Hi all, I ran into some trouble, which I'm unable to hide from you: an errorneous change in the mail setup (SPF) prevents me from properly mailing. Somehow I only hope thee new record is correct and b) it appears to be the case that the old record is still in the DNS caches, which makes testing hard to impossible. @moderator: please set the other posting free. (I posted it typing SMTP manually - and did not know the mailing list wouldn't like it without a To: header.)
Before I continue answering, let me suggest to at those of you, who understand German to view the video about Askemos from the last local CCC meeting: http://datenspuren.de/2013/ It might answer a few questions better than this posting here. On Nov 1 2013, carlo von lynX wrote: >On Mon, Oct 07, 2013 at 01:53:46PM +0200, J?rg F. Wittenberger wrote: >> On Oct 4 2013, carlo von lynX wrote: >> >> >On Fri, Oct 04, 2013 at 02:46:59AM -0400, K???ra wrote: >> >>On Tue, Sep 24, 2013 at 1:49 AM, carlo von lynX >> >> Does that mean that you can manage your trust of individuals from 0 >> >> to 9? That seems arbitrary and rigid. Is there a way to set a level >> >> of trust to >> > >> >it's a _degree, so it is a floating point number. >> >> This is actually something I don't understand at all. That is, >> technically I do, but I don't understand why it _should_ be done >> that way in the first place. > >Well, seemed like a neat idea.. Maybe we're wrong. :) >Not too late to change. Hope so. Let me take my "standard example" regarding trust. Men always trust each other *with respect to some topic*. One can rarely rank peers by some level of trust without such a reference. For instance: concerning my income: there is little reason not to trust my employer with that information, after all it's the one sending the money. Also the bank will have an easy time to figure it out. Health data is a different beast: my doctor and the pharmacy will know about as good or even better about my personal health state than myself. Though it's neither my employers business nor that of my bank. Eventually that's how people organize their life wrt. information. By sharing some info you always risk it being no secret any longer. In case of defect of your trusted party. So you have to deal and heal the situation. As long as this is about a certain topic only, as long as the leak is within bounds, this might be embarrassing. But one can deal with it. If it was about _all_ info at once, it typically becomes a real problem. >> But maybe that's because the permission handling was what started >> the whole Askemos project in the first place. We found a nice >> way to express permission using sets. (Users start owning a unique >> set; they may transfer _strict_ subsets from any set the already own >> among each other. That way nobody can accidentally ever relinquish >> their full control, but it can express fine grained and rather >> complex situations. > >I didn't understand that, technically. Well, that's not so much a technical issue at all. It's an issue to determine the _requirements_ a "serious" rights management system should fulfill. To this date most rights management systems are rather ad hoc. Which is bad. IMHO the best way to pin down those requirements is to start with the real hard (kernel) problem and find a solution: try to model how those "human rights" do work. So what makes human rights special? They are inalienable. That's what a good rights management MUST be able to model. So what does it mean "inalienable"? No individual is - per understanding of human rights - able (permitted) to relinquish those rights! No matter how. No statement of a human being by which this human abandons - or appears to abandon - a human right is taken to be valid by the legal system. It just does not matter if you bring a signed paper plus a video plus a witness and whatever else: none of those proofs, which normally would be valid is good enough to proof that you're now entitled to torture, enslave of kill the individual. Starting from there, we can ask the question: which technical system would allow us to express/model such a situation. That's been the starting point of the Askemos development long ago. Unfortunately we ran into technical problems rather soon. Take unix-alike systems: "root" can impersonate any person and worse: can create yet another account with user number zero. That's the feature, which structurally MUST NOT be possible to model "root's" human rights. Same goes for most database systems etc. Now how would we build a rights management system, which distinguishes between those inalienable rights and those which one can trade? After all it's going to be binary encoded. And it should be deadly easy to verify/audit. Hence we build a system taking this inalienability as the basic axiom. (Frankly, in the beginning not even I confident that it would be possible to successfully build a usable system based on such a rigid rights management system. But it turned out to work well.) The idea was to map the situation to set theory: you start with a set and all you can trade away is a strict subset. Problem solved. The full set you can never even accidentally trade away. That's what we map to "inalienable" rights. (((Note here: so far this is all the "math&theory" in practice computers are to be used. We could ignore our great rights management, switch them off and manipulate the bits at the hard disk. That's why Askemos combines the principled solution with the other one: have independent witnesses for all your data and updates. That way no single broken machine can be used to break the system in effect despite single machines may still be broken.))) >> >> the public? Having different contact groups or "circles" as google >> >> calls >> >> This for instance is - well I've been lying in the paragraph above. >> The user starts out owning two sets: their personal set (a.k.a. >> "human rights") _and_ a subset of some symbolic "public" right, >> whereby this subset allows to read information marked as public >> but it does not allow one not modify it. > >Oink? OK; forget about this detail. It comes up rather late in the whole reasoning, when we start to look into the situation how public knowledge and such cultural heritage is to be treated. After all: if we allow "ownership" on information, we still want/need some knowledge to be public. In fact we need such knowledge to be able to communicate at all. >> >the trust levels serve the purpose to recreate a facebook-like user >> >experience. if you want to use psyc in a more high security fashion >> >you can use it differently. >> >> That's precisely where I don't buy into the idea that this can >> be done using a single number. > >Facebook does it with a boolean. >Or so. > >No? Probably yes. I'll have to take your word for it. ;-) I assume facebook has a great solution there. - Could you explain to the stupid mine which problem it happens solve? ;-) Best /Jörg
-- [email protected] https://lists.tgbit.net/mailman/listinfo.cgi/secu-share
