2025‐03‐05 Minutes - openid/death-and-the-digital-estate GitHub Wiki

2025-03-05 Minutes

• Attendees
  • Dean H. Saxe (Beyond Identity)
  • Eve Maler (Venn Factory)
  • Mike Kiser (SailPoint)
  • Alex B Chalmers
  • George Fletcher (Independent)
  • Victor Lu (Independent)
  • Tim Lloyd
  • Dima Postnikov

2025-03-05 Agenda

• Welcome and antitrust policy reminder

• Note taker: Eve

• Agenda bashing

• Review recent articles / links posted in Slack

  • NokBox - https://www.thenokbox.com/
    • Physical vs. digital place to store data for others later
  • Digital Legacy Association - https://digitallegacyassociation.org
    • They have been running a survey and offer some handy resources
    • No response to Dean's outreach (yet) - Gareth will try

• Capturing Use Cases - 10 minutes

  • OSW unconference on "on behalf of" semantics - stay tuned for Mark H's notes
  • Any contributions around this today?
    • George: Event-triggered delegation with associated revocation of authorization
      • How related people prove their relationship is a subset
      • Eve mentioned the HEART Profile of OAuth, OIDC, and UMA and the btg claim "break the glass"
        • this comes from HL7
        • this is a trigger to enable some action to be taken
        • this is a form of attribute based access control, e.g. an emergency responder can access the data of an individual who is unconscious from an accident. Later there is an audit trail
        • Mark Haine's authority spec in eKYC WG may be related
      • Capturing and testing conditions for state changes
    • Modeling these relationships and their changes is hard and subtle, implementing even more so
    • A court might need to provide a definitive answer to what change should be effectuated, in some cases
    • Might wills end up being more "executable" as code?
    • Certain physical triggers such as the presence of a MedicAlert bracelet could allow discovery of the guardian/delegate
    • Would need some other controls, such as activation / validation by an EMT or emergency - threat model for auto-delegation

• Terminology & Cultural Sensitivity

  • How do we manage the differences between how different people & cultures discuss the passing of an individual?
    • "Going home" language has a religious context that not everyone may be familiar with
    • Can we define clinical terms (medical)? Legal terminology?
    • Delegation may be a space where cultural context is helpful - who is delegated to may be dependent
    • Mike K has a colleague that is a hospital chaplain that might be able to help us understand how to discuss these topics. He'll ask her to join us at a future date
    • perhaps we need a survey to capture how people discuss death and dying?
    • Dean to reach out to a friend who is a death doula
    • Do we know any people in hospice care?
    • Collect perspectives from right-to-die jurisdictions? E.g. Canada
    • Ultimately develop a survey?
    • Tim suggests some basic categories:
      • Affective (emotional) valences - e.g. celebrating with a wake vs. being solemn
      • Required events
      • Timing of event

• Outlining the White Paper for Cyber Security Awareness Month

  • Proposal
  • High level content
  • Blog - smaller, focused pieces
  • Whitepaper - Long form

• Identiverse - DADE panel needs a lawyer, if at all possible

  • Eve to reach out to Scott David [DONE]
  • Tim has reached out to Tim R.

• AOB