https://hackmd.io/V7UENLVFRKOWXJzy5316wA

haha

that was awesome

Please add yours if it is not listed

Hi Everyone. This is the link to my company: https://www.zerionsoftware.com

encrypted queens mile ;)

;)

anyone have the hack md link handy?

https://hackmd.io/V7UENLVFRKOWXJzy5316wA

thx

we have a couple of people with their hands up

ooh, that one should go down on the list Juan

Yeah +1!

confidential only pertains to the data that you don't want publicly available

At the decentralized app level, you have fully confidential/private, shared with a sub-group, and fully public

Does confidential just mean a constrained audience?

Could, but what about data that is fully public?

Daniel -- the difference here might be choice

We need to stop thinking in terms of everything private - it's just a gradient for every object

mind BLOWN

sure

every object is a choice

Yeah I think choice is the distinction

Zero trust data vault

Lol took the words from my mouth

good point, Sze!

hmmmmm

Zero Trust Data Fabric :)

q+

haha zerotrust cloud storage :)

Or deleting it all lol

or moving your server to a sanctioned country hehe

+1 Juan

q+ to point out challenge/difficulty/elephant

reduced trust isn't as catchy :)

neither is "limited trust"

Should use the most differentiated concept to lead it

sort of trusty?

because that will be the thing most devs and users see and interact with, plus it's less hazy

Confidential or Encrypted are just too specific to be useful

they share did anchoring

i think more specific is ok for the lower level primitive (the Encrypted Data Vault)

the higher level thing should be less specific

but its hard to sell that to people who don't care what a did is

q+

Trusty Hubs

much of "hubs" is not about servers, so we shouldn't prefer that in the top level name, IMO

IMO, resource servers are already a dime a dozen in various specs, it doesn't differentiate enough

Instead of trying to find a short set of words that describe what it is, would it make sense to just pick a ‘word’, a la ‘Aries’

For instance you could argue Dropbox is a secure data storage solution

is there a mythical or legendary thing that fits?

i think going with something like "Aries" makes it sound too much like a product and not a technology

+1

+1

+1 to exclude the word "Secure" -- it's misleading

+1

PROPOSAL: Exclude the adjective “Secure” in name candidates

+1

+1

+1

+1

+1

+ to exclude

+1

0

yesss, yessssss, let the haaate flow through you (for the word "Secure")

Encrypted also problematic

Insecure but Confidential Trusty Hubs

+1 "trusy"

trusty

Gives the impression that everything is masked from everyone

Hard no to "Decentralized"?

encrypted is literally true for the low level primitive, i don't see it as problematic in the same way "secure" is

Mesh better than decentralized

same, not a huge fan

Data Mesh is a thing too

I prefer "confidential" or "opaque" to define that it's hard to learn or deduce from watching it (i.e. traffic analysis, correlation, etc)

Imagine calling Windows Pro Windows Full Disk Encryption

q+

Clippy Store

obviously someone can decrypt it at some point, or it's not useful :)

kill “Pubsubhubbub hubs” if anything it should be Pubsubhubbubs.

That'll be a "no" to your "no"

Decentralized doesn't === multiple copies

imo

Evan, I put that one, snarkily, before the "no snarky names" rule got written

i'll see myself out

I’ll allow it.. :)

The name can be something other than a single attribute of the product/output

RCV them separately?

self-sovereign storage SSS/S^3 (high level)

agree that marketing is important

Pumpernickel

oh yeah, a code name

Rumplestiltskin?

it does imply larger scale

"Mesh" is kinda copyrighted

^ IMPORTANT

Fabric and Lake have architectural implications

is it associated with one company?

yes

https://www.youtube.com/watch?v=52MCFe4v0UU

sounds like a big negative :/

https://www.thoughtworks.com/radar/techniques/data-mesh#:~:text=Data%20mesh%20is%20an%20architectural%20paradigm%20that%20unlocks%20analytical%20data,intensive%20applications%20across%20the%20organization.

"Fabric" TMK is not

tbqh I tend to avoid "self-sovereignty" because it's too close to a trademark IMHO

for my very anti-enclosure preferences :D

thanks kaliya

Everybody, make all the decisions, now!

+1

+1

+1

too much pressure!!

+1

+

+1 sure why not

+1

+1

+1

PROPOSAL: Ranked choice voting will be separately for/against Nouns and Adjectives separately

roll of dice

i don't think we've considered Storage McStorageFace yet

+1

@Dave - added to the list! can’t pass that up.

just remember the last time Boaty McBoat Face was on a list…..

ZKP and ZTD

ZTD sounds like what you get from doing too much ZKP

Marketing -> Cryptography

as we do in this group...

https://docs.google.com/presentation/d/1QEHSs4XJ05yQl2mvpiqbM80-MySxlVI9cNDLPq_XkkY/edit#slide=id.g8a2289ca98_0_0

adrian's hand is up

I know

ok :)

hmm?

oh, right

The way Dmitri said it made it seem strange...

but I think I get what he was saying.

q+

Could you give a concrete example?

q-

+1 Tobias, sorry this feels like we're poking at what technology we think we want

Why do we have to have two :/

q+

having two separate permissioning systems sounds like a tall task for a single spec

authorization/attenuation OR dynamic consent

Daniel - we don't have to have two -- we want to have one.

schema-based consent

but the requirements may make it so we need more than one mechanism.

(and I hope we don't go there)

i don't mean that the permission mechanisms need to be different, but i think there are entirely different types of policy that would need to be supported -- we don't need all the smarts at the server that stores the encrypted data

adrian is looking for very rich policy processing -- which doesn't belong, IMO, on dumb storage servers that are just serving up encrypted data (that they cannot decrypt)

lols at the "read_page" action also allowing the "and delete comments" for Facebook.

Oh, OAuth 2.0 -- you're such a rascal!

delete your own comments on the page you're reading?

/me deletes Juans comment by reading it.

oops

ouch

tough crowd!

harsh

I didn't meant to!

I was just using OAuth 2.0 -- I was young and a confused deputy.

Haha

it's ok, I'm a byzantine general anyways. i'm used to a little confusion.

and now its parity

haha

I suggest we try and define things like the following resource, action and permission

@Juan, just don't be orthogonal

+1 to that -- feels useful... meta authz requirements

Use this for GNAP https://datatracker.ietf.org/doc/draft-richer-transactional-authz/?include_text=1