From: cvs@openprivacy.orgCVS update: openprivacy/htdocs
Date: Thursday March 1, 19101 @ 12:30
Author: fen
CVSWEB Options: -------------------
Main CVSWeb: http://openprivacy.org/cgi-bin/cvsweb/cvsweb.cgi
View this module: http://openprivacy.org/cgi-bin/cvsweb/cvsweb.cgi/openprivacy/htdocs
-----------------------------------
Update of /usr/local/cvs/public/openprivacy/htdocs
In directory giga:/home/fen/projects/openprivacy/htdocs
Modified Files:
platform.shtml
Log Message:
folded in capabilities items
*****************************************************************
File: openprivacy/htdocs/platform.shtml
CVSWEB Options: -------------------
CVSWeb: Annotate this file: http://openprivacy.org/cgi-bin/cvsweb/cvsweb.cgi/openprivacy/htdocs/platform.shtml?annotate=1.4
CVSWeb: View this file: http://openprivacy.org/cgi-bin/cvsweb/cvsweb.cgi/openprivacy/htdocs/platform.shtml?rev=1.4&content-type=text/x-cvsweb-markup
CVSWeb: Diff to previous version: http://openprivacy.org/cgi-bin/cvsweb/cvsweb.cgi/openprivacy/htdocs/platform.shtml.diff?r1=1.4&r2=1.3
-----------------------------------
Index: openprivacy/htdocs/platform.shtml
diff -u openprivacy/htdocs/platform.shtml:1.3 openprivacy/htdocs/platform.shtml:1.4
--- openprivacy/htdocs/platform.shtml:1.3 Wed Feb 7 10:50:20 2001
+++ openprivacy/htdocs/platform.shtml Thu Mar 1 12:30:10 2001
@@ -1,122 +1,202 @@
<!--#include virtual="/includes/top.html"-->
<!--#include virtual="/includes/navigation.html"-->
-<!-- $Id: platform.shtml,v 1.3 2001/02/07 18:50:20 fen Exp $ -->
+<!-- $Id: platform.shtml,v 1.4 2001/03/01 20:30:10 fen Exp $ -->
-<h3>Platform</h3>
+ <h3>Platform</h3>
-<h4>Secure, Privacy-enhanced Reputation Facility</h4>
+ <h4>Secure, Privacy-enhanced Reputation Facility</h4>
-Reputations are the cornerstone to any virtual community. OpenPrivacy
-enables reputations to be used to enhance searching as well as to filter out
-unwanted information, all while maintaining complete user privacy. In
-addition, the reputation substrate supports the user to:
+ Reputations are the cornerstone to any virtual community. OpenPrivacy
+ enables reputations to be used to enhance searching as well as to filter out
+ unwanted information, all while maintaining complete user privacy. In
+ addition, the reputation substrate supports the user to:
-<ul>
- <li>accumulate valuable <i>reputation capital</i> for shared profile
+ <ul>
+ <li>accumulate valuable <i>reputation capital</i> for shared profile
information, ideas and publications without needing to divulge identity
- <li>annotate any object with machine-readable opinions (grafts), thus
+ </li>
+ <li>annotate any object with machine-readable opinions (grafts), thus
creating a general purpose and secure reputation facility
- <li>enable opt-in profile/reputation owner contact by third parties
-</ul>
-
-<h4>Open Source with Open APIs</h4>
-
-OpenPrivacy is an open source platform with published XML data formats and
-APIs that provide mechanisms to:
-
-<ul>
- <li>monitor and verify proper use of personal information
- <li>post unauthenticated (hearsay) profile information anonymously
- <li>authenticate (through opt-in verification) profile segments
- <li>most importantly, enable complete user control over her profile,
+ </li>
+ <li>enable opt-in profile/reputation owner contact by third parties
+ </li>
+ </ul>
+
+ <h4>Open Source with Open APIs</h4>
+
+ OpenPrivacy is an Open Source platform with published XML data formats and
+ APIs. The Open Source aspect of the OpenPrivacy platform ensures that the
+ entire system is available for public inspection and auditing. While this
+ activity is beyond the scope of most of the expected user populace, we are
+ certain that privacy watchdog groups will help us by certifying that there
+ are no "back doors" that permit misuse of your private information. The
+ OpenPrivacy platform provides mechanisms to:
+
+ <ul>
+ <li>monitor and verify proper use of personal information
+ </li>
+ <li>post unauthenticated (hearsay) profile information anonymously
+ </li>
+ <li>authenticate (through opt-in verification) profile segments
+ </li>
+ <li>most importantly, enable complete user control over her profile,
including providing the ability for the user to be able to
disassociate herself from any particular segment of profile
information at any time
-</ul>
+ </li>
+ </ul>
-<h4>Safety and Trust</h4>
-<ul>
- <li><i>The user is in control</i> - the user maintains at all times
- complete control over her data, or more specifically, her
- <i>connection</i> to the data. If she wishes to disassociate from
- data or some agent who has access to her data, she may do so with
- absolute completeness.
- <li><i>Transparency</i> - the user should at all times be able to see how,
+ <h4>User Security</h4>
+ <ul>
+ <li>
+ <i>User posts profile data through pseudonymous mechanism</i>
+ </li>
+ All profile data that resides on the OpenPrivacy system is
+ disassociated from the user's true identity prior to submission.
+ This is the primary mechanism through which
+ a user can be assured that their privacy is safe throughout the
+ system.
+ <li>
+ <i>Protection from triangulation</i>
+ </li>
+ Each reputation, opinion or profile fragment can be entered into the
+ OpenPrivacy system using a unique nym. These nyms are maintained
+ automatically by the client agent and provide anonymity while enabling
+ later validated claims of ownership.
+ <li>
+ <i>User contact by third-party entities is always opt-in</i>
+ </li>
+ The user is in complete control over when and what agents can and
+ cannot contact her.
+ If at any time an agent is behaving in a fashion disagreeable to
+ the user, she can take steps to modify that behavior. If the offensive
+ behavior continues, she can cleanly disconnect from the agent leaving
+ it with anonymous demographic data of little value because it cannot be
+ validated.
+ <li>
+ <i>User owns her own data and is in complete control</i>
+ </li>
+ The user maintains at all times complete control over her data, or more
+ specifically, her <i>connection</i> to the data. If she wishes to
+ disassociate from data or some agent who has access to her data, she may
+ do so with absolute completeness. In addition, if she ever chooses to
+ change agents or decommission a nym, she can load up a new agent with as
+ much or as little of her profile data as she chooses, potentially with
+ no loss of profile knowledge or functionality.
+ <li>
+ <i>User profile data traded between agents (and servers) is protected</i>
+ </li>
+ Agents can trade pseudonymous demographic information, but will usually
+ find it to their mutual advantage (data compactness, speed) to trade
+ entirely anonymous aggregate demographic data.
+ </ul>
+
+ <h4>Safety and Trust</h4>
+ <ul>
+ <li><i>Transparency</i> - the user should at all times be able to see how,
where, when and by whom their profile information is being used.
While this transparency does not apply to data one does not own,
an important side benefit is that the system is publicly auditable.
- <li><i>Strong cryptography</i> will be utilized throughout the system for
+ </li>
+ <li><i>Strong cryptography</i> will be utilized throughout the system for
purposes of
<ul>
- <li>authentication of active entities as well as data
- <li>privacy and security - encryption only allows authorized
+ <li>authentication of active entities as well as data
+ </li>
+ <li>privacy and security - encryption only allows authorized
entities access to your profile
- <li>traceable - when an offer is received, the user can determine
+ </li>
+ <li>traceable - when an offer is received, the user can determine
exactly how and why
- <li>non-repudiation - agents may be held accountable for their
+ </li>
+ <li>non-repudiation - agents may be held accountable for their
actions
- <li>reputation accrual - profile data, agents and even reputations
+ </li>
+ <li>reputation accrual - profile data, agents and even reputations
may accrue context and time-sensitive reputation data
+ </li>
</ul>
- <li><i>No lawyers</i> - since the contracts and privacy are guaranteed
+ </li>
+ <li><i>No lawyers</i> - since the contracts and privacy are guaranteed
cryptographically, the need for lawyers to enforce contracts is
diminished to near zero
- <li><i>Open</i> - since all the workings are open source and the design
+ </li>
+ <li><i>Open</i> - since all the workings are open source and the design
is available for public review, the trustworthiness quotient of the
OpenPrivacy platform will be high
-</ul>
+ </li>
+ </ul>
-<h4>Fully Distributed</h4>
-OpenPrivacy will create a networked peer-to-peer platform enabling <i>Open
-Privacy Providers</i>. This platform will provide:
-<ul>
- <li>storage, unique naming, indexing and retrieval mechanisms for
+ <h4>Fully Distributed</h4>
+ OpenPrivacy will create a networked peer-to-peer platform enabling <i>Open
+ Privacy Providers</i>. This platform will provide:
+ <ul>
+ <li>storage, unique naming, indexing and retrieval mechanisms for
profiles. (Note that this is a business opportunity in itself!)
- <li>privacy - a user's identity cannot be determined from their profile
+ </li>
+ <li>privacy - a user's identity cannot be determined from their profile
information
- <li>security - a user can determine how their profile is to be used,
+ </li>
+ <li>security - a user can determine how their profile is to be used,
explicitly permitting some uses and denying others
-</ul>
+ </li>
+ </ul>
-<h4>Supporting Infrastructure</h4>
-OpenPrivacy is a distributed peer-to-peer network. As all communications
-are anonymized and may be encrypted, it is highly censorship resistant,
-though this can be enhanced further by using techniques currently being
-implemented by these and other projects:
-<ul>
- <li>Freenet
- <li>Free Haven
- <li>Mojo Nation
- <li>Freedom (ZeroKnowledge)
-</ul>
-
-<h4>Attack Resistant</h4>
-<ul>
- <li>Denial of Service (DOS): left to the supporting infrastructure
- <li>spoofing: impossible unless secret key is compromised
- <li>replay: identical (duplicate) data is GC'd
- <li>flooding: similar claims can be coalesced
- <li>/shills/slander/false claims:
+ <h4>Supporting Infrastructure</h4>
+ OpenPrivacy is a distributed peer-to-peer network. As all communications
+ are anonymized and may be encrypted, it is highly censorship resistant,
+ though this can be enhanced further by using techniques currently being
+ implemented by these and other projects:
+ <ul>
+ <li>Freenet
+ </li>
+ <li>Free Haven
+ </li>
+ <li>Mojo Nation
+ </li>
+ <li>Freedom (ZeroKnowledge)
+ </li>
+ </ul>
+
+ <h4>Attack Resistant</h4>
+ <ul>
+ <li>Denial of Service (DOS): left to the supporting infrastructure
+ </li>
+ <li>spoofing: impossible unless secret key is compromised
+ </li>
+ <li>replay: identical (duplicate) data is GC'd
+ </li>
+ <li>flooding: similar claims can be coalesced
+ </li>
+ <li>/shills/slander/false claims:
+ </li>
<ul>
<li>making unsubstantiated comments can damage the issuer's reputation
+ </li>
<li>anonymous (made with little or no backing reputation) shills/floods
- are likely to be ignored
+ are likely to be ignored
+ </li>
</ul>
-</ul>
+ </li>
+ </ul>
-<h4>Standards based</h4>
-OpenPrivacy defines a few basic interfaces and leave implementation up to
-the developers of the various services. However, our reference
-implementation - and recommendation - is built on Internet standards,
-including:
-<ul>
- <li>XML - all communications and objects are represented in XML
- <li>XMLDsig - the XML Digital Signature standard is used as the base of
+ <h4>Standards based</h4>
+ OpenPrivacy defines a few basic interfaces and leave implementation up to
+ the developers of the various services. However, our reference
+ implementation - and recommendation - is built on Internet standards,
+ including:
+ <ul>
+ <li>XML - all communications and objects are represented in XML
+ </li>
+ <li>XMLDsig - the XML Digital Signature standard is used as the base of
the Profile/Reputation OBject (PROB)
- <li>SOAP - the Simple Object Access Protocol is used for inter-agent
+ </li>
+ <li>SOAP - the Simple Object Access Protocol is used for inter-agent
communications
- <li>HTTP and SMTP over TCP/IP - all communications are designed to work
+ </li>
+ <li>HTTP and SMTP over TCP/IP - all communications are designed to work
over existing standard protocols
-</ul>
+ </li>
+ </ul>
-<!--#include virtual="/includes/bottom.html"-->
+ <!--#include virtual="/includes/bottom.html"-->
This archive was generated by hypermail 2b30 : Thu Mar 01 2001 - 12:30:11 PST