Mics Matter

Sometimes you get what you pay for.

In this case, a good microphone in a bluetooth headset.

Specifically, the Bose Soundsport Wireless:

I’ve had these a day so far, and I love them. But not just because they sound good. Lots of earphones do that. I love them because the mic in the thing is good. This is surprisingly rare.

Let’s start with the humble Apple EarPods that are overpriced at $29 and come with every Apple i-thing:

No, the sound isn’t great. But get this: they sound good to the ears at the other end. Better than the fancy new AirPods. And better than lots of other earphones I’ve used: ones from Beats, SkullCandy and lots of other brands. I’ve not heard any that sound better than plain old AirPods.

So, when a refurbished iPhone 7 Plus arrived to replace my failing iPhone 5s two days ago, and Continue reading "Mics Matter"

Decentralized Governance in Sovrin

Summary: Decentralized systems require governance to function well. Ideally this governance should be clear, open, and effective without impacting the decentralized nature of the system. This post describes the governance of the Sovrin network. Our approach is a constitutional model based on an agreement we call the Sovrin Trust Framework that informs and guides everything from code development to the responsibilities of the various actors in the system. The Sovrin Trust Framework enables decentralized governance of the Sovrin network.

Marc Hulty defines governance as "the processes of interaction and decision-making among the actors involved in a collective problem that lead to the creation, reinforcement, or reproduction of social norms and institutions." From this we can conclude that everything gets governed, the question is whether governance is ad hoc or formal, explicit or implicit.

One of the ironies of decentralized systems is that they require better governance than most centralized Continue reading "Decentralized Governance in Sovrin"

Decentralized Governance

Summary: Decentralized systems require governance to function well. Ideally this governance should be clear, open, and effective without impacting the decentralized nature of the system. This post describes the governance of the Sovrin network. Our approach is a constitutional model based on an agreement we call the Sovrin Turst Framework that informs and guides everything from code development to the responsibilities of the various actors in the system.

Marc Hulty defines governance as "the processes of interaction and decision-making among the actors involved in a collective problem that lead to the creation, reinforcement, or reproduction of social norms and institutions." From this we can conclude that everything gets governed, the question is whether governance is ad hoc or formal, explicit or implicit.

One of the ironies of decentralized systems is that they require better governance than most centralized systems. Centralized systems are often governed in an ad hoc way Continue reading "Decentralized Governance"

CBOR Web Token (CWT) draft addressing shepherd review comments

IETF logoThe CBOR Web Token (CWT) specification has been updated to address the shepherd comments by Benjamin Kaduk. Changes were:

  • Updated the RFC 5226 reference to RFC 8126.
  • Made the IANA registration criteria consistent across sections.
  • Stated that registrations for the limited set of values between -256 and 255 and strings of length 1 are to be restricted to claims with general applicability.
  • Changed the “Reference” field name to “Description of Semantics” in the CBOR Tag registration request.
  • Asked the RFC Editor whether it is possible to preserve the non-ASCII spellings of the names Erik Wahlström and Göran Selander in the final specification.

Thanks to Ben for his careful review of the specification!

The specification is available at:

An HTML-formatted version is also available at:

Security Event Token (SET) spec simplifying claims usage

IETF logoThe Security Event Token (SET) specification has been updated to simplify the definitions and usage of the “iat” (issued at) and “toe” (time of event) claims. The full set of changes made was:

  • Simplified the definitions of the “iat” and “toe” claims in ways suggested by Annabelle Backman.
  • Added privacy considerations text suggested by Annabelle Backman.
  • Updated the RISC event example, courtesy of Marius Scurtescu.
  • Reordered the claim definitions to place the required claims first.
  • Changed to using the RFC 8174 boilerplate instead of the RFC 2119 boilerplate.

Thanks to Annabelle Backman, Marius Scurtescu, Phil Hunt, and Dick Hardt for the discussions that led to these simplifications.

The specification is available at:

An HTML-formatted version is also available at:

Geology answers for Montecito and Santa Barbara

The geology meeting at the Santa Barbara Central Library on Thursday looked like this from the front of the room (where I also tweeted the same pano):

Geologist Ed Keller

Our speakers were Ed Keller of UCSB and Engineering Geologist Larry Gurrola, who also works and studies with Ed. That’s him in the shot below.

As a geology freak, I know how easily terms like “debris flow,” “fanglomerate” and “alluvial fan” can clear a room. But this gig was SRO because around 3:15 in the morning of January 9th, simultaneous debris out of multiple canyons deposited fresh fanglomerate across the alluvial fan that comprises most of Montecito, destroying (by my count on the map below) 178 buildings, damaging more than twice that many, and killing 23 people. Two of those—a 3 year old girl and a 17 year old boy—are still interred in at places unknown in the fresh fanglomerate, sought

Continue reading "Geology answers for Montecito and Santa Barbara"

Geology questions for Montecito and Santa Barbara

This post continues the inquiry I started with Making sense of what happened to Montecito. That post got a record number of reads for this blog, and 57 comments as well.

I expect to learn more at the community meeting this evening with UCSB geologist Ed Keller in the Faulkner Room in the main library in Santa Barbara. Here’s the Library schedule. Note that the meeting will be streamed live on Facebook.

Meanwhile, to help us focus on the geology questions, here is the final post-mudslide damage inspection map of Montecito:

I left out Carpinteria, because of the four structures flagged there, three were blue (affected) and one was yellow (minor), and none were orange (major) or red (destroyed). I’m also guessing they were damaged by flooding rather than debris flow. I also want to make the map as legible as possible, so we can focus on where the debris Continue reading "Geology questions for Montecito and Santa Barbara"

CBOR Web Token (CWT) draft correcting an example

IETF logoA new CBOR Web Token (CWT) draft has been published that applies a correction to an example. The full list of changes is:

  • Corrected the “iv” value in the signed and encrypted CWT example.
  • Mention CoAP in the application/cwt media type registration.
  • Changed references of the form “Section 4.1.1 of JWT <xref target="RFC7519"/>” to “Section 4.1.1 of <xref target="RFC7519"/>” so that rfcmarkup will generate correct external section reference links.
  • Updated Acknowledgements.

Thanks to Samuel Erdtman for validating all the examples once more and finding the issue with the signed and encrypted example. Thanks to Benjamin Kaduk for pointing out additional improvements that could be applied from the second WGLC comments.

The specification is available at:

An HTML-formatted version is also available at:

Security Event Token (SET) spec incorporating clarifications and a RISC example

IETF logoA new version of the Security Event Token (SET) specification has been published that incorporates clarifications suggested by working group members in discussions since IETF 100. Changes were:

  • Clarified that all “events” values must represent aspects of the same state change that occurred to the subject — not an aggregation of unrelated events about the subject.
  • Removed ambiguities about the roles of multiple “events” values and the responsibilities of profiling specifications for defining how and when they are used.
  • Corrected places where the term JWT was used when what was actually being discussed was the JWT Claims Set.
  • Addressed terminology inconsistencies. In particular, standardized on using the term “issuer” to align with JWT terminology and the “iss” claim. Previously the term “transmitter” was sometimes used and “issuer” was sometimes used. Likewise, standardized on using the term “recipient” instead of “receiver” for the same reasons.
  • Added a RISC event example, courtesy Continue reading "Security Event Token (SET) spec incorporating clarifications and a RISC example"

OAuth Token Exchange spec addressing Area Director feedback

OAuth logoA new draft of the OAuth 2.0 Token Exchange specification has been published that addresses feedback from Security Area Director Eric Rescorla. The acknowledgements were also updated. Thanks to Brian Campbell for doing the editing for this version.

The specification is available at:

An HTML-formatted version is also available at:

Announcing the Sovrin Whitepaper

Summary: The Sovrin whitepaper is now available. Identity in real life is much richer than online identity, flexibly and conveniently solving all kinds of thorny problems. Now with Sovrin, we can bring those rich identity transactions online. This paper shows how that happens and why it will impact every sector of the Internet in significant ways. I hope you'll spend some time reading it.

Sovrin Logo

I'm very pleased to announce that the Sovrin whitepaper is now available. The whitepaper pulls together in one place detailed information about why Sovrin exists, what Sovrin is, and how it will impact nearly every aspect of your online life. Here's the abstract:

Digital identity is one of the oldest and hardest problems on the Internet. There is still no way to use digital credentials to prove our online identity the same way we do in the offline world. This is finally changing. First, the World Continue reading "Announcing the Sovrin Whitepaper"

Making sense of what happened to Montecito

Note the date on this map:

That was more than a month before huge rains revised to red the colors in the mountains above Montecito. The LA Times also ran a story a week before last, warning about debris flows, which are like mud slides, but with lots of rocks.

When rains locals called “biblical” hit in the darkest hours last Tuesday morning, debris flows gooped down the mountainside canyons that feed  creeks that weave downhill across Montecito, depositing lots of geology on top of what was already there. At last count twenty people were dead and another three missing.

Our home, one zip code west of Montecito, was fine. But we can’t count how many people we know who are affected directly. Some victims were friends of friends. It’s pretty damn awful.

We all process tragedies like this in the ways we know best, and mine is

Continue reading "Making sense of what happened to Montecito"

Secure Pico Channels with DIDs

Summary: Decentralized identifiers are a perfect complement to the event channels in picos and provide the means of performing secure messaging between picos with little effort on the developer's part.

Encryption Flow

Picos are Internet-first actors that are well suited for use in building decentralized soutions on the Internet of Things. See this description of picos for more details.

Picos send an receive messages over channels. Each channel has a non-correlatable identifier, called an ECI. Because picos can have as many channels as they like, you can use them to prevent correlation of the pico's identity without the pico's participation.

When two picos exchange ECIs to create a relationship, we call that a subscription. Wrangler, the pico operating system, supports creating and using subscriptions. Subscriptions allow picos to use peer-to-peer, graph-based interaction patterns. From a given pico's perspective, it has an inbound channel to receive messages (the Rx channel) and an outbound Continue reading "Secure Pico Channels with DIDs"

CBOR Web Token (CWT) addressing 2nd WGLC comments

IETF logoA new CBOR Web Token (CWT) draft has been published that addresses comments received during the second working group last call. Thanks to Hannes Tschofenig, Esko Dijk, Ludwig Seitz, Carsten Bormann, and Benjamin Kaduk for their feedback. All changes made were clarifications or formatting improvements.

The specification is available at:

An HTML-formatted version is also available at:

Doing the after math

When I flew out of California on the 14th, this blog was still working. When I went here to post about the Thomas Fire on 15th, it wasn’t. (Somebody later told me Harvard was moving servers around, so maybe that was it.) But then the fire looked to be under control. It wasn’t.

On the 16th it blew hard down across the mountain flank of Montecito and Santa Barbara, straight toward our house.

So I posted reports, throughout the day, on the #ThomasFire, which is still burning—and will continue burn after it becomes the largest in California history, which will likely happen soon—over at Doc.Blog, which has the old-fashioned blogging virtue of being extremely easy to post on and to edit in real time, and in a WYSIWYG way.

Here are my posts there, in chronological order:

#ThomasFire 2017_12_16 9:35am PST

#ThomasFire 2017_12_16 9:55am PST

#ThomasFire 2017_12_16 Continue reading "Doing the after math"

The real problem is Decoy News (and decoy content of all kinds)—and the platforms can’t fix it

The term “fake news” was a casual phrase until it became clear to news media that a flood of it had been deployed during last year’s presidential election in the U.S. Starting in November 2016, fake news was the subject of strong and well-researched coverage by NPR (here and here), Buzzfeed, CBS (here and here), Wired, the BBC, Snopes, CNN (here and here), Rolling Stone and others. It thus became a thing…

… until Donald Trump started using it as an epithet for news media he didn’t like. He did that first during a press conference on February 16, and then the next day on Twitter:

And he hasn’t stopped. To Trump, any stick he can whup non-Fox mainstream media with is a good stick, and FAKE NEWS is the best.

So that pretty much took

Continue reading "The real problem is Decoy News (and decoy content of all kinds)—and the platforms can’t fix it"

An evacuated view on the #ThomasFire

Here’s the latest VIIRS data, on the most active parts of the Thomas Fire, mapped on Google Earth Pro:That’s 1830 Mountain Standard Time, or 5:30pm Pacific. About half an hour ago as I write this.

And here are the evacuation areas:

Our home is in the orange Voluntary Evacuation area, and we made a round trip from LA to prepare the house as best we could, gather some stuff and go. Here’s a photo album of the trip, and one of the last sights we saw on our way out of town:

This, I believe, was a fire break created on the up-slope side of Toro Canyon.

This afternoon I caught a community meeting broadcast on KEYT, Santa Barbara’s local TV station, which has been very aggressive and responsible in reporting on the fire. I can’t find a recording of that now on the site, but Continue reading "An evacuated view on the #ThomasFire"

#ThomasFire Tuesday

Here is the extent of the Thomas Fire, via VIIRS readings going back a week:

Here are the active margins of the fire alone. The distance from one end to the other is about 40 miles:

We also see it’s eleven or twelve separate fires at this point. The ones happening in the back country matter less than the ones encroaching on civilization. Here’s the corner we’re most concerned with, since we have a house in Santa Barbara:

That’s what’s burning now.

According to Windy.com, the wind is a light breeze to the east-southeast, meaning back toward itself. This is good.

Here’s a photo set I shot driving to and from our place in Santa Barbara yesterday. It was pretty dramatic last night as we crept on a side road, avoiding the 101 traffic gawking its way past Summerland:

I’m not sure if some of those were back-fires Continue reading "#ThomasFire Tuesday"