Sovrin Use Cases: Education

Summary: Sovrin's verifiable claims provide the means of creating a virtual university with little or no traditional integration between the various players. University Lecture hall Lately, I’ve been thinking a lot about use cases for self-sovereign identity. This series of blog posts discusses how Sovrin can be used in different industries. In this article I discuss Sovrin and education. Last spring I wrote about how deconstructing the student information system at BYU is allowing us to create a virtual university. The idea is to create a decentralized system of student profiles that contain both profile data as well as learning records. These learning records can attest to any kind of learning activity from the student having read a few paragraphs to the completion of her degree. By making the student the point of integration, we avoid having to do heavy, expensive point-to-point integrations between all the student information systems participating in the educational
A virtual university using a student profile
Continue reading "Sovrin Use Cases: Education"

A few words about trust

cropped-wst-logo-mainSo i was on a panel at WebScience@10 in London (@WebScienceTrust, #WebSci10), where the first question asked was, “What are two aspects of ‘trust and the Web’ that you think are most relevant/important at the moment?” My answer went something like this:::: 1) The Net is young, and the Web with it. Both were born in their current forms on 30 April 1995, when the NSFnet backed off on its forbidding commercial traffic on its pipes. This opened the whole Net to absolutely everything, exactly when the graphical Web browser became fully useful. Twenty-one years in the history of a world is nothing. We’re still just getting started here. 2) The Internet, like nature, did not come with privacy. And privacy is personal. We need to start there. We arrived naked in this new world, and — like Adam and Eve — still don’t have clothing Continue reading "A few words about trust"

Security Event Token (SET) Specification and IETF Security Events Working Group

IETF logoAs those of you who have been following the mailing list or attended the inaugural meeting of the new IETF Security Events working group know, Phil Hunt and co-authors (including myself) have been working on a Security Event Token (SET) specification. A SET is a JSON Web Token (JWT) with an “events” claim that contains one or more event identifiers (which are URIs) that say what event the SET describes. This work isn’t being done in isolation. Among others, the OpenID Risk and Incident Sharing and Coordination (RISC) working group, the OpenID Back-Channel Logout specification, and the SCIM Provisioning Events work intend to use the Security Event Token format. To make this concrete, the claims in an example OpenID Connect Back-Channel Logout token (which is a SET) are:

  "iss": "",
  "sub": "248289761001",
  "aud": "s6BhdRkqt3",
  "iat": 1471566154,
  "jti": "bWJq",
  "sid": "08a5019c-17e1-4977-8f42-65a12843ea02",
  "events": {
Continue reading "Security Event Token (SET) Specification and IETF Security Events Working Group"

Uber’s pending sale of your personal data

nouber Uber has new terms for you:
User Provided Content. Uber may, in Uber’s sole discretion, permit you from time to time to submit, upload, publish or otherwise make available to Uber through the Services textual, audio, and/or visual content and information, including commentary and feedback related to the Services, initiation of support requests, and submission of entries for competitions and promotions (“User Content”). Any User Content provided by you remains your property. However, by providing User Content to Uber, you grant Uber a worldwide, perpetual, irrevocable, transferable, royalty-free license, with the right to sublicense, to use, copy, modify, create derivative works of, distribute, publicly display, publicly perform, and otherwise exploit in any manner such User Content in all formats and distribution channels now known or hereafter devised (including in connection with the Services and Uber’s business and on third-party sites and services), without further notice to or consent from Continue reading "Uber’s pending sale of your personal data"

Notes from Defrag 2016

Summary: The following are my live tweets from Defrag at the Omni Interlocken in Denver, November 16-17, 2016. Defrag logo The following are my live tweets from Defrag at the Omni Interlocken in Denver, November 16-17, 2016.
Eric Norlin:
Defrag is 10 years old. Happy birthday. Announcing that this is the last time Defrag exists independently. Combining with Glue. #sad
Tim Wagner:

Going server less with AWS lambda

Does serverless mean no servers? No, but there are no software servers (web server framework, etc.)

Serverless goes beyond VMs and containers so that functions are the unit of abstraction

Serverless enforces good design: small individual units of code, persistence separated from compute, one way to do things

Triggers by events or calls from APIs. Easy to do real-time processing, event processing

Bring your own code, Lambda is the web server, uses simple resource model, processes are stateless

Economic proposition for Continue reading "Notes from Defrag 2016"

A Thousand Kisses Deep


My great friend and mentor Doc Searls posted a poignant eulogy to Leonard Cohen.

I had no idea he felt the same way I do about his music.

Through the soundtrack of my life, nobody else taught more about how to be a man, a lover, and a human being with one foot in the temporary world and the other in eternity.
< p dir="ltr">I’ve listened over and over to all of his albums. I especially like “The Future” and “Ten New Songs.” His new album—“Songs from a Room” is also fabulous.

His music played a huge role in getting me through many a tough time, A Thousand Kisses Deep.

The ponies run,
the girls are young,
The odds are there to beat.
You win a while, and then it’s done –
Your little winning streak.
And summoned now to deal
With your invincible defeat,
You live your life as Continue reading "A Thousand Kisses Deep"