<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=utf-8">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";
color:black;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.q
{mso-style-name:q;}
span.EmailStyle18
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle19
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body bgcolor=white lang=EN-US link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";
color:#1F497D'><o:p> </o:p></span></b></p>
<p class=MsoNormal> Also CAcert has nothing - I repeat NOTHING - to do with
"Open Source" whatsoever, but CAcert is a community operated
web-of-trust scheme.<br>
<br>
<span style='color:#1F497D'>--------------------<o:p></o:p></span></p>
<p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='color:#1F497D'>This got me thinking, all
afternoon. Open Source means folks writing software, one might infer. So, why
did I feel right to use the term?<o:p></o:p></span></p>
<p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='color:#1F497D'>In my view, Open Source means writing
legal agreements (a form of software). Use of community property begets certain
obligations.<o:p></o:p></span></p>
<p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='color:#1F497D'>Open Source means writing
federation policies. Use of community property begets certain obligations.<o:p></o:p></span></p>
<p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='color:#1F497D'>Open Source means developing/writing
certification practice statements? Use of community property begets…<o:p></o:p></span></p>
<p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='color:#1F497D'>It’s a state of mind, surely: not
merely the ability to be a god of Unix device drivers.<o:p></o:p></span></p>
<p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='color:#1F497D'>If OpenID - as a vendor-led community
– is heading for the fully de-centralized infrastructure vision that is implied
by its technological potential, OpenID folk and CAcert folk should actually get
on fine – old PKI wars about browsers and certs, aside.<o:p></o:p></span></p>
<p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='color:#1F497D'>If OpenID infrastructure turns
out to emulate in its default trust models that used when delivering https in webland
today (or more viciously, vendor clubs rig the infrastructure with lobbying funds
so it adopts the “mega-TTP model”), CAcert folks will be in exactly the same
position with OpenID as they are with the vendors of browsers for the public:
outcast.<o:p></o:p></span></p>
<p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='color:#1F497D'>This has been actually been an
excellent use case analysis. Organized realty has folks with actual, analogous approach
to trust management as that being investigated by the CAcert community in PKI.
Like such people or despise their view on life, they are present and entirely valuable
participants in the Realty world – at least. We will love you, if no-one else
will! Folks may not realize it, but 1.3 million Realtors are amongst the world’s
best social networkers. Each individual’s commission check at the end of the
next month depends solely on that exhibiting that skill. At the same time, each
Realtor is in competition with the one up the road, as are broker offices, and
as our towns vying for deals in that suddenly interesting parcel of land that
was desert, 30 years ago. So, lots of interesting, local-community-driven trust
practices have evolved over the last 30+ years of online brokering.<o:p></o:p></span></p>
<p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='color:#1F497D'>Mental note to self: OpenID, at
least when applied to de-centralized realty’s private management domain, has
to show it can adopt, extend and live happily with a CAcert approach to trust
management (as well as other means, such as assurances-based evaluation). After
all, SAML2 had no problem; and is functionally identical to OpenID. If OpenID in
practice comes overly loaded with a preset set of ideas about how Realty shall
orchestrate trust management, it might well not be suitable for adoption. But,
finding this out is exactly why I’m here, and why several of us are reaching
out to OpenIDers!<o:p></o:p></span></p>
<p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p>
</div>
</body>
</html>