Trust and cooperation are essential aspects of any society. We, as humans, have developed heuristics to establish and quantify trust since times immemorial. Trust in human societies is based on a slew of factors, ranging from visual and behavioral signs to conventions, to legal contracts, to social customs. Those mechanisms have evolved over millenia, and are integral to the functioning of societies.
The internet, by contrast, has grown rapidly, based on a set of assumptions far different from that in which it is employed today: The ARPANET, the Internet's ancestor was predicated on a use pattern limited at first to military, and then eventually to academic use. In such a closed ecosystem, authentication and identification were not seen as crucial -- the key design requirement was operational resiliency (in particular, under the loss of a substantial number of nodes under a war scenario).
Not envisioned at the time, was the subsequent development of the World Wide Web out of CERN's initial academic project, and the rapid emergence of a commercial model around the new network, culminating in its becoming ubiquitous and essential to every facet of modern society.
Above and beyond the commercial impact of the "Web", industry quickly realized that the ubiquity of the protocols and the physical network would soon allow it to occupy an increasing role in every facet of society, of industry, of government. Critical infrastructures rapidly migrated from dedicated control systems (such as X25) to internet-based mechanisms, with sometimes too little thought given to the risks caused by such wholesale transfer of authority to a technology offering rather little in the form of reliable authentication and security.
Further to this, and perhaps less obvious from the outset, social networks such as Facebook morphed into essentially giant media distributors and primary sources of information for much the population. The term "fake-news" entered the lexicon with a vengeance. In parallel, the treasure trove of information that social networks could provide on individual behavior were rapidly used to steer political campaigns with pinpoint accuracy, causing potential grave threats to the very fabric of democratic society.
All of this happened with lax, if at all, local regulation of information privacy, and very little in the form of a agreed global framework. Much of the supporting physical network, once public, was essentially transferred to the private sector.
The rapidly increasing centrality of the Internet to society has raised a variety of questions. One such question is the necessity to create trust-enforcement mechanisms on the Internet. Key to such mechanisms is the notion of identity.
What is identity on the Internet? Who maintains it? Who owns it? Should it be revocable? How does one reconcile the fundamental vulnerability of code with an essential and growing social function? Should identity be maintained privately or publicly? Those topics are the subject of this workshop?