[WG-P3] I-D - Draft Hansen Privacy Terminology
racingsnake at fastmail.fm
Thu Sep 9 07:13:42 EDT 2010
The best solution I have seen so far to this problem is a kind of
"aggregated glossary": rather than seek to reconcile the
different definitions of a given term and produce a definitive
(sic) version, it produced a table which showed the term, the
various different definitions, some context information and the
source of each definition.
It's a compromise... but without a compromise of some form, there
is no prospect of a devinitive version - it's just a question of
which compromise you decide to go for, and how to reflect it in
your output document.
On Thu, 09 Sep 2010 05:58 -0400, "j stollman"
<stollman.j at gmail.com> wrote:
I applaud efforts to standardize the terminology we use. This
holds the potential of keeping us from talking in circles when
we believe (incorrectly) that we are all talking about the
same thing because we are using the same terms -- even though
frequently, we are defining the terms differently.
The draft document seeks to define terminology by first
providing a context and then defining words in terms of that
context. The problem that others are finding in this approach
is that the context is not universal. In fact, the context
(sending and receiving messages) is only a small part of the
ecosystem for which we seek to establish identities and
maintain some semblance of privacy.
This approach also demands that the reader review much of a
lengthy document in order to find the definition of a
A second problem I find with the current draft is that it is
not ambitious enough. It seeks to define a handful of terms,
but in the larger ecosystem I believe that there is need to
define many more (e.g., relying party, identity provider,
attribute). Of course, as work in this area continues, new
terms will continuously crop up.
Perhaps a better approach would be more of a dictionary model
in which terms are listed alphabetically and definitions given
for each. In cases where the definition changes because of
the context, multiple definitions can be offered -- couching
each within its specific context. It become easy to add new
terms to the dictionary because it is, essentially, merely a
To follow this dictionary approach, a good first step would be
to create a list of terms to be defined and then craft
definitions for them. Invariably, contributors will create
multiple definitions for many terms. It then becomes
necessary to determine whether this multiplicity of
definitions emanates from a multiplicity of contexts,
demanding more than one definition or if we can reconcile some
of these definitions - creating a standard that facilitates
more productive discussions.
On Thu, Aug 12, 2010 at 1:08 PM, J. Trent Adams
<jtrentadams at gmail.com> wrote:
On today's P3WG call we discussed that Hannes et al. are
solicit input to their Privacy Terminology I-D:
They're also planning to hold a meeting (somewhere in the
world TBD) in
early December. I'm assuming that they'd like feedback prior
to that so
a second draft can be worked and distributed in advance.
On the call today there seemed to be support for P3WG Members
contribute responses (in response to this thread) over the
weeks. Then, during the next scheduled call, we can discuss
believe we're ready to distill the comments into a reasonable
(or extend the discussion period, or decide to drop out).
Assuming that's reasonable, I suggest everyone read the I-D,
with their comments.
> On Fri, 2010-07-09 at 09:09 -0600, J. Trent Adams wrote:
>> All -
>> As a follow-up, I talked to Hannes Tschofenig (one of the
>> where they're headed with the work. They're very
>> receiving feedback on the document from multiple parties.
>> They've come up with a short list of groups they're
targeting, and P3WG
>> is a group they'd like to participate in the conversation.
>> this group believes it's valuable, we're in a good position
>> valuable input.
>> Some of the public discussion lists being solicited for
>> IETF SAAG
>> IETF Security Area Directorate
>> GEOPRIV Mailing List
>> IETF Mailing List
>> They're also targeting specific contributors within various
>> organizations such as:
>> MIT Communications Futures Program - Privacy and Security
>> Berkman Center
>> International Working Group on Data Protection in
>> Are there any other groups that folks on this list feel we
>> be added?
>> Also, from what Hannes said, it sounds like this is just a
>> by the IAB to build a more robust set of work focused on
>> J. Trent Adams wrote:
>>> All -
>>> This IETF I-D was published a couple days ago and seems to
>>> worthwhile endeavor to try and harmonize privacy-related
>>> - Trent
>>> Terminology for Talking about Privacy by Data
>>> Unlinkability, Undetectability, Unobservability,
>>> Identity Management
>>> This document is an attempt to consolidate terminology
in the field
>>> privacy by data minimization. It motivates and
>>> for anonymity/identifiability, (un)linkability,
>>> (un)observability, pseudonymity, identity, partial
>>> identity and identity management. Starting the
definitions from the
>>> anonymity and unlinkability perspective and not from a
>>> identity (the latter is the obvious approach to some
>>> some deeper structures in this field.
J. Trent Adams
WG-P3 mailing list
WG-P3 at kantarainitiative.org
stollman.j at gmail.com
WG-P3 mailing list
WG-P3 at kantarainitiative.org
1. mailto:jtrentadams at gmail.com
7. mailto:WG-P3 at kantarainitiative.org
9. mailto:stollman.j at gmail.com
+44 (0)705 005 2931
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the WG-P3