or is it just a topic to put on paper, but is not possible from the technological way

<gaedke> Approaches must be flexible for the different scenarios, including also different privacy aspects

<gaedke> scenario very close to privacy: Login. The login service does not need to know **where** you login

have you seen http://www.azarask.in/blog/post/identity-in-the-browser-firefox/


<gaedke> different approaches for cookie / certificate / session handling. need to have a user-friendly approach that makes clear what identity the user is using

<jeffsayre> I must run to another meeting

<gaedke> tracking is difficult problem - need to discuss this in more detail

<gaedke> another approach: A Web Server integrated in every browser. Than you could address the certificate/attributes with a global namespace/URI http://myserver.in.the.browser.example.org

2 privacy enhanced protocol problems

UProof is trackable

(says Francisco)

<gaedke> same token used in multiple parties

Francisco: idemix has a different problem - it is not revocable by traditional means

more recent credentials … (lost connection)

oops can't get back in

<MacTed> we're over time -- may have to end

please say thanks from me

looks like one can't join the conf call after time

<gaedke> zakim unmute me

Summary of Action Items

[End of minutes]

Minutes formatted by David Booth's scribe.perl version 1.136 (CVS log)
$Date: 2011/08/01 16:19:05 $

Scribe.perl diagnostic output

[Delete this section before finalizing the minutes.]
This is scribe.perl Revision: 1.136  of Date: 2011/05/12 12:01:43  
Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/

Guessing input format: RRSAgent_Text_Format (score 1.00)

No ScribeNick specified.  Guessing ScribeNick: bblfish
Inferring Scribes: bblfish

WARNING: No "Present: ... " found!
Possibly Present: Francisco Ie MacTed OpenLink_Software P16 P20 P3 Scenario aaaa aabb bblfish bergi eg gaedke jeffsayre joined trackbot webid
You can indicate people for the Present list like this:
        <dbooth> Present: dbooth jonathan mary
        <dbooth> Present+ amy

WARNING: No meeting chair found!
You should specify the meeting chair like this:
<dbooth> Chair: dbooth

Found Date: 01 Aug 2011
Guessing minutes URL: http://www.w3.org/2011/08/01-webid-minutes.html
People with action items: 

WARNING: Input appears to use implicit continuation lines.
You may need the "-implicitContinuations" option.

[End of scribe.perl diagnostic output]