I decided to open a thread On Twitter for ID & security professionals to share why (/if) putting hashed PII on any immutable ledger(blockchain) is a bad Idea.
Not everyone agreed that it was bad if certain things were done right.
There were 15 direct responses and then a whole lot of subthreads. I have pulled out all the subthreads. All tweets are linked to. Yes…all of them. Let me know if i missed a thread and I will pull it in. Let me know if you post about this thread on your blog – I will post a link. Also I am giong ot share this with the identity gang list – you can join it here: https://lists.idcommons.net/lists/subscribe/community
Jeff Lombardo also made a summary of the conversation on his blog. https://x-iam.com/can-blockchain-solves-the-privacy-of-identity-connundrum.html
[Read more…] about Is putting hashed PII on any immutable ledger(blockchain) is a bad Idea
Accountability Framework
Google+ and my "real" name: Yes, I'm Identity Woman
When Google+ launched, I went with my handle as my last name. This makes a ton of sense to me. If you asked most people what my last name is, they wouldn’t know. It isn’t “common” for me. Many people don’t even seem to know my first name. I can’t tell you how many times I have found myself talking with folks at conferences this past year and seeing ZERO lighbulbs going off when I say my name “Kaliya”, but when I say I have the handle or blog “Identity Woman” they are like “Oh wow! You’re Identity Woman… cool!” with a tone of recognition – because they know my work by that name.
One theory I have about why this works is because it is not obvious how you pronounce my name when you read it. And conversely, it isn’t obvious how you write my name when you hear it. So the handle that is a bit longer but everyone can say spell “Identity Woman” really serves me well professionally. It isn’t like some “easy to say and spell” google guy name like Chris Messina or Joseph Smarr or Eric Sachs or Andrew Nash. I don’t have the privilege of a name like that so I have this way around it.
So today…I get this
I have “violated” community standards when using a name I choose to express my identity – an identity that is known by almost all who meet me. I, until last October, had a business card for 5 years that just had Identity Woman across the top.
Display Name – To help fight spam and prevent fake profiles, use the name your friends, family, or co-workers usually call you. For example, if your full legal name is Charles Jones Jr. but you normally use Chuck Jones or Junior Jones, either of these would be acceptable. Learn more about your name and Google Profiles.
[Read more…] about Google+ and my "real" name: Yes, I'm Identity Woman
The Trouble with Trust, & the case for Accountability Frameworks for NSTIC
There are many definitions of trust, and all people have their own internal perspective on what THEY trust.
As I outline in this next section, there is a lot of meaning packed into the word “trust” and it varies on context and scale. Given that the word trust is found 97 times in the NSTIC document and that the NSTIC governing body is going to be in charge of administering “trust marks” to “trust frameworks” it is important to review its meaning.
I can get behind this statement: There is an emergent property called trust, and if NSTIC is successful, trust on the web would go up, worldwide.
However, the way the word “trust” is used within the NSTIC document, it often includes far to broad a swath of meaning.
When spoken of in every day conversation trust is most often social trust.
[Read more…] about The Trouble with Trust, & the case for Accountability Frameworks for NSTIC
Alignment of Stakeholders around the many NSTIC Goals
The Many Goals for the Identity Ecosystem & NSTIC Governance
The NSTIC governance NOI articulates many key activities, qualities and goals for a governance system for NSTIC. NSTIC must:
- convene a wide variety of stakeholders to facilitate consensus
- administer the process for policy and standards
- development for the Identity Ecosystem Framework in accordance with the Strategy’s Guiding Principles
- maintain the rules of participating in the Identity Ecosystem
- be private sector-led
- be persistent and sustainable
- foster the evolution of the Identity Ecosystem to match the evolution of cyberspace itself.
Achieving these goals will require high-performance collaboration amongst the steering group and all self-identified stakeholder groups. It will also require earning the legitimacy from the public at large and using methods that surface their experience of the Identity Ecosystem Framework as it evolves.
[Read more…] about Alignment of Stakeholders around the many NSTIC Goals
Trust is at all time low in they West….why leading with "trust frameworks" might not work
The ID Coach has this quote at the top of her current blog post:
…trust indices in the Western world are at an all time low. We don’t trust our lawyers, or accountants — they shred lots of documents. Many believe that bankers recently brought the world economic system to its knees in the crisis of 2008 and subsequent recession. Most people aren’t too enamored of politicians, either.
It is from the current issue of the Harvard Business Review in an article about trust.
It makes another very clear point about why leading with the word “trust” to describe “trust frameowrks” when the institutions touting them are the very ones that people have skepticism about (lawyers, accountants, bankers) as a good way to solve all our problems online by having people prove who they are.
People don’t want to accept “trust” blindly form these institutions they want to understand how it works and then decide if they do trust it or not. Asking questions about accountability seems much easier to be concrete about the actual mechanics that then may are may not be trustworthy.
Accountability Framework – renaming "Trust Frameworks"
I challenged the choice of the phrase “trust frameworks” to describe policy/technology frameworks that have the goal of creating networks of interoperability in the question and answer part of the NSTIC governance workshop. Jeremy Grant challenged me to think of a better name for “trust frameworks” and I think I found it…
Accountability Frameworks
So far everyone I have shared this with likes this new potential name.
* It is 2 words.
* It captures the heart of the intention behind their purpose – Accountability
* Accountability is achieved in these frameworks via both technology standards and policies that are adopted and audible.
* Trust remains an emergent property of these accountability frameworks.
* There can be real conversations by various stakeholders who may have different needs and interests about the nature of the accountability in different frameworks. They can look to see weather particular accountability frameworks are trustworthy from a particular point of view.
* It avoids the problem of talking about the “trustability of trust frameworks”.
Comment from Scott Cadzow on "What is Identity?"
Scott Cadzow was at the first ITU meeting. Like me he is an independent consultant who spent a lot of time in standards land particularly with mobile efforts in Europe. He read my “What is Identity?” post and had this comment (sorry commenting doesn’t really work on my blog I have to get this fixed anybody know a good wordpress wiz?)
I wonder if identity as a social construct and identity as a transferable element are not getting confused? Who I am is too complex to summarise in a few sentences, maybe not even in an autobiography stretching across many volumes. In part this is because my perception of my identity is not what others perceive of my identity and as such any declaration of who I am is always false as the entity I declare it to will have a different end view. However if I give you my email address that allows access to the more complex part of identity. If a thief can gather sufficient pointers to your identity they may be able to masquerade as you, but whilst I could give all of my details to somebody they would fail to masquerade as me to someone who knows me in person (family or employer say).
In the ITU-T world identity has to be decomposed to what is available in their world and simply they cannot hope to maintain knowledge related to the societal you, only the knowledge that allows them to make connections to a possible you (telephone numbers address the telephone and not the person and quite simply I am not a telephone). However it is sufficient in the ITU-T space to say that the form of identity they deal with is sufficient to describe the thing that communicates (people use phones to make connections, the ITU-T makes sure that phones can make connections and they do not offer to make connections for people).
In my field of security, and securing identity as a task with it, there is no way that I can offer to protect your identity in all its societal richness. However I can make sure that you will be able to make decisions on the value of some parts of identity (the identifier) by allowing to verify its authenticity and its authority (if it is an authoritative identity). We certainly don’t need to go back to birth certificates for this proof (apart from anything else these can be forged).
Whilst I will agree that identity needs protection it also needs basic common sense (the power of real names in legend should be updated for the modern age – don’t release more data than essential and get systems to default to minimum release policies).
My point is that it is dangerous to conflate identity with identifiers and then say to the public you are your identifier and that the STATE has all the power to ‘validate’ who you are with those identifiers. This is a police state in the making and billions of people world wide have no ‘valid’ stat papers. It doesn’t mean they should not get on the network.
True and I hope nobody is trying to say identifier is identity in all contexts. What I want to note is that if the context is a phone call the only identity from the protocol view is the phone number, from the person using the phone the phone number does not equate to identity (different context, different identity). Rehash: Identity is relevant in context and not all contexts are the same so the value of identity is as varied as the contexts it is placed in.
Your suggestion that the state validates identifiers is harsh. The authority for an identifier is responsible for the validation and the authority need not be the state (most often isn’t). This is the reason behind my view of identity being authoritative or non-authoritative. In the real world we can only verify some identifiers as authoritative and not identity in the societal case (as we cannot have authoritative context although for forensic examination and recovery reasons we may wish to).