OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

 


 

   RE: [xml-dev] The Rule of Least Power - does it miss the point?

[ Lists Home | Date Index | Thread Index ]


After finally setting aside some time this weekend to catch up on some
of what Len's been talking about regarding the concept of "legitimacy",
I ended up reading one of Aldo de Moor's papers.  As an aside, I want to
thank Len for the pointer, because it goes along similar lines to what I
had already planned for my presentations this year in Croatia.  Always
good to have more reference material.  The Microsoft example of
illegitimate community behavior is better than what I'd found recently,
and I'd forgotten about it.

As a result of my weekend reading, I ended up with about 10 pages of
notes & thoughts.  Some of it about what was being said in the context
of this discussion, but also some in the more general case.  It's not
directly relevant, but anyone curious can find the result here: 
http://atownley.org/2006/03/why-context-legitimacy-in-the-web/ (filed
under "philosophy", with apologies to Michael).

Also, reading it made me want to mention something Len had said earlier
about now was the time to discontinue the use of a single identifier. 
I'm not so sure I agree with this.  I think that the main issue is that,
from a security protocol point of view, the single identifier should not
*mean* anything without some amount of associated context.  This context
could be partially established by any existing security mechanism
(password, PIN, etc.), but also by the channel being used to present the
information.

I realize that in practice, this is difficult to do with today's
systems, but the point is that to support the kind of legitimacy
principles (especially things like e-voting) de Moor is talking about,
you must be uniquely identifiable to a system in some way.  It may be
that when some of the outstanding security and social issues are solved,
you will have more than one identifier for a given environment, but
within that environment, control of that identifier will prove that you
are you.  In this case, "control" does NOT mean knowing that your SSN is
'blah' and your mother's maiden name was "xyzzy".

Secondly, I think the focus on the link between legitimacy and economics
confuses things a bit.  From the (admittedly only one) paper I read,
legitimacy is about *people* and how they resolve conflicts.  Once a
group of people can efficiently share, then they're more willing to
trust the environment.  The economic up-side is just a by-product of
those warm fuzzies.  It can't be the end goal, or the whole thing falls
apart as history has shown us every time we seem to forget.

So, now back to our regularly scheduled program... :)

On Fri, 2006-03-10 at 21:56, Bullard, Claude L (Len) wrote:
> Thanks.  Let's continue this conversation.  It is going 
> towards something:  automated-topic generation, aka, 
> control emergence.   It is all well and good to 'wire 
> the web' but in most systems, that has to be done with 
> pre-built ontologies or drag-and-drop controls.  Nothing 
> says that is wrong but it isn't always effective.  
> 
> Watching Steve Pepper of Ontopia conduct his topic map class  
> at XML 2004 pleasurable in the extreme because he applies interview 
> techniques to topic map generation.  This is a learning 
> model that constructs a 'local reality'.  It is only one way 
> to get it done but it exhibits exquisite sensitivity, 
> legitimacy and autonomy when using an expert model (Steve + 
> the software) with a novice model (the persons seeking 
> his advice) to create a local/global topic (the summary 
> of the common topics resulting by interview).

It sounds like there's a lot of similarity here to the Organizational
Learning disciplines about trying to balance local autonomy with an
awareness of the Hardin's "commons".  It sounds interesting, but I
didn't get that far in my reading.

> I posit: the rule of least power isn't incorrect, but it 
> is misleading unless contexts are applied.   For a system 
> to be a pragmatic system it must be a learning system. To 
> provide an effective coupling between social benefits and 
> economic benefits, it should account for at least three 
> features:
> 
> 1.  Legitimacy (social benefits coupled to economic benefits)
> 
> 2.  Sensitivity (it is a real time system and does not overreact or
> underreact)
> 
> 3.  Autonomy: the construction of a local environment is autonomous 
>     and relationships with global environments are negotiable)

But, isn't legitimacy the primary aspect which either does or does not
allow the other two?  From the sensitivity point of view, this can be
done either by management by a central body (not likely in the case of
the Web), or, as proposed by Senge, the establishment of signals for
alerting participants to unrealized or unintended consequences.  This
may be possible in an automated system, but it still requires people
being able to understand what to do when the alarm bells start ringing.

Also, what is the scope of the sensitivity in your proposal?  Is it
solely limited to things that are identifiable by agents, or is it
possible to put signals on the loss of freedoms imposed in response to
illegitimate actions (or their spin-off by-products like
"copy-protected" CDs)?

Of the three, I think the autonomy is the easiest to achieve on the
surface, but unless it participates in or responds to the sensitivity
triggers, I'm not sure that it will change much.  Still, maybe this is
all further explained in the "control emergence" topic.  I've a few more
things I found through google, but I'm not quite sure when I'll get to
actually read them.

Apologies if I'm again missing your point.  Just trying to understand
where you're headed.

ast
-- 
Join me in Dubrovnik, Croatia on May 8-10th when I will be speaking at
InfoSeCon 2006.  For more information, see www.infosecon.org.

***************************************************************************************************
The information in this email is confidential and may be legally privileged.  Access to this email by anyone other than the intended addressee is unauthorized.  If you are not the intended recipient of this message, any review, disclosure, copying, distribution, retention, or any action taken or omitted to be taken in reliance on it is prohibited and may be unlawful.  If you are not the intended recipient, please reply to or forward a copy of this message to the sender and delete the message, any attachments, and any copies thereof from your system.
***************************************************************************************************




 

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS