http://kantarainitiative.org/confluence/display/BSC/2016-10+%28October+2016%29+Meetings#id-2016-10(October2016)Meetings-Thursday,October6

Agenda:

Attending: Eve, Scott S, Adrian, Kathleen, Matisse, Colin, Marco?, John W?

Matisse has suggested the blood diamond example as a case study to analyze for this properties of enforcing ethics at a technology level. Here's a YouTube video on it. This could be extended to several provenance use cases. Scott notes everledger.io as a company offering blockchain-based fraud detection services for insurance purposes, where the generic use case is fraud detection and the specific case study involves ethics of blood diamond provenance. The ivory trade could be another ethics use case. See also this article. The current process is Kimberley Process certificates. Apparently the Kimberley Process is looking at blockchain now.

Would Matisse be willing to take on the assignment to write up the blood diamond case study? Scott S is interesting in this too. Matisse is only free after her PhD thesis is done in a month's time, and would like a structure. How about this for case study structures?

AI: Scott S: Attempt to turn the draft case study structure into a questionnaire and see if we can reach out to everledger.io to try it out so we can begin to fill out a case study section with the results. We always reserve the right to massage any answers we get back, to do more research, and publish information in our own words.

Note that it's possible to put diagrams in the final report. We will make sure of it. All report authors should feel free to submit diagrams and graphics.

Discussing the language Scott has contributed to the Certificate Transparency section of the report: We suggest adding a bit of discussion about the weaknesses of PKI, and the optimistic assumption of much blockchain technology about PKI and how identity can just use a clean global PKI system. Also, how much of blockchain node participation is anonymous, how much of the time? The notion behind Certificate Transparency is to force, at a technical level, knowledge of what you've got. The section could contain cross-references to the other technology sections.

AI: Eve: Find for Scott S the "Let's fix HTTPS" presentation that explains why browsers are never going to get better at cert management.

Thomas reports that he is working on his IPFS section. Kathleen is working on her HL7 section.

Eve's thoughts for her UMA section run in this direction: UMA's primary goal is empowerment for a particular type of transaction, which is sharing of digital resources. In the course of coming up with an architecture for that, UMA invented an interestingly powerful service (the AS), which is, however, a centralized entity that must be trusted. (Adrian's "pure" form requires this to be chosen by the individual, akin to a public blockchain that is completely decentralized, whereas most initial deployments are expected to be akin to a permissioned blockchain that we could consider less "pure".) The work on UMA Legal attempts to mitigate the risk of having central services matching up to distributed APIs. More brainstorming on UMA section ideas:

Adrian's formulation of requirements sent to the list:

Trust and personal data

Eve's revision: ???

We made a few changes in the report itself as well.

Eve Maler
ForgeRock Office of the CTO | VP Innovation & Emerging Technology
Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
ForgeRock Summits are coming to London and Paris!