[IETF-IDRM] Fwd: Re: [IDRM] DRM Taxonomy work -- drm framework...

Thomas Hardjono thardjono@mediaone.net
Wed, 23 May 2001 14:33:45 -0400 

>Date: Wed, 23 May 2001 10:10:44 -0400
>From: Michael Mealling <michael@neonym.net>
>Subject: Re: [IDRM] DRM Taxonomy work -- drm framework...
>To: "Sam X. Sun (@S2000)" <ssun@cnri.reston.va.us>
>Cc: Mark Baugher <mbaugher@cisco.com>, ietf-idrm@lists.elistx.com
>Reply-to: Michael Mealling <michael@neonym.net>
>User-Agent: Mutt/1.1.2i
>List-Owner: <mailto:ietf-idrm-help@lists.elistx.com>
>List-Post: <mailto:ietf-idrm@lists.elistx.com>
>List-Subscribe: <mailto:ietf-idrm-request@lists.elistx.com?body=subscribe>
>List-Unsubscribe: <mailto:ietf-idrm-request@lists.elistx.com?body=unsubscribe>
>List-Archive: <http://lists.elistx.com/archives/ietf-idrm>
>List-Help: <http://lists.elistx.com/elists/admin_email.shtml>,
>  <mailto:ietf-idrm-request@lists.elistx.com?body=help>
>
>Hi Sam!
>
>On Wed, May 23, 2001 at 02:03:48AM -0400, Sam X. Sun (@S2000) wrote:
> > Regarding the handle system, I think there are two sides of DRM that could
> > take advantage of it. First is the metadata and content attribute
> > association, as you mentioned in the DOI application.
>
> From what I remember this part of the handle service seemed easily
>seperable from the resolution part of the system. The query methods
>for the attribute value pairs were straight forward and secure but really
>weren't tied to how resolution happened, right?
>
> > The other is the
> > identity reference for "content holder" (e.g. consumer identity).
>
>I.e. you assign some identifier to the entities involved in the transaction?
>
> > What makes handle system unique in this case is that it provides a secured
> > name resolution service (for name attribute binding),
>
>I wouldn't say that the handle system is unique in that regard. The entire
>URI Resoluion process was built to be as secured as you wanted it to be.
>Heck, since Bill built the handle resolution system to mirror the URN
>resolution mechanism they're pretty much identical.
>
> > , and allows ownership to be
> > defined per name (vs. URL, where the name administration belongs to the 
> site
> > manager). This is particularly important for individuals to be able to
> > manage their identity attributes, including their public keys.
>
>Can you explain that one further? Are you suggesting that URIs that
>have domain-names somehow confer ownership semantics? We should be
>very clear here since whether or not a URI is a name has everything to do
>with how you actually use it and nothing to do with what it actually looks
>like...
>
> > The point I was trying to make in my earlier message is that we probably
> > need to pay equal attention for identity or trust management as we do for
> > content management. And I want to understand better the nature of the
> > identity used in DRM application before we move further into the framework.
>
>Same here. As yet I can't see a reason that URIs are no sufficient. You
>have a requirement to identifiy all parties in the transaction but
>that just means you assign a URI to the parties involved as well...
>
>-MM
>
>--
>--------------------------------------------------------------------------------
>Michael Mealling        |      Vote Libertarian!       | urn:pin:1
>michael@neonym.net      |                              | http://www.neonym.net
>                         |                              | go:Michael Mealling