Hyperledger Indy's README.md explains how to start the @Sovrin test pool on localhost using docker and in a docker network.
Doing it this way the pool is not reachable from clients that are not on your local machine. Building a mobile app then has the problem that the phone can't talk to the test pool because neither localhost nor the private docker network are reachable.
Starting the test pool on a specific IP address
Dockerfile ci/indy-pool.dockerfile supports an optional pool_ip param that allows changing the IP address of the pool nodes in the generated pool configuration.
You can start the pool with e.g. the IP address of your development machine's WIFI interface so that mobile apps in the same network can reach the pool.
# replace 192.168.179.90 with your wifi IP address docker build --build-arg pool_ip=192.168.179.90 -f ci/indy-pool.dockerfile -t
A few weeks ago, while our car honked its way through dense traffic in Delhi, I imagined an Onion headline: American Visitor Seeks To Explain What He’ll Never Understand About India.
By the norms of traffic laws in countries where people’s tendency is largely to obey them, vehicular and pedestrian traffic in the dense parts of Indian cities appears to be chaotic to an extreme. Yet it’s clearly at least … well, organic. People do seem to go where they want, individually and collectively. Somehow. Some way. Or ways. Many of them. Alone and together. Never mind that a four-lane divided highway will have traffic moving constantly, occasionally in both directions on both sides—and that it includes humans, dogs, cattle, rickshaws and bikes, some laden with bags of cargo that look like they belong in a truck, in addition to cars, trucks and motorcycles, all packed together and honking constantly.
This draft contains a few refinements since the first candidate recommendation but no substantial changes. The new CR was needed to fulfill the W3C’s IPR protection requirements. The few changes were based, in part, upon things learned during multiple interop events for WebAuthn implementations. The working group plans to base coming the Proposed Recommendation on this draft.
Any data protection regulator faces certain unique challenges. The ubiquitous collection and use of personal data by service providers in the modern economy creates a vast space for a regulator to oversee. Contraventions of a data protection regime may not immediately manifest and when they do, may not have a clear monetary or quantifiable harm. The enforcement perimeter is market-wide, so a future data protection authority will necessarily interface with other sectoral institutions. In light of these challenges, we present a model for enforcement of a data protection regime based on risk-based supervision and the use
Summary: This article describes the role that the Sovrin Foundation and associated groups play in governing, operating, and using the Sovrin Network. The Sovrin Network is designed and intended to be decentralized so understanding the key influence points and community groups is important.
The Sovrin Network is a global public utility for identity that we all own, collectively, just like we all own the Internet.
When I say Sovrin is "public," I mean that it is a public good that anyone can use so long as they adhere to the proper protocols, just like the Internet. Sovrin is created through the cooperation of many people and organizations. Enabling that cooperation requires more than luck. In Coherence and Decentralized Systems, I wrote:
Public spaces require coherence. Coherence in Sovrin springs from the ledger, the protocols, the trust framework, standards, and market incentives.
I’m really proud of this paper. It’s my attempt to further a new model of media effects that takes into account active audiences, media messages, and technological affordances. I focus on conservative audiences for fake news as a case study.
Basically: People share fake news because it furthers partisan narratives that are promoted by mainstream (mostly) conservative media and expresses personal and political identity.
Most fake news isn’t political, but sensational. Still more is created to be polysemic and appeal to people across the political spectrum in order to increase viewership (and therefore money).
Conservative fake news doesn’t exist in a vacuum. Much of it builds on “deep stories” that have been present on Fox News for decades.
Years ago we were sharing stories about our children. I was recounting to Natalie my favorite funny stories about her. She share with me a funny story about Miles. This little animation is my attempt to keep that memory in animation form.
The three core IETF Token Binding Specifications have been sent to the RFC Editor, which means that their normative content will no longer change. It’s time to move implementations to version 1.0! The abstract of the Token Binding over HTTP specification describes Token Binding as:
This document describes a collection of mechanisms that allow HTTP servers to cryptographically bind security tokens (such as cookies and OAuth tokens) to TLS connections.
We describe both first-party and federated scenarios. In a first-party scenario, an HTTP server is able to cryptographically bind the security tokens it issues to a client, and which the client subsequently returns to the server, to the TLS connection between the client and server. Such bound security tokens are protected from misuse since the server can generally detect if they are replayed inappropriately, e.g., over other TLS connections.
Summary: I spent almost two weeks talking with people about self-sovereign identity in Switzerland and India. I'm more excouraged than ever that self-sovereign identity holds the key to real change in how we live our digital lives with security, privacy, and dignity.
I'm just finishing up my travel to Switzerland and India to talk about self-sovereign identity. The trip was amazing and full of interesting and important conversatons.
The TechCrunch event in Zug was very good. I was skeptical of a one-day conference with so much happening in a short time, but thanks to great preparation by those running the show and all the participants, it exceeded my expectations in every way. I spoke on a panel with Sam Cassatt of and Guy Zyskind from Enigma. Samantha Rosestein was the moderator.
Well, in a twist of fate that I am still bemused by, I am in Microsoft-land now and this fact has led me inevitably to my first Windows install since about 2008. It went pretty well, except that I didn’t have the recovery key for the previous installation, so had to do a scratch install. You’d think it would be easy, since they give you a tool that does all the hard work! All you need is a USB drive of at least 8gb to become the installation media.
But then you put in your larger-than-8gb USB drive and the program says “Your USB must be at least 8gb!!”. You reformat, you think “Maybe I need FAT32”, etc. No luck. All roads lead to the mysterious 8gb error, even when your USB drive is empty and large.
The Security Event Token (SET) specification is now RFC 8417. The abstract describes the specification as:
This specification defines the Security Event Token (SET) data structure. A SET describes statements of fact from the perspective of an issuer about a subject. These statements of fact represent an event that occurred directly to or about a security subject, for example, a statement about the issuance or revocation of a token on behalf of a subject. This specification is intended to enable representing security- and identity-related events. A SET is a JSON Web Token (JWT), which can be optionally signed and/or encrypted. SETs can be distributed via protocols such as HTTP.
The GDPR has been in force since May 25th, and it has done almost nothing to stop websites that make money from tracking-based-advertising stop participating in the tracking of readers. Instead almost all we’ve seen so far are requests for from websites to keep doing what they’re doing.
Only worse. Because now when you click “Accept” under an interruptive banner saying the site’s “cookies and other technologies collect data to enhance your experience and personalize the content and advertising you see,” you’ve just consented to being spied on. And they’re covered. They can carry on with surveillance-as-usual.
Score: Adtech 1, privacy 0.
Or so it seems. So far.
Are there any examples of publications that aren’t participating in #adtech’s spy game? Besides Linux Journal?
Summary: In July I'll be circling the globe to talk about self-sovereign identity and learn about how others are approaching and using it.
The first half of July I'm going to be on the road speaking about self-sovereign identity in Switzerland and at two events in India. This is my first time in Switzerland and India, so I'm looking forward to the trip and meeting lots of interesting people.
The event in Zug is the TC Sessions: Blockchain 2018 event on July 6th. I'll be speaking on self-sovereign identity in an afternoon session.
The OAuth 2.0 Authorization Server Metadata specification is now RFC 8414. The abstract describes the specification as:
This specification defines a metadata format that an OAuth 2.0 client can use to obtain the information needed to interact with an OAuth 2.0 authorization server, including its endpoint locations and authorization server capabilities.
The specification defines a JSON metadata representation for OAuth 2.0 authorization servers that is compatible with OpenID Connect Discovery 1.0. This specification is a true instance of standardizing existing practice. OAuth 2.0 deployments have been using the OpenID Connect metadata format to describe their endpoints and capabilities for years. This RFC makes this existing practice a standard.