[
Lists Home |
Date Index |
Thread Index
]
You understand me fine, Andrew, and I appreciate the
consideration given the thread topics.
Somewhere back in the archives are some threads that include
the topics of the man of action vs. the man of law (See "The
Man Who Shot Liberty Valance" where the hero is the least
lauded except privately, the system rewards someone who's
courage was great but actionable skills were few, and in
the end, had to buy back the hero's boots so he could be
buried in them). I think I blogged some of this awhile
back but can't access that from here.
IOW, legitimacy will not always come down to a context of
law. It has a context of action, or as the pragmatics
people say, norms and affordances. Certainly subscription
to notification of a transaction against an identifier one
is linked to is one solution. Today we are asked to 'check
our credit often' and that isn't enough. We need to admit
we have a kluged system and given the visibility afforded by
it, it favors the street criminal over the corporate criminal
because if one goes in beneath the radar, the potential for
profit and harm are enormous; whereas, the more visible an d
powerful the entity, the more constrained unless the governed
lose faith in their covenants given fear of immediate harm.
The application of fear to cover malfeasance and undermine
honor is so old a tactic of the street thug, the only amazement
here is how well it has worked for the powerful.
Some call others 'philosophers' and what they say 'philosophy'
with the same mean agenda as some call others 'liberals'. It's
a code word used to deprive philosophy of legitimacy given technical
matters. This is wrong and some who didn't learn it early enough,
notably Alfred Nobel and J. Robert Oppenheimer came to sad personal
ends. Understanding Cain's question in Genesis is always worth some
time and personal introspection.
But when we build systems for public use, as did Oppenheimer and
Nobel, the need is greater. The web was fielded witlessly. I
did not say dumb: I said witlessly. It cares nothing for the
users, just its own sparse verbs and formats. That's fine.
That's the right way to design a network and an interchange
format. It isn't the right way to design applications that use it.
The example of the SSN is given as an example of overlap in the
historical use of two systems that can be interfaced but which
in combination create a quantum-entanglement of semantic threat.
In this case, the exposure of the SSN over its history and current
modes of recording make identity theft very easy and very profitable,
so inevitable given the social systems. Witless: easy to predict
but done anyway because it makes a big splash.
One can separate the technical contexts from the social contexts,
and that can be the right way to document, but it is a mean and
lazy way to design. Philosophy is where life intersects with
science. To make that intersection void is to harm both. So
again, what simple rules or concerns might we put there? As
deMoor wrote, legitimacy is key, but I think it not enough,
so I posit autonomy and sensitivity as well. We can make a
case for the legitimacy of spying or invading other countries
or even sleeping with our best friend's wife, but I don't think
we can make the case for all three convincingly.
These are not hard rules of logic. These are analogical. By
analogical reasoning, one derives the situations and contexts,
and reasons over these by hypothesis. That is the right
relationship between logic and analogy, science and technology,
law and action.
If we are to apply principles, let us be sure to give the use cases.
These are the basis for determining if we have applied them well.
len
-----Original Message-----
From: Andrew S. Townley [mailto:andrew.townley@bearingpoint.com]
Sent: Monday, March 13, 2006 2:39 PM
To: Bullard, Claude L (Len)
Cc: Gavin Thomas Nicol; XML Developers List
Subject: RE: [xml-dev] The Rule of Least Power - does it miss the point?
After finally setting aside some time this weekend to catch up on some
of what Len's been talking about regarding the concept of "legitimacy",
I ended up reading one of Aldo de Moor's papers. As an aside, I want to
thank Len for the pointer, because it goes along similar lines to what I
had already planned for my presentations this year in Croatia. Always
good to have more reference material. The Microsoft example of
illegitimate community behavior is better than what I'd found recently,
and I'd forgotten about it.
As a result of my weekend reading, I ended up with about 10 pages of
notes & thoughts. Some of it about what was being said in the context
of this discussion, but also some in the more general case. It's not
directly relevant, but anyone curious can find the result here:
http://atownley.org/2006/03/why-context-legitimacy-in-the-web/ (filed
under "philosophy", with apologies to Michael).
Also, reading it made me want to mention something Len had said earlier
about now was the time to discontinue the use of a single identifier.
I'm not so sure I agree with this. I think that the main issue is that,
from a security protocol point of view, the single identifier should not
*mean* anything without some amount of associated context. This context
could be partially established by any existing security mechanism
(password, PIN, etc.), but also by the channel being used to present the
information.
I realize that in practice, this is difficult to do with today's
systems, but the point is that to support the kind of legitimacy
principles (especially things like e-voting) de Moor is talking about,
you must be uniquely identifiable to a system in some way. It may be
that when some of the outstanding security and social issues are solved,
you will have more than one identifier for a given environment, but
within that environment, control of that identifier will prove that you
are you. In this case, "control" does NOT mean knowing that your SSN is
'blah' and your mother's maiden name was "xyzzy".
Secondly, I think the focus on the link between legitimacy and economics
confuses things a bit. From the (admittedly only one) paper I read,
legitimacy is about *people* and how they resolve conflicts. Once a
group of people can efficiently share, then they're more willing to
trust the environment. The economic up-side is just a by-product of
those warm fuzzies. It can't be the end goal, or the whole thing falls
apart as history has shown us every time we seem to forget.
So, now back to our regularly scheduled program... :)
On Fri, 2006-03-10 at 21:56, Bullard, Claude L (Len) wrote:
> Thanks. Let's continue this conversation. It is going
> towards something: automated-topic generation, aka,
> control emergence. It is all well and good to 'wire
> the web' but in most systems, that has to be done with
> pre-built ontologies or drag-and-drop controls. Nothing
> says that is wrong but it isn't always effective.
>
> Watching Steve Pepper of Ontopia conduct his topic map class
> at XML 2004 pleasurable in the extreme because he applies interview
> techniques to topic map generation. This is a learning
> model that constructs a 'local reality'. It is only one way
> to get it done but it exhibits exquisite sensitivity,
> legitimacy and autonomy when using an expert model (Steve +
> the software) with a novice model (the persons seeking
> his advice) to create a local/global topic (the summary
> of the common topics resulting by interview).
It sounds like there's a lot of similarity here to the Organizational
Learning disciplines about trying to balance local autonomy with an
awareness of the Hardin's "commons". It sounds interesting, but I
didn't get that far in my reading.
> I posit: the rule of least power isn't incorrect, but it
> is misleading unless contexts are applied. For a system
> to be a pragmatic system it must be a learning system. To
> provide an effective coupling between social benefits and
> economic benefits, it should account for at least three
> features:
>
> 1. Legitimacy (social benefits coupled to economic benefits)
>
> 2. Sensitivity (it is a real time system and does not overreact or
> underreact)
>
> 3. Autonomy: the construction of a local environment is autonomous
> and relationships with global environments are negotiable)
But, isn't legitimacy the primary aspect which either does or does not
allow the other two? From the sensitivity point of view, this can be
done either by management by a central body (not likely in the case of
the Web), or, as proposed by Senge, the establishment of signals for
alerting participants to unrealized or unintended consequences. This
may be possible in an automated system, but it still requires people
being able to understand what to do when the alarm bells start ringing.
Also, what is the scope of the sensitivity in your proposal? Is it
solely limited to things that are identifiable by agents, or is it
possible to put signals on the loss of freedoms imposed in response to
illegitimate actions (or their spin-off by-products like
"copy-protected" CDs)?
Of the three, I think the autonomy is the easiest to achieve on the
surface, but unless it participates in or responds to the sensitivity
triggers, I'm not sure that it will change much. Still, maybe this is
all further explained in the "control emergence" topic. I've a few more
things I found through google, but I'm not quite sure when I'll get to
actually read them.
Apologies if I'm again missing your point. Just trying to understand
where you're headed.
ast
--
Join me in Dubrovnik, Croatia on May 8-10th when I will be speaking at
InfoSeCon 2006. For more information, see www.infosecon.org.
***************************************************************************************************
The information in this email is confidential and may be legally privileged. Access to this email by anyone other than the intended addressee is unauthorized. If you are not the intended recipient of this message, any review, disclosure, copying, distribution, retention, or any action taken or omitted to be taken in reliance on it is prohibited and may be unlawful. If you are not the intended recipient, please reply to or forward a copy of this message to the sender and delete the message, any attachments, and any copies thereof from your system.
***************************************************************************************************
|