There's active twittering going on in the audience at the Internet Identity Workshop (#IIW). In order to read it, I had to break down and create a twitter account, and in for a dime, no for a dollar, so I'm going to do the (very occasional) tweet, jst to see what it's like.
But much as I and my SRI-fingers love the telegraphic, 140 characters may be too short. But meanwhile, look for mfroomkin at Twitter, and #IIW for micro-summaries of the conference.
Watching Twitter be used as a chat room is a little odd but at least it keeps comments short.
Anyway, privacy is policy and right now while there’s infrastructure support, of a sort, for passing around policy there just hasn’t been that much interest in it, at least not in the usual circles. Typically when people talk about “policy” they’re talking about protecting network resources. Policy provisioning/enrollment out to users is difficult and clearly tied to some other problems around trust, but a distributed identity system provides some tools to do it.
However, after having spent the past couple of years working on identity-based policy systems and trying to interest people both inside the IETF and inside the networking behemoth it’s extremely difficult to convince people that it’s worth doing. The behemoth doesn’t know how to turn technology like that into sales and most people don’t see a need for identity-tied policy, anyway. Anyway, if you can move around other kinds of policy attributes you can also move around privacy attributes, and if you can have network elements respect other kinds of policy attributes they can respect privacy attributes, etc. I think the privacy problem is basically an authorization problem.
Watching Twitter be used as a chat room is a little odd but at least it keeps comments short.
Anyway, privacy is policy and right now while there’s infrastructure support, of a sort, for passing around policy there just hasn’t been that much interest in it, at least not in the usual circles. Typically when people talk about “policy” they’re talking about protecting network resources. Policy provisioning/enrollment out to users is difficult and clearly tied to some other problems around trust, but a distributed identity system provides some tools to do it.
However, after having spent the past couple of years working on identity-based policy systems and trying to interest people both inside the IETF and inside the networking behemoth it’s extremely difficult to convince people that it’s worth doing. The behemoth doesn’t know how to turn technology like that into sales and most people don’t see a need for identity-tied policy, anyway. Anyway, if you can move around other kinds of policy attributes you can also move around privacy attributes, and if you can have network elements respect other kinds of policy attributes they can respect privacy attributes, etc. I think the privacy problem is basically an authorization problem.
Whoopsie. I resent because I received an error message from your web server saying that the comment hadn’t been posted. Apologies!
That happens sometimes, I have fallen for the same trap.
Damn cheapo server.
Pretty interesting comment, by the way. There are a lot of interests that must be taken into account, including the fact that (most) consumers often will accept little extra hassle to protect themselves.
Did you see the article about Open ID today? I have been seeing that everywhere recently.