• If you are citizen of an European Union member nation, you may not use this service unless you are at least 16 years old.

  • Want to organize your cloud files? Sign up for a free webinar to see how Dokkio (a new product from PBworks) can help you find, organize, and collaborate on your Drive, Gmail, Dropbox, and Slack files: Weds, May 27 at 2PM Eastern / 11AM Pacific


Page history last edited by Alice Smith 1 year, 6 months ago



Sunil Mehta smehta@nimblecat.com (Nimblecat), John Panzer jpanzer@google.com (Google), Rohit Khare, mathieu.ramage@bnpparibas.com, Henry Jen <henryjen at ztune.net>



- Facebook profiles are hugely inflated, no way to verify
- Sharing identity across research vessels
- APIs that depend on identity data, lots of information processing (quality highly suspect, no way to tell if source is reputable), want to aggregate, left w/junk
- Go to web app, want to share information with friends, have relationship, but need richer permissions/relationship model to reflect real life -- need reliable identity format to present to services; OpenID/OAuth working towards, not there yet.
- Interested in online reputation of companies, banking group, online reputation highly important, how to get info
- EBay problem:  How do I trust this person I'm buying from, how do I feed back into this without the EBay problem of tit for tat black marks; how do you manage?
- Prime Life/Privacy: EU/data quality, security, data management (obstruct aggregation as above) -- keep companies from profiling -- have developed credential systems for anonymous credentials + third parties vouching for id.  OAuth, OpenID empty shell -- need semantics (globally agreed upon).  Using (XACML?) to do data governance on back end.
- Integration of client and web authentication.

- Identify themselves online; being able to reuse content, see where it comes from.  Want assurance in some cases, not in others. Decentralized.  


Credibility:  Criteria for credibility?  Who judges credibility?  Hard to define credibility based on how someone looks?  On what axes?  

Distinguish credibility from reputation - FICO scores is an example of reputation - 

Credibility:  Probability that you will do what you say?  Reputation is data from the past behavior?  Problems:  Data quality problems, attackers.  Offline world -- credentials? Cannot use online because can't transport credentials.  

People have a right to lie?  Can withhold a connection request.


Salmon discussion - problem.  Signed XML-DSig -> Salmon session.  (Bit of a diversion.)




Want to know: What are the missing pieces on the web?  What do we need?

Systems for asking about credibility of sources - Reputation Services

Components of identity, credibility, etc. 

Detect hacks/hijacks

Problem - proliferation of identity standards - problem, we haven't done what is really needed. FOAF, vcard, P3P, CardSpace, OpenID, XACML, SAML, ...

(No lightweight profile/kernel that can be used for all.)




Sistema de revisão feito pela  Weblocal hospedagem de sites!