Standards Committee Face to Face 2008 October
Notes by Joe Andrieu October 15, 2008
Face to Face Meeting
October 15 Berkman Center
Attendees
- Doc Searls
- Joe Andrieu
- Adrian Gropper
- Keith Hopper
- Dean Landsman
- Eve Maler (via teleconference)
- Asa Hardcastle (initially via teleconference)
- Charles Andres
- Tom Caroll
Notes
Introduction of PAM, Personal Address Manager
Principles:
- Independence: Must be able to be served on the individuals own machine, as well as by a service.
Scope:
A service for automatically updating an individual's postal "address of record" with authorized address users.
Addresses are used for applications from personal, private transactions, e.g., pornography, to official business, such as your official address for voting.
The "address of record" is taken to be a self-asserted address, under the authority of the individual. It is not presumed to be authenticated or validated in any other way. Third party validation of claims is out of scope for now.
Relationship Service is comprised of
- data
- location
- permissions
One Night Stand
A one-stop shopping experience with a VRM compliant online vendor.
- Setup Personal Datastore with appropriate information
- Shopping (window shopping, online or offline)
- Selection (product(s) chosen, put in a shopping cart, minimal exposure: IP)
- Checkout (Start to Purchase)
- Specify One Night Stand Terms
- Data Usage Policy
- Data Retention/Destruction Policy
- Data Security
- (see Liberty Privacy Constraints draft spec)
- (see XDI Global Services requirements for iBrokers http://gss.xdi.org)
- Shipping Data
- Billing Data
- Negotiate/Accept Terms of Sale
- [Sale is consummated]
- Specify One Night Stand Terms
- Post-Sale Auditing/Compliance Messaging
post-sale audit message
Audit message affirmatively states compliance with terms of contract, with a link or affirmative statement of those statements includes all retention, propagation status, e.g., we kept your IP address, logged the transaction, and deleted data from all active customer databases. We gave your name and address to FedEx for delivery.
Audit message need not be an interruptive/interactive user experience. Such audit messages are logged by the user's system, but need not generate emails, pop-ups or other UI.
Alternatively, four phases:
- Negotiate Terms of Engagement
- Negotiate Terms of Sale
- Consummate Sale
- Audit Artifact Created
Parts of the system
- Declaration of Independence
- Standards (802.11b) blessed as VRM
- Product
- ANSI certifies the procedures