Dear All, I have a quick comment on the Benoit second question about "an object in fact just carrying or using its owner's identity?". I suppose objects in the future could be able to do a lot of things automatically, to react to emergency situation for example. When things become "smart", their identities then could be something else rather than "owner's identities", where the concept of ownership would be quite blur. Moving forward to IoT vision and a smart world, well, things should have there own identities rather than rely on their owners. Thank you. Best regards, Son Han On 9/24/2013 5:43 PM, BAILLEUX Benoit OLNC/OLPS wrote:

Hello all,

During last teleconference, I have asked a question that has not been answered during the call. Ingo suggested to ask to the whole list.

Short:

Where to put the limit, for a thing or object, between a simple list of attributes and a whole/real "identity" for that object? Does the object need a minimal computing power to have an identity? Or the simple fact to be able to answer a request (even if it is "passive") is enough for that? Are there other criteria (like, for an object, just having a unique ID)?

Another question: in a lot of cases, instead of a proper identity, doesn't an object in fact just carrying or using its owner's identity?

A bit longer:

Nowadays, a lot of devices, objects and things are able to communicate, either actively or passively (upon request, as with RFID). Most of those objects have an identifier and often a set of attributes. Some of them are able to react to their environment. But in some cases, it seems to me that certain object don't have a "digital identity" on their own. I think that they just carry a set of complementary attributes for another entity, or just have a set of attributes, but not a "real" identity, or act on behalf of another entity.

Examples: - A light-bulb has an address (IPv6?) and some attributes (e.g. firstUsed:<a date> and onFor:<a duration>). Is it a real identity? - A micro-chip has just an ID number. Isn't that number just an attribute of the identity of the pet wearing it under its skin? - Consider a car. It sometimes act on behalf of its owner or driver (when paying a toll), and sometimes for itself (when connected to the computer of the garage). - What is the difference between an economic good with a paper label with a serial number, or with a label with a barcode or with a passive contactless chip (RFID)? Does only the latter have a (digital) identity?

Should we build a typology of identities (or "nearly identities")? If we can define the wider spectrum of possible identities definitions, then we can choose which part of that spectrum we want to address in the WG.

Finally, objects acting on behalf of their owners or with the identities of their owners (e.g. a smartphone sending a notification) seem to be something quite common. The owner's identity is then pervasive and exists (sometimes partially and momentarily) in several objects at the same time. The identity has different forms in the various objects, depending on their needs and their capabilities, but it's really the same everywhere. I think that situation dramatically needs an "overarching Identity Framework" to "recognize and manage identities across different solutions". Do you agree?

I'm sorry for posting this so late. Please ask me if my poor English is not understandable.

Regards,

Yes, I think so. In case there's an owner, her/his identity should be also considered in the identity of things model Thank you. Best regards, Son Han On 9/24/2013 6:35 PM, Paul Madsen wrote:

I see things having their own identity (perhaps provisioned at manufacturing etc), but when the nature of an interaction or message happens 'on behalf of' a particular user, then that user's identity must also be captured & expressed

paul On 9/24/13 12:32 PM, Son Han wrote:

...

Dear All,

I have a quick comment on the Benoit second question about "an object in fact just carrying or using its owner's identity?". I suppose objects in the future could be able to do a lot of things automatically, to react to emergency situation for example. When things become "smart", their identities then could be something else rather than "owner's identities", where the concept of ownership would be quite blur. Moving forward to IoT vision and a smart world, well, things should have there own identities rather than rely on their owners.

Thank you. Best regards,

Son Han On 9/24/2013 5:43 PM, BAILLEUX Benoit OLNC/OLPS wrote:

...

Hello all,

During last teleconference, I have asked a question that has not been answered during the call. Ingo suggested to ask to the whole list.

Short:

Where to put the limit, for a thing or object, between a simple list of attributes and a whole/real "identity" for that object? Does the object need a minimal computing power to have an identity? Or the simple fact to be able to answer a request (even if it is "passive") is enough for that? Are there other criteria (like, for an object, just having a unique ID)?

Another question: in a lot of cases, instead of a proper identity, doesn't an object in fact just carrying or using its owner's identity?

A bit longer:

Nowadays, a lot of devices, objects and things are able to communicate, either actively or passively (upon request, as with RFID). Most of those objects have an identifier and often a set of attributes. Some of them are able to react to their environment. But in some cases, it seems to me that certain object don't have a "digital identity" on their own. I think that they just carry a set of complementary attributes for another entity, or just have a set of attributes, but not a "real" identity, or act on behalf of another entity.

Examples: - A light-bulb has an address (IPv6?) and some attributes (e.g. firstUsed:<a date> and onFor:<a duration>). Is it a real identity? - A micro-chip has just an ID number. Isn't that number just an attribute of the identity of the pet wearing it under its skin? - Consider a car. It sometimes act on behalf of its owner or driver (when paying a toll), and sometimes for itself (when connected to the computer of the garage). - What is the difference between an economic good with a paper label with a serial number, or with a label with a barcode or with a passive contactless chip (RFID)? Does only the latter have a (digital) identity?

Should we build a typology of identities (or "nearly identities")? If we can define the wider spectrum of possible identities definitions, then we can choose which part of that spectrum we want to address in the WG.

Finally, objects acting on behalf of their owners or with the identities of their owners (e.g. a smartphone sending a notification) seem to be something quite common. The owner's identity is then pervasive and exists (sometimes partially and momentarily) in several objects at the same time. The identity has different forms in the various objects, depending on their needs and their capabilities, but it's really the same everywhere. I think that situation dramatically needs an "overarching Identity Framework" to "recognize and manage identities across different solutions". Do you agree?

I'm sorry for posting this so late. Please ask me if my poor English is not understandable.

Regards,

_______________________________________________ DG-IDoT mailing list DG-IDoT@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-idot

I dont see why there is any doubt that every thing has its own identity. The key element that we will have to work with is the relationships between the things identity and those of others, one of whom might be its owner (whatever that might mean is this new equal opportunity world of things) There might be some optimization that can be done for the situation where a thing has only a single relationship with another entity, but I think these are really going to be small and uninteresting. Allan Simplify Email: Email Charter http://emailcharter.org/ *Allan Foster - ForgeRock * /Vice President Technology & Standards/ *Office of the CTO* *Location:* Vancouver, WA, US *p:* +1.360.229.7102 http://forgerock.com/who-we-are/summits/europe-2013/ *email:* allan.foster@forgerock.com mailto:allan.foster@forgerock.com *www:* www.forgerock.com http://www.forgerock.com/ *www:* www.forgerock.org http://www.forgerock.org/ *blogs:* blogs.forgerock.com/GuruAllan http://blogs.forgerock.com/GuruAllan On 9/24/13 5:39 PM, j stollman wrote:

I would suggest that "things" have/need their own identify when they are communicated with by having their own address that makes them accessible to anyone over the internet.

If anyone can access the device (such as a network printer) by sending a command to its address, then it has its own identity. Captive devices that would not require identities would be items like direct-attached printers.

Jeff

On Tue, Sep 24, 2013 at 11:46 AM, Son Han mailto:son.han@it-sudparis.eu> wrote:

Yes, I think so. In case there's an owner, her/his identity should be also considered in the identity of things model

Thank you. Best regards,

Son Han On 9/24/2013 6:35 PM, Paul Madsen wrote:

...

I see things having their own identity (perhaps provisioned at manufacturing etc), but when the nature of an interaction or message happens 'on behalf of' a particular user, then that user's identity must also be captured & expressed

paul On 9/24/13 12:32 PM, Son Han wrote:

...

Dear All,

I have a quick comment on the Benoit second question about "an object in fact just carrying or using its owner's identity?". I suppose objects in the future could be able to do a lot of things automatically, to react to emergency situation for example. When things become "smart", their identities then could be something else rather than "owner's identities", where the concept of ownership would be quite blur. Moving forward to IoT vision and a smart world, well, things should have there own identities rather than rely on their owners.

Thank you. Best regards,

Son Han On 9/24/2013 5:43 PM, BAILLEUX Benoit OLNC/OLPS wrote:

...

Hello all,

During last teleconference, I have asked a question that has not been answered during the call. Ingo suggested to ask to the whole list.

Short:

Where to put the limit, for a thing or object, between a simple list of attributes and a whole/real "identity" for that object? Does the object need a minimal computing power to have an identity? Or the simple fact to be able to answer a request (even if it is "passive") is enough for that? Are there other criteria (like, for an object, just having a unique ID)?

Another question: in a lot of cases, instead of a proper identity, doesn't an object in fact just carrying or using its owner's identity?

A bit longer:

Nowadays, a lot of devices, objects and things are able to communicate, either actively or passively (upon request, as with RFID). Most of those objects have an identifier and often a set of attributes. Some of them are able to react to their environment. But in some cases, it seems to me that certain object don't have a "digital identity" on their own. I think that they just carry a set of complementary attributes for another entity, or just have a set of attributes, but not a "real" identity, or act on behalf of another entity.

Examples: - A light-bulb has an address (IPv6?) and some attributes (e.g. firstUsed:<a date> and onFor:<a duration>). Is it a real identity? - A micro-chip has just an ID number. Isn't that number just an attribute of the identity of the pet wearing it under its skin? - Consider a car. It sometimes act on behalf of its owner or driver (when paying a toll), and sometimes for itself (when connected to the computer of the garage). - What is the difference between an economic good with a paper label with a serial number, or with a label with a barcode or with a passive contactless chip (RFID)? Does only the latter have a (digital) identity?

Should we build a typology of identities (or "nearly identities")? If we can define the wider spectrum of possible identities definitions, then we can choose which part of that spectrum we want to address in the WG.

Finally, objects acting on behalf of their owners or with the identities of their owners (e.g. a smartphone sending a notification) seem to be something quite common. The owner's identity is then pervasive and exists (sometimes partially and momentarily) in several objects at the same time. The identity has different forms in the various objects, depending on their needs and their capabilities, but it's really the same everywhere. I think that situation dramatically needs an "overarching Identity Framework" to "recognize and manage identities across different solutions". Do you agree?

I'm sorry for posting this so late. Please ask me if my poor English is not understandable.

Regards,

_______________________________________________ DG-IDoT mailing list DG-IDoT@kantarainitiative.org mailto:DG-IDoT@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-idot

_______________________________________________ DG-IDoT mailing list DG-IDoT@kantarainitiative.org mailto:DG-IDoT@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-idot

-- Jeff Stollman stollman.j@gmail.com mailto:stollman.j@gmail.com 1 202.683.8699

Truth never triumphs --- its opponents just die out. Science advances one funeral at a time. Max Planck

_______________________________________________ DG-IDoT mailing list DG-IDoT@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-idot