one small voice

stpeter's blog on jabber, technology, history, philosophy, et alia

about

who
what
where
when
why
how
comments

feeds

ATOM

RSS

categories

identity
jabber
language
literature
music
personal
philosophy
politics
public domain
society
technology

archive

current
2007-04
2007-03
2007-02
2007-01
2006-12
2006-11
2006-10
2006-09
2006-08
2006-07
2006-06
2006-05
2006-04
2006-03
2006-02
2006-01
2005-12
2005-11
2005-10
2005-09
2005-08
2005-07
2005-06
2005-05
2005-04
2005-03
2005-02
2005-01
2004-12
2004-11
2004-10
2004-09
2004-08
2004-07
2004-06
2004-05
2004-04
2004-03
2004-02
2004-01
2003-12
2003-11
2003-10
2003-09
2003-08
2003-07
2003-06
2003-05
2003-04
2003-03
2003-02
2003-01
2002-12
2002-11
2002-10
2002-09
2002-08
2002-07
2002-06
2002-05
2002-04
2002-03
2002-02
2002-01
2001-12
2001-11
2001-10
2001-09

2005-05-31

The Evolution of Friendship

Biology matters.

I've just read two fascinating papers in evolutionary biology and psychology on the nature of friendship:

  1. "The Evolution of Reciprocal Altruism" by Robert L. Trivers, The Quarterly Review of Biology, 46:1 (1971), 35-57.
  2. "Friendship and the Banker's Paradox: Other Pathways to the Evolution of Adaptations for Altruism" by John Tooby and Leda Cosmides, Proceedings of the British Academy, 88 (1996), 119-143.

Trivers argues that there are situations in which reciprocal altruism (call it tit for tat, helping each other, even reciprocal benevolence if the word "altruism" scares you off) would be expected to evolve, especially among long-lived animals with long periods of parental care and low dispersal rates who exist in small, mutually-dependent, relatively stable social groups (this description well fits certain primates, especially humans). Tooby and Cosmides build on and extend Trivers's analysis by focusing on the overall system of reciprocal helping as well as the many psychological subtleties that one would expect to emerge in the context of such a system when the actors are highly intelligent, emotionally sensitive, and good communicators (humans yet again). Fascinating stuff. I'll try to blog more about these two essays once I've absorbed them more fully.

Posted on 2005-05-31 at 21:59. File under philosophy.

link ~

2005-05-30

13 Emily Dickinson Poems

Another baker's dozen.

It took me all weekend, but I finally culled my list of favorite Emily Dickinson poems down to thirteen. The results were too long for my blog, so I've posted them in the form of a journal entry. Thanks again to my friend John Enright for turning me on to Emily.

Posted on 2005-05-30 at 21:49. File under literature.

link ~

2005-05-26

Caching Again

Entity Tags for XMPP.

Last week I blogged a bit about the possibility of using HTTP ETags in XMPP for caching rosters and such. This morning I sat down and wrote a proposal about it -- it's entitled Use of Entity Tags in XMPP Extensions and it's currently in the JEP inbox. I guess I'll add it to the agenda for next week's meeting of the Jabber Council, and if they approve then it will become an official JEP.

Posted on 2005-05-26 at 15:33. File under jabber.

link ~

2005-05-24

13 Dylan Tunes

My favorite songs by Robert Allen Zimmerman.

Continuing the 13 theme, here are my 13 favorite Bob Dylan songs in (I think) chronological order of recording:

  1. He Was a Friend of Mine. Recorded in 1962 and first officially released on The Bootleg Series, Volumes I-III in 1991. A lonesome lament for a lost friend. Haunting.
  2. Mama, You Been on My Mind. Recorded in 1963 and also first officially released on The Bootleg Series, Volumes I-III in 1991. The lyrics are quite poetic and I absolutely love the way he rhymes "mirror" with "near" by pronouncing it "meer" -- "When you wake up in the mornin', baby, look inside your meer. You know I won't be next to you, you know I won't be near..."
  3. Boots of Spanish Leather. A sad song in a powerful yet understated kind of way. That last stanza cuts to the quick.
  4. It Ain't Me, Babe. Stickin' up for yourself, circa 1964.
  5. It's All Over Now, Baby Blue. From Bringing It All Back Home (1965). Moving on after a failed romance. "Strike another match, go start anew..."
  6. It's Alright Ma (I'm Only Bleeding). Wow. One of the most intense songs I know. I play and sing this one once in a while and it takes over your body and mind. Also from Bringing It All Back Home (1965).
  7. Like a Rolling Stone. Sure, it's ever-popular, but it's got such kick, right from jump street with that snare drum sounding like a pistol shot. Pow!
  8. If You Gotta Go, Go Now (Or Else You Gotta Stay All Night). A rollicking, fun, wry tune, but sensitive too ("I am just a poor boy, baby, lookin' to connect. But I certainly don't want you thinkin' that I ain't got any respect.") Also from The Bootleg Series, Volumes I-III.
  9. Leopard-Skin Pill-Box Hat. From the 1966 album Blonde on Blonde, this song is just plain silly, which is why I like it so much. That last stanza is too funny.
  10. Sad Eyed Lady of the Lowlands. A long song, but I like long songs. This one unfolds like a dirge and provides a fitting end to Blonde on Blonde.
  11. Tangled Up in Blue. Sure, it's a sad tale of busted romance and busted lives, but it's got a positive core ("keep on keepin' on..."). I prefer the alternate version released on The Bootleg Series, Volumes I-III to the version they play on the radio (from 1975's Blood on the Tracks).
  12. If You See Her, Say Hello. Another sad but gorgeous song, also from Blood on the Tracks.
  13. Blind Willie McTell. One of the most powerful blues songs I have ever heard. Sends shivers up my spine every time I hear it. I often re-play it three or four times in a row. Recorded in 1983 but not released until The Bootleg Series, Volumes I-III (1991).

Posted on 2005-05-24 at 22:21. File under music.

link ~

13 Books

Intellectual influences.

Two weeks ago, Don Boudreaux over at Cafe Hayek listed the twelve books that have most influenced his thinking in economics. In fact he treated himself to a baker's dozen by adding an extra book, so since I love the number 13 I figured I would follow his lead by listing (in roughly chronological order) the 13 books that have had the greatest influence on my mental life:

  1. The Fountainhead by Ayn Rand. Yes, it usually begins with Ayn Rand, or at least it did for me. I read this book nine times as a teenager but have not read it in twenty years (I tried to pick it up a few times but got turned off). One of these days I'll re-read it (as I have done in the last few years with Rand's other novels), but even though I disagree with much of her philosophy at this point, I know that Rand's ideas continue to influence me in many ways.
  2. Complete Works by Aristotle. I basically majored in Aristotle back in college, which has quite influenced my style of thinking about problems. I'm currently (if slowly) re-reading all of Aristotle, which will enable me to determine how much influence his thought still holds for me.
  3. The Epicurus Reader by Epicurus. From Aristotle I moved on to Epicurus. I appreciate the less scholastic approach of Epicurus to ethics and life in general, and his enlightened hedonism still holds quite an appeal for me. But I know that I'm too much of a modern American workaholic to follow his core ideas of pursuing mental calmness (ataraxia) and living in obscurity (lathe biosas).
  4. Die Froehliche Wissenschaft by Friedrich Nietzsche. After reading Rand, Aristotle, and Epicurus I absorbed a lot of Nietzsche, and a year or two ago I re-read his complete writings in English. To me, Die Froehliche Wissenschaft (a title often translated into English as "The Gay Science", through I prefer the Provencal subtitle of "la gaya scienza") captures Nietzsche at his most positive and thought-provoking.
  5. Tao Te Ching by Lao Tzu. Well, one needs to relax after all that serious philosophizing. I still feel that the gnomic expressions of Lao Tzu provide an attractive antidote to the categorical thinking characteristic of Western philosophy. That doesn't mean I'm a spontaneous free spirit, but I try to cultivate that side of my personality despite (or perhaps because of) the fact that I am essentially a categorizing, logical person.
  6. A Soviet Heretic by Yevgeny Zamyatin. Zamyatin is one of my big favorites -- a true individualist who provides deep insights into culture, society, and human experience.
  7. The Gnostic Gospels by Elaine Pagels. About as close I've gotten to Christianity since I became a non-believer at the age of nine. But I find Gnostic thought to be quite appealing in many ways.
  8. Complete Poems by Walt Whitman. True Americanism. A wonderful corrective to elitist thinkers like Rand and Nietzsche, with quite a whiff of Gnostic ideals mixed in, suitably democratized for the American experience.
  9. The Evolution of Civilizations by Carroll Quigley. I think this is one of the most important books published in the twentieth century. The best analysis I have read of the origin and meaning of human civilizations.
  10. How Buildings Learn by Stewart Brand. The power of vernacular, low-road, truly organic architecture -- and, by extension, vernacular, low-road, truly organic thinking.
  11. Albion's Seed by David Hackett Fischer. The story of the transmission of America's founding cultures from the British Isles. This book gave me a deep appreciation for culture as opposed to ideology or philosophy.
  12. Evolutionary Psychology by David Buss. Although this is "just" a textbook, it provides the best overview yet written of the ongoing application of evolutionary insights to human psychology.
  13. The Structure of Liberty by Randy Barnett. The possibility of anarchism. I don't know if I'm really an anarchist, but I don't much believe in government anymore (where I use "believe" in the same sense here that I use when I call myself a religious non-believer), and this book more than any other led me in that direction.

Note that I've read many of these books only in the last few years, so as I read more I'll likely update my list of 13 most influential books. Or at least I hope so: better to keep growing intellectually, especially in these interesting times!

Posted on 2005-05-24 at 21:37. File under personal.

link ~

The Deep Purple

Royal origins?

Someone emailed me last night with a question about the phrase "the deep purple" -- not the rock band or the song by Peter De Rose with lyrics by Mitchell Parish, but the phrase as used, for example, in this line from a play written in the early 1900s:

I want to say mister, I've met a lot of game men in my time, but by God you're bred in the deep purple.

I would speculate that the phrase "the deep purple" is a reference to the ancient tradition of purple as a royal color. In ancient times, it was quite expensive to produce purple clothing -- the dye was mainly derived from the shells of the murex (a kind of mollusk), for example as found off the coast of Tyre in southern Lebanon (thus Tyrian purple). Thus purple clothing tended to be reserved to the royalty or nobility. This usage survives in phrases like "purple prose" to describe an ornate writing style and "purple passage" to describe writings that have gained kudos because of their noble qualities (an example might be Hamlet's soliloquy). So to be "bred in the deep purple" might mean something like being born with a silver spoon in one's mouth or, more positively, to have noble blood running in one's veins. This seems consistent with the quote provided by my interlocutor. But, again, that is speculation on my part.

Posted on 2005-05-24 at 10:43. File under language.

link ~

2005-05-20

Assurance #12

CAcerting along.

The twelfth person I've assured for CAcert is Peter Millard. That makes me the #117 assurer as of today. I do think I can crack the top 100 at this pace. ;-)

Posted on 2005-05-20 at 13:11. File under technology.

link ~

OpenID

Yet another identity system.

Sam Ruby comments on OpenID:

  1. "If you have a webserver, can add something like the following to your template, and either can run a CGI script or know somebody who can run one for you, then you are in."
  2. "This design is also explicitly not trying to compete with the "big boys". In particular, it has no notion of trust."

I fail to see how those are good things, since:

  1. Not everyone has a webserver (for the most part only geeks are associated with URLs).
  2. An identity system without a trust model strikes me as close to useless.

The two points are not unconnected. If we're limiting the system to geeks and not trying to take on the big boys by appealing to Aunt Tillie, then we already have something of an implicit trust model, just as the Internet did before it was opened to commercial use -- it was rather difficult to get on the 'net in those days, so we could assume that most people using it were clueful and to be trusted (at least somewhat). Personally I think there are better approaches to identity on the Internet, but they haven't been released yet. ;-)

Posted on 2005-05-20 at 11:44. File under identity.

link ~

2005-05-19

Contractions

More on ain't and other English verbs.

The other day I argued for ain't as a fine Anglo-Saxon word. Herewith some further considerations.

You'll notice that we have many contractions for various forms of "to be" in English:

  • We are -> we're
  • We are not -> we aren't
  • They are -> they're
  • They are not -> they aren't
  • You are -> you're
  • You are not -> you aren't
  • He is -> he's
  • He is not -> he isn't
  • She is -> she's
  • She is not -> she isn't
  • It is -> it's
  • It is not -> it isn't
  • I am -> I'm
  • I am not -> I ain't (or an't if you must be an orthographic pedant)

Sure, one could insist that others use "I'm not" rather than "I ain't", but then why not insist on "we're not" rather than "we aren't", "it's not" rather than "it isn't", and so on down the line? I see no good reason to disqualify "ain't" on grammatical grounds.

(I know, accepting "ain't" may seem like lowdown linguistic latitudinarianism to you grammatical prescriptivists out there -- you know who you are! -- but personally I see it more as a return to our Anglo-Saxon roots. What's next, you ask? Will I come out in favor of "y'all"? Only time will tell...)

Posted on 2005-05-19 at 21:43. File under language.

link ~

That Falling Sky

Consilience and catastrophism.

I finished E.O. Wilson's book Consilience the other day, and I have to ask: Why oh why do otherwise intelligent people feel the need to end their books with the seemingly obligatory recitation of overpopulation, ecological destruction, and other chicken-little scenarios designed to invoke gloom, doom, and the need for massive government intervention against the spontaneous orders of economics, demographics, and human cultural evolution? Are they woefully ignorant of current demographic projections of impending negative population growth? Do they not know that pollution has declined significantly in every country that has reached a per-capita income of about $3,000 a year? Can't they see that urbanization leads to greater concentration of human populations, leaving more of the planet for wild areas? One would think that a lifelong scientist would take a more, well, scientific approach to his prognostications. But one would be wrong.

Posted on 2005-05-19 at 21:26. File under society.

link ~

Assurances #10 and #11

PingIDers get with the program.

Over lunch, I assured Dave Smith and Mark Stang of Ping Identity -- that makes 11 assurances, and CAcert says I am now the #122 assurer out of 2000+ assurers. But I know I can do better. ;-)

Posted on 2005-05-19 at 13:17. File under technology.

link ~

Assurance #9

Yet another CAcert assuree.

Number nine, number nine, number nine... (Is that the worst Beatles song ever, or what?)

This morning I initiated Travis Shirk into the ways of CAcert certificates. And I might assure some more folks later today when I visit the worldwide headquarters of the Ping Identity Corporation.

Posted on 2005-05-19 at 09:44. File under technology.

link ~

2005-05-18

Caching

eTags for XMPP.

When a Jabber client logs into its server, it gets a lot of information -- mainly the user's "roster" (see RFC 3921) and service discovery information about the server and its associated services (see JEP-0030). Oftentimes, that information has not changed at all since the client last logged in. Wouldn't it be nice to get that data only if it has changed? As Joe Hildebrand pointed out to me a few months back, HTTP has such a mechanism, called eTags (some helpful pointers are here, see also this post by Sam Ruby). Well, given that JEP-0131 enables an XMPP entity to include any HTTP header in an XML stanza and thus inherit all the nice semantics defined in other specifications, by extension we can say that XMPP also supports eTags. Here's how it would work:

User requests roster with eTag SHIM header:

<iq type='get' id='roster1'>
 <query xmlns='jabber:iq:roster>
    <headers xmlns='http://jabber.org/protocol/shim'>
      <header name='eTag'>1993b6-e3-41d22f60</header>
    </headers>
 </query>
</iq>

If the roster has not changed, the server returns a 304 error:

<iq type='error' id='roster1'>
 <query xmlns='jabber:iq:roster>
    <headers xmlns='http://jabber.org/protocol/shim'>
      <header name='eTag'>1993b6-e3-41d22f60</header>
    </headers>
 </query>
  <error code='304' type='modify'>
    <not-modified xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
  </error>
</iq>

JEP-0131 defines ways to determine if an entity supports SHIM and particular SHIM headers (which information would also be cached), so a client could know up front whether eTags are supported. We would need to add support for the <not-modified/> error condition to RFC 3920, but we'll be working on rfc3920bis before long, so that's eminently doable. The bandwidth benefits could be significant, especially when someone like me (600+ roster items) logs in. ;-)

Posted on 2005-05-18 at 11:57. File under jabber.

link ~

Representation vs. Management

Profiles again (and again).

Through chatting with Joe Hildebrand on Monday and with Dudley and Wesley of 2entwine earlier today, I've come to realize that developing vCard++ for the XMPP world is a hard problem -- or, in fact, several hard problems. Figuring out the data format for use over the wire is relatively easy (I lean toward x:data rather than RDF). But managing profile data is a lot harder. Let's say I have 100 pieces of data. Making it all world-readable is one thing -- we can do that today with vcard-temp. Enabling me to define "views" into (or "slices" of) that data is harder -- I might want to have a public view (world-readable) and a more private view, but some more sophisticated users are going to want slices that can be viewed by just anyone, friends only, co-workers, fellow gamers, etc. And managing all those permissions becomes quite a pain in the patootie! Ralph Meijer has some good suggestions, but in general I think we need to separate the data representation problem from the access control problem. So I think I'll clean up the data representation proposal I've been working on here soon, then work on a separate access control JEP. No guarantees on what the access control model might look like yet, but as I like to say, we'll burn that bridge when we come to it. ;-)

Posted on 2005-05-18 at 11:11. File under jabber.

link ~

Temporary Powers

Jumpstarting the assurance process.

For reasons known only to the good folks at CAcert, I've been temporarily bumped up to some kind of super-user status, which means I can grant 100 (or even 150) points at a time right now. Thus I can wave my magic wand and automatically grant you enough points to assure others, sign code, or get domain certs. But order by midnight tonight, because my special powers lapse on May 22!

Posted on 2005-05-18 at 10:44. File under technology.

link ~

2005-05-17

Ain't

A four-letter word?

You'll notice that I use the word "ain't" once in a while. Personally I think it's a fine word -- or at least a fun word -- so I decided it was time to do a bit of research. It turns out that ain't is an alternate (and more common) spelling of "an't", which is a contraction for "am not" (some dialects of English contain "amn't" but that's hard to say, which is why the "m" was dropped). Now, an't or ain't came into broad use about the same time as most of our other verbal contractions -- aren't, isn't, can't, don't, and the like. So why did ain't come to have such a nasty reputation, whereas even grammatical prescriptivists are perfectly happy with isn't and aren't? Well, Dr. Language himself has investigated the matter and his conclusion is that ain't fills a gaping void in the English language, namely as a contraction for "am not" -- but that its use is warranted only with the first-person singular. Thus "ain't English grand?" does not cut the mustard, whereas "I ain't interested in your grammatical prescriptivism!" is just fine. Try it on for size!

Posted on 2005-05-17 at 21:04. File under language.

link ~

Singular Their

Good English.

Latinizing grammarians and other small-minded pedants claim that no self-respecting lover of the English language can use "their" as a singular pronoun -- as in: "Anyone who loves English will watch their grammar." Well, this page shows that "singular their" has a long history of use as fine English since the 1300s, having been used by illustrious authors such as Chaucer, Shakespeare, Daniel Defoe, Jane Austen, Lord Byron, Charles Dickens, Rudyard Kipling, George Bernard Shaw, and George Orwell. And the singular their is so much more graceful than that awful "his or her" business -- ick!

Posted on 2005-05-17 at 20:43. File under language.

link ~

Muttering

S/MIME and Mutt.

I've been trying to teach an old dog new tricks by getting mutt to use the certificate I've received from CAcert. Following the notes gets me to the point where I can accept signed emails (even CAcert-signed emails after having added the CAcert root certificate to ca-bundle.crt), but I can't yet sign my own emails -- I get the following cryptic message:

unable to load signing key file

15905:error:06065064:digital envelope routines:EVP_DecryptFinal:bad decrypt:evp_enc.c:450:

15905:error:0906A065:PEM routines:PEM_do_header:bad decrypt:pem_lib.c:423:

Press any key to continue...

No output from OpenSSL...

As far as I can see, my signing key is in the right place, permissions are fine, and all the pieces are in place to sign my email messages, but it ain't happening. Further research required, I guess...

Posted on 2005-05-17 at 20:29. File under technology.

link ~

Wining

A victory for economic freedom.

Congratulations to the Institute for Justice and its clients on their victory in the case of Swedenburg v. Kelly -- the U.S. Supreme Court agreed that allowing direct sale of wines by in-state wineries but restricting such sale by out-of-state wineries was a violation of the commerce clause of the U.S. Constitution. Keep up the good work, IJ!

Posted on 2005-05-17 at 20:16. File under politics.

link ~

2005-05-16

ASK and Ye Shall Receive

Email delenda est, yet again.

Last month I admitted defeat in my personal war against email. A few helpful folks like Hal Rottenberg suggested alternative approaches such as SpamBayes, but for now I've settled on Active Spam Killer, which my friend Dizzy uses. Unfortunately, it's not very user-friendly for those who send email to <stpeter@jabber.org> or <peter@saint-andre.com>, but I'm working to update the whitelist as fast as possible so that most folks won't be hit with those automated "please confirm" messages. With my spam volume at 300+ messages a day and rising, I'm not sure what else to do. At least I'm not yet to the Jer level -- he was up to 4 spams a second on his old jeremie.com address before he simply had to pull the plug!

Posted on 2005-05-16 at 16:11. File under technology.

link ~

2005-05-12

Assurances #4-8

CAcert mini-party.

This evening half a dozen folks got together at SoftPro Books in Centennial, Colorado for a CAcert assurance party. I assured five people: Steve Senator (who was up from Colorado Springs), Jeff Falgout and Jeff Brown (both of whom work for Jefferson County), Michael Shimniok, and Dirk Huizenga of Business Technology Associates. Good times (and lots of assurance points) were had by all.

Posted on 2005-05-12 at 20:35. File under technology.

link ~

2005-05-10

North Americanization

The prospects for further integration in North America.

Professional worriers and cultural conservatives in the U.S., including highbrow tribalists like Samuel Huntington, like to rant and rave about the coming horde of Latin Americans (most Mexicans) who will swamp America's Anglo-Saxon culture and English language in a rising tide of Spanish culture and linguistic mixing. Yet, traditionally, Mexico (with, even today, a third the population of the U.S.) has worried more about Americanization than the U.S. has worried about Mexicanization. Indeed, one can argue that "North Americanization" has become an ever-stronger force in Mexican society over the last twenty years or so. (The situation in Canada is similar in some ways, although Canada's population is only a tenth of America's and most Canadians live within 100 miles of the border, so Canadians tend to guard their culture even more jealously.)

There has never been a North American identity comparable to the identity that (some) Europeans feel. NAFTA has increased economic integration within North America, and further integration is highly likely (e.g., as a result of improved transit links). But that doesn't mean Canadians, Americans, and Mexicans feel much devotion to a common identity of any kind. Both academics and NGOs are studying these issues, and even the President of Mexico has blessed Americanization (perhaps more in hopes of garnering campaign contributions than anything else). Yet there are important differences between Canadians, Americans, and Mexicans on questions of values and ideology, so it is unclear how far North American integration will proceed.

One interesting issue is, I think, the possible emergence of greater cooperation between particular regions of North America, irrespective of existing national borders -- think the Pacific Northwest from Vancouver to Portland, the Rocky Mountain West from Calgary to Denver or even Chihuahua, the Desert Southwest from Phoenix to Hermosillo, "greater Texas" from Dallas to Monterrey, "greater New England" from Connecticut to Nova Scotia, and so on. These regions may have common economic and environmental issues and to some extent more of a common culture than national surveys would indicate. There already exist multiple forums for regional cooperation, and I expect more to emerge.

Posted on 2005-05-10 at 22:03. File under society.

link ~

Economy/Ecology

Metaphors matter.

In Consilience, biologist Edward O. Wilson shows that he has a firm grasp of ecological thinking but a weak grasp of economic thinking:

Economic theorists, despite the undoubted genius of many, have enjoyed few successes in predicting the economic future, and they have suffered many embarrassing failures.

Among the successes are the partial stabilizations of a few national economies. In the United States the Federal Reserve Board now has enough knowledge and legal power to regulate the flow of money and prevent -- we trust! -- the economy from spinning into catastrophic inflations and depressions. On another front, the driving force of technological innovation on growth is reasonably well understood, at least roughly and in retrospect. On yet another, capital-asset pricing models have a major influence on Wall Street.

We are better off if economists speak than if they remain silent. But the theorists cannot answer definitively most of the key macroeconomic questions that concern society, including the optimal amount of fiscal regulation, future income distribution within and between nations, optimal population growth and distribution, long-term financial security of individual citizens, the roles of soil, water, biodiversity, and other exhaustible and diminishing resources, and the strength of "externalities" such as the deteriorating global environment. The world economy is a ship speeding through uncharted waters strewn with dangerous shoals.

First, metaphors matter, and the metaphor of an economy as a nationally-owned ship implies that a national government should be steering it (perhaps we even need a world government to coordinate among all those stubbornly independent nations for the sake of the world economy). Thus Wilson's longing for magical planners with the knowledge and legal power to regulate the money supply, distribute income, set population growth, ensure financial security, husband natural resources, and save the environment.

Wilson misses the crucial point that economic order is spontaneous, organic, and emergent in much the same way that linguistic or ecological order is. Was the order inherent in the English language legislated, or did it emerge naturally? The answer is obvious (heck, even the French language emerged naturally, although the Académie Française would like to control it). Closer to home for Wilson as a biologist, consider how silly it would be to complain that ecologists have failed because they do not have the knowledge and legal power to regulate the food supply, optimally distribute flora and fauna across biospheres, set the population of individual species, and ensure the biological security of individual animals.

I agree with Wilson that we need to connect economic thinking more closely with the insights of biology and psychology. But fundamentally misunderstanding the nature of economic life does not provide a strong basis for consilience between the biological and social sciences.

Posted on 2005-05-10 at 20:31. File under society.

link ~

2005-05-09

Understanding Baseball

Tocqueville and Barzun.

While writing the last entry, I was watching a baseball game between the Colorado Rockies and Atlanta Braves (after seeing the end of a game between the Yankees and Mariners). While searching for the Rockies game, I glimpsed a brief clip of Colorado Governor Bill Owens introducing some feature about the Rockies. Amusingly enough, Owens stated that the French historian Alexis de Tocqueville once observed that in order to understand America, you must understand baseball. Well, Tocqueville was a brilliant observer of American culture, but he died in 1859, well before baseball became the American pastime. Readers of this blog know that it was actually Jacques Barzun who said "Whoever wants to know the heart and mind of America had better learn baseball." I think our esteemed Governor needs a bit of a history lesson. :-)

Posted on 2005-05-09 at 20:58. File under society.

link ~

Profiles Again

Managing profile data in Jabber.

A while back I started to define a wire format for representing user profile data in Jabber, based on Data Forms. The data representation is only one piece of the puzzle, however. We also need methods for managing profile data: for data owners, publishing and editing the data as well as controlling who can view it; for data recipients, discovering and retrieving the data as well as, ideally, being informed when the data has been updated.

There are several problems with the data management model implicit in the existing vcard-temp protocol:

  • The data owner publishes his entire profile at one time (as a full vCard).
  • If the data owner needs to edit his profile, he edits the entire vCard, not the parts that have changed.
  • The data owner must make the entire profile world-readable and cannot specify who can access specific parts of the profile.
  • In order to retrieve the owner's profile, a recipient needs to request the entire vCard.
  • There is no way for the recipient to be informed that the owner's profile (or some part thereof) has changed.

Several of these features are less than desirable. We might think that the publish-subscribe extension can solve some of these problems:

  • Pubsub enables the data owner to publish only parts of his profile.
  • The subscription model inherent in the pubsub protocol enables the data owner to control who can view which data fields or "parts" of the profile.
  • If desired, a recipient can retrieve only parts of the profile, not the entire profile.
  • A recipient can be informed when a part of the profile has been updated.

But pubsub does not provide all the answers. Let's say that my full profile consists of 100 data fields -- not unlikely, given how many field types we've already defined (name, work info, home info, URLs, hobbies, interests, and so on). Is there one pubsub node for each field? Ick -- just think of how many packets would fly back and forth in order for me to publish my initial profile! Peter Millard proposed a way to bundle together the data forms for each "sub-profile" within one big wrapper, which sounds good but then we lose fine control over who has access to each field -- unless each field is supplemented with access information (which seemingly would end up replicating the access controls built into pubsub). Besides which, Peter's proposal does not address data retrieval, only data publication.

It may help to organize profile data using pubsub collection nodes. My full profile would be a collection node on a profile server, different sub-profiles (home, work, hobbies, etc.) would be collections organized under the full profile node, and each sub-profile would consist of leaf nodes (one for each data field). The payload for each leaf node would be a <field/> element qualified by the 'jabber:x:data' namespace.

But I think we still need a way to publish multiple items to multiple pubsub nodes at once (and, ideally, a way to create all those nodes at once, too). Perhaps we would use something like Peter's proposal to publish the initial profile to a profile server, with the assumption that the profile server would create all the required pubsub nodes (though it's not clear to me yet how we would handle access control over each data field).

One key assumption here is the existence of a profile server. We've always thought that publish-subscribe was a framework, and that various applications would be built on top of that framework. It seems to me that profiles are a good example of such an application, but obviously we need to think through some of the details, and accept that such application servers will require additional semantics above and beyond what's in pubsub. The question is whether we can generalize those semantics (e.g., a way to group node creation or publication requests) or whether they will be different for different applications.

Stay tuned...

Posted on 2005-05-09 at 20:49. File under jabber.

link ~

iChat SSL

Logging into jabber.org securely.

It seems that the jabber.org server does not present its certificates correctly, so iChat doesn't trust the server by default (you need to tell iChat to allow self-signed certificates, which is suboptimal -- see below). To truly solve the problem, we will need to do some work on the jabber.org server and Peter Millard may not have time to implement the required fixes today or tomorrow or this week (he's busy), so here is an interim fix for those of you who use iChat with a jabber.org account:

  1. Open Safari and visit <http://www.qualityssl.com/certs/QualitySSLIntermediateCA.crt> (note: you can't do this in Firefox because Firefox will attempt to import the certificate into its own chain, not save it as a separate file).
  2. Double-click QualitySSLIntermediateCA.crt in the Finder.
  3. KeychainAccess will ask you to select a keychain -- choose "login" (the default) and click OK.
  4. Launch iChat or, if you are logged in to jabber.org, log out.
  5. In iChat, choose iChat > Preferences and click your jabber.org account under Accounts.
  6. Click the "Server Settings" tab.
  7. Uncheck the "Allow self-signed certificates" box.
  8. Close the preferences and log in.

If iChat can't log in, you have problems -- revisit the preferences, check the "Allow self-signed certificates", and send me an IM message so I can walk you through the process.

Posted on 2005-05-09 at 16:17. File under jabber.

link ~

2005-05-05

Epistemography

Contrasting definitions.

In his essay "Science Studies as Epistemography" (chapter 10 of The One Culture?), Peter Dear defines epistemography as follows:

The term "epistemography" is intended to bring some clarity to the discussion by proposing a loose grouping of the most central and characteristic kinds of work currently encompassed by the label "science studies." The grouping strategy relies on making explicit the following recognition: the field of science studies is driven by attempts to understand what science, as a human activity, actually is and has been. Epistemography is the endeavor that attempts to investigate science "in the field," as it were, asking questions such as these: What counts as scientific knowledge? How is that knowledge made and certified? In what ways is it used or valued? "Epistemography" as a term signals that descriptive focus, much like "biography" or "geography." [The suffix "-ography" should not be taken to indicate anything more specific than "description" in the widest sense; it need not imply spatial description (akin to "cartography"), for example, although it could well do so in particular cases.] It designates an enterprise centrally concerned with developing an empirical understanding of scientific knowledge, in contrast to epistemology, which is a prescriptive study of how knowledge can or should be made.

Dear's conception of epistemography provides a useful counterpoint to mine. Following Hao Wang, I am more interested in describing and mapping out what we know than in describing how we know it. Wang called the endeavor of describing what we know "phenomenography" (or, in his later writings, "phenography"), but that term has been in use within educational theory for the past thirty years or so, so we need a different term. Besides, "phenomenography" implies that we are describing appearances as opposed to realities, which betrays a kind of Platonic-Kantian distinction between appearance and reality. Perhaps the term "ontography" would be appropriate: the description of reality as opposed to the theory of being ("ontology"), but I think "epistemography" gets to the heart of what Wang intended because he was most interested in doing justice to what we know, with all that implies: what we know, what we know, and what we know.

Such a study would be broader than Dear's focus on science, since there exists much knowledge outside of the sciences (practical knowledge, social knowledge, moral knowledge, aesthetic knowledge, etc.). Such a study would also focus on mapping out and connecting what we know (similar to E.O. Wilson's concept of "consilience"), not describing sociologically, historically, or empirically how scientific endeavor functions. I don't think Dear's program is wrongheaded, I just think it's not ambitious enough. Let's aim high: nothing less than a map of everything we know about reality (including our human reality). Come to think of it, perhaps "ontography" is an even better term than "epistemography": a map of all reality (which, practically speaking, means everything we know about reality, but that is perhaps a methodological detail). Naturally the map would be drawn to a certain scale; no map provides infinite detail, else it would not be usable. The challenge is to find the right scale that will enhance our ability to navigate and explore realities both familiar and unknown, then to fill in the map with greater detail over time through an iterative process of improvement. Wang's proposal was to do this by describing certain higher-level principles that apply to multiple disciplines (e.g., "like implies like" or "equal until proven unequal", which overturns the hierarchical world of the ancients both physically and socially), but I think something akin to Wilson's program of consilience may be closer to the mark.

Posted on 2005-05-05 at 21:12. File under philosophy.

link ~

2005-05-04

Assurance #3

CAcerting along.

The third person I've assured for the CAcert project is the great Matthew Miller, author of the JSO code library for XMPP development in Java, member of the Jabber Council, and all around nice guy. One thing that's cool about CAcert is the ability to use your certificate for code-signing, which I'll bet Matt will use for JSO. So many reasons to get involved with CAcert. ;-)

Posted on 2005-05-04 at 09:49. File under technology.

link ~

More Broccoli

Binary XML, stream compression, and XMPP.

Thanks to a pointer provided by Uche Ogbuji, I've just read an interesting paper on "binary XML" written by some researchers at IBM. Previously I've called binary XML the equivalent of broccoli ice cream, and I continue to doubt if it's something we need for XMPP, especially given that we have compression methods both as part of TLS and in standalone form as specified in JEP-0138: Stream Compression (for which the Last Call ends tomorrow).

Posted on 2005-05-04 at 09:04. File under jabber.

link ~

2005-05-03

TANSTAFP

Free parking and other subsidies.

Those of a libertarian persuasion generally don't like so-called public transportation (a.k.a. "mass transit" -- subways, trains, streetcars, and the like). Over time I've started to wonder why. It's not as if "individual transit" (cars) is not also subsidized in this ever-more-mixed economy we find ourselves in. Heck, right now your tax dollars and mine are going to pay for a multi-billion-dollar road expansion through the southern end of the Denver metropolitan area, all to be owned and run by that bugaboo of libertarian thinking: the government. So where were those freedom-loving libertarians raising a hue and cry when T-REX was approved? They sure complained loud and hard about the more recent FasTracks plan for more light rail lines in and around town.

Now comes UCLA urban planning professor, who argues in his new book that free parking ain't free -- in fact, it's just another subsidy to people who drive cars. Add in all the road and street construction, energy bills that favor oil companies, subsidies for car companies, and wars fought over oil, and you begin to see that American car culture is not the bastion of individual freedom it's made out to be.

To paraphrase Robert Heinlein: "There ain't no such thing as free parking."

Posted on 2005-05-03 at 21:05. File under society.

link ~

Strictly Confidential?

More on reader privacy.

As previously mentioned, the USA PATRIOT Act allows federal agents to access your book buying or borrowing records, without anyone ever informing you. Section 24-90-119 of the Colorado Revised Statues is not especially encouraging:

(1) Except as set forth in subsection (2) of this section, a publicly-supported library shall not disclose any record or other information that identifies a person as having requested or obtained specific materials or service or as otherwise having used the library. (2) Records may be disclosed in the following instances: (a) When necessary for the reasonable operation of the library; (b) Upon written consent of the user; (c) Pursuant to subpoena, upon court order, or where otherwise required by law; (d) To a custodial parent or legal guardian who has access to a minor's library card or its authorization number for the purpose of accessing by electronic means library records of the minor. (3) Any library official, employee, or volunteer who discloses information in violation of this section commits a class 2 petty offense and, upon conviction thereof, shall be punished by a fine of not more than three hundred dollars.

Well, subsection (2) pretty much leaves the door wide open, now doesn't it? You can be sure that when a federal agent requests (requisitions?) your book borrowing records, any Colorado library will need to comply, despite nice-sounding statements that "your records are strictly confidential". Perhaps some Denverites who really care about patron privacy need to join the Library Commission. (Either that, or it's time to start a library that isn't publicly-supported, since it's clear that he who pays the piper calls the tune.)

Posted on 2005-05-03 at 20:11. File under society.

link ~

Guilding the Lily

On occupational licensing.

Markets work. One person offers a product or service, a second person buys that product or service, a third person may ask the second person for a recommendation, the desire for reputation (and more business) leads most sellers to try to be ethical, competition leads sellers to offer high value for a good price -- well, you get the picture.

The fact that (in general) markets work -- and work well -- makes me wonder about the supposed need for occupational licensing. Think about it: would it be right for the government to require you to have a license in order to do your job? Let's say you live in Denver, Colorado and your dream job is to run auctions, dance the striptease, recycle auto parts, apply body art, run a dry cleaners, be an escort, run a gravel pit, make or sell ice cream, collect junk, offer massage services, be a security guard, run a parking lot, pedal a rickshaw, sell second-hand goods, drive a taxi, trim trees, be a valet, start a towing service, or any of a number of other occupations. Well, don't dream for long, because you need a license before you can make your dreams a reality.

Is there any reasonable justification for these occupational licensing restrictions? (Emphasis on the word "reasonable".) Are these regulations at all fair, especially to women, minorities, immigrants, and the poor? Some folks say "if you want peace, work for justice". I say "if you want justice, work for freedom".

Posted on 2005-05-03 at 19:43. File under politics.

link ~

2005-05-02

Identify This!

On the road to workable identity systems.

Dizzy is frustrated about complex identity technologies like Liberty, SAML, and the various WS-* protocols. I agree. In the spirit of John Sowa's law of standards, we need technologies that undergo iterative development and improvement in the context of small research projects, not unwieldy specifications designed by large committees. In the spirit of Adam Bosworth's recent keynote at the MySQL Users Conference, we need simple, even sloppy standards that scale (sloppy in the sense that you don't need to be a syntax guru to use them).

Will we achieve such technologies in the identity space? The signs right now don't look hopeful. Everyone is chattering about Liberty and SAML and WS-*, but ignoring the subject of all this identification: the individual. Individuals want, deserve, and must have control: over who has access to their identifying information. Wouldn't it be great if I could be the one who says that Vendor X can know my email address, that Person Y can comment at or trackback to my blog, that Lender Z can see my FICA score? Unfortunately, giving that power to the individual would require the kind of decentralized architecture that would cut some kinds of power brokers out of the action (those who would love to be the center of the identity universe).

What would such a decentralized approach look like? One metaphor is that of the digital wallet (a patented idea, thanks to the USPTO) or identity portfolio. No matter what you call it, I have under my control certain credentials issued by various corporate and governmental entities -- banks, credit card companies, insurance companies, government agencies, and the like. There is no central identity broker -- I can show my driver's license to a bartender or CAcert assurer or whomever without asking the issuer's permission or forcing those who would check my credentials to have any kind of relationship with the Department of Motor Vehicles. And not only are my credentials under my control, but I can disclose the minimal information needed for any given interaction. That seems to me like a reasonable model for electronic identity, except that we can do better than driver's licenses and social security cards because the magic of electronic information and digital signatures means that issuers can generate and sign short-lived credentials whenever I ask for them, rather than long-lived paper documents that are relatively easy to forge.

There are three parties to a minimal identity interaction: the individual, the issuer, and the accepter. (I'm not sure what to call the party to whom I present my credentials: "accepter" seems rather neutral, but other possible terms are recipient, reader, checker, verifier, validator, viewer, presentee.) Some identity interactions might engage additional parties, such as a broker, but at a minimum the fewest parties you need are those three and only those three.

Kim Cameron goes on to define four more laws of identity beyond individual control, minimal disclosure, and fewest parties, but I think those are key. Yes, the resulting system or network must also allow public information while protecting private information (directed identity), enable multiple and diverse players into the marketplace (pluralism), be user-friendly and integrate with human ways of knowing and acting (human integration), and make it possible for the individual and accepter to negotiate what identity information is needed in a particular context and for the individual to gather the appropriate credentials from one or more issuers and then present the resulting aggregation of credentials in a unified way (harmonious contextual autonomy), but those are more advanced characteristics of a workable identity technology -- system designers need to keep those in mind, but they are not directly important to the individual, I think.

Cameron's laws or principles of identity define a tough set of requirements, but I think those requirements can be met with open technologies and simple, smart standards that emerge from the bottom up through experimentation and iterative development. But a small team needs to take the first step along that road and then present their findings to the world with working prototypes and well-defined protocols. Thankfully, I happen to know of such a team, but they're working in stealth mode right now while they hammer out rough consensus and running code. Stay tuned... ;-)

Posted on 2005-05-02 at 21:12. File under identity.

link ~

What Are You Reading?

'Taint nobody's business but my own.

The Campaign for Reader Privacy says:

Under the USA PATRIOT Act, federal agents can gain access to your bookstore, library, and publisher records even if you are not suspected of involvement in terrorism or any criminal activity -- and you will never hear a word about it.

That's one more reason to pay cash and shop at your local bookstore -- my favorite is the privacy-conscious Tattered Cover. But I also need to ask my friends at the Denver Public Library about their stand on reader privacy.

Posted on 2005-05-02 at 18:37. File under society.

link ~

iChatting

iChat AV 3.0 and Jabber/XMPP.

Longtime Jabber hacker Julian Missig has investigated iChat's Jabber support (he's also posted a helpful FAQ for iChatters who are new to Jabber). Herewith a few replies to Julian based on my understanding of how iChat works...

  1. Account Registration -- No, iChat does not support JEP-0078: In-Band Registration. I'm not sure why -- perhaps they figured that iChat Server deployments would have in-band registration turned off by default.
  2. XMPP vs. Jabber -- Julian takes Apple to task for simply repackaging jabberd 1.4.3 as iChat Server. Since I don't have access to OS X Server, I'm not sure of that, but it sounds right. However, I don't criticize Apple for that decision -- they probably wanted to include a very solid Jabber server and what were their choices when they probably needed to make a go/no-go decision last summer or whatever? I think jabberd 1.4 was the best they could do then, and it did not include full XMPP support yet (although Matthias and friends have come a long way in jabberd 1.4.4). I have no doubt that Apple's support of Jabber protocols will be a work in progress, and that in some future version they will ship software with complete (or more complete) support for the XMPP RFCs.
  3. HTML Messages -- Yes, iChat's support for JEP-0071: XHTML-IM is a bit off. I probably should have submitted a bug report on their use of the <font/> tag (which is not part of the XHTML subset we defined in the JEP) and they also include some wacky attributes like 'ichatballooncolor' and 'ichattextcolor', which to be proper XML should have been namespaced.
  4. Avatars -- Yes, it's true that iChat's avatar protocol is not what we defined in JEP-0084: User Avatar but in their defense, JEP-0084 is a moving target, we didn't update it properly to reflect the Council consensus until version 0.5 was published on 2005-03-28 (too late to include in iChat 3.0, I would think), and asking Apple to depend on JEP-0060: Publish-Subscribe when there was (again) no stable implementation at the point they needed to make a go/no-go decision seems a bit harsh. I have it on good authority that our iChat friends will do the right thing once JEP-0084 is stable and JEP-0060 implementations are widely available. In the meantime, we use an interim protocol. Not pleasant, but not the end of the world (and in large measure it's our own damn fault for not finishing JEP-0084 sooner).
  5. vCards -- They're not editable in iChat. Hopefully that will be fixed in a future version of the client, perhaps with some nice AddressBook integration. But personally I'm just as happy they didn't implement that horrendous JEP-0054: vcard-temp, which gives us a chance to develop something better using pubsub and data forms.
  6. A/V -- Well, sure, it'd be nice if they implemented JEP-0111: TINS since, as far as I understand it, they use SIP for audio/video support. Maybe next time. ;-)
  7. Multi-User Chat -- iChat displays full JIDs, not nicknames. I too find that confusing, since it's not very IRC-ish (which is what JEP-0045: Multi-User Chat mimics to a large degree). In fact, iChat will display the person's AddressBook name if you've tied together a JID and a name. So if I'm in a groupchat with Julian, he'll show up as "Julian Missig" rather than x-virge. Probably some product marketing person at Apple thought that was best. :-) MUC features I'd like include the ability to bookmark a room or at least have iChat remember rooms you've been to, and of course those admin/moderator use cases although admittedly those are probably geek-only features that may never make it into iChat (so I may be stuck with doing kick and ban in the telnet client).
  8. Gateways -- As Julian notes, iChat doesn't support gateways to the consumer IM services (as described in JEP-0100: Gateway Interaction). Given that the legalities of gateways are murky (using them probably violates your user agreement with AIM, ICQ, MSN, or Yahoo), I don't blame Apple for passing on this one. Besides, the gateways don't tend to be very stable, which would result in a bad user experience.

In general, I think Apple has done a great job with iChat. Is it perfect? No. Is any Jabber client perfect? No. Is it a client that will make elite hackers happy? No, it's for your typical end user (perhaps even Aunt Tillie). I'm sure that the iChat developers were given constraints and requirements that forced them outside existing protocols (that's commercial development, folks). I'm sure that they will fix things based on feedback. I'm sure that they will work to make iChat more and more protocol-compliant over time. I'm sure that they will build more cool features into future releases (no, I don't know what those features might be, and even if I did I wouldn't be able to tell you).

If folks want a better Jabber client on OS X, they can always file bug reports and feature requests with the iChat team or contribute to one of the existing open-source clients (or write a new open-source client). In the meantime, I'm happily using iChat, and I'm sure lots of other folks are, too.

Posted on 2005-05-02 at 16:27. File under jabber.

link ~

What Is This Thing Called Blog?

A rose by any other name...

All sorts of folks are getting their shorts in a knot over what we should call bloggers. Are we journalists, writers, content providers, or something else? I think of myself primarily as a writer, but I remain unconvinced that the nomenclature is all that important -- although folks who worry about government regulation think it's best to call ourselves journalists (as Dave Winer said back in 2001, "journalism is a person writing a journal"). Why can't we just call it blogging and leave it at that? Heck, even to call myself a writer sounds a bit pretentious -- I'm just a person who writes -- and writing is just about as natural to me as breathing. As the sixties psychologists used to say, labeling is disabling. My philosophy is, just keep on writing. If everyone has a blog, how's anyone going to shut us down? Rights are meant to be exercised...

Posted on 2005-05-02 at 15:24. File under technology.

link ~

WoT's Happening

CAcert as a reputation system.

Over at the Financial Cryptography blog, Ian Grigg has posted some thoughts on CAcert as a reputation system. Although he says that in general reputation systems don't work, he argues that CAcert provides a benefit (free certificates) to those who participate in its Web of Trust (WoT), thus avoiding the incentive problems with existing reputation systems (i.e., what's in it for me?). Granted, the universe of people who think that a free certificate is a wonderful thing is small, but they are the people who matter as far as I'm concerned. (As previously noted, I'm working to assure more folks in Denver so that we can build a critical mass of local assurers.)

Posted on 2005-05-02 at 14:26. File under technology.

link ~

MS-XMPP?

Mere speculation.

A little bird just told me about an intriguing job posting at Monster for a position at Microsoft working on the MSN Messenger team. The posting reads in part:

Experience with Windows Sockets, TCP/IP, SIP, XMPP, and related network protocols is strongly preferred.

Hmmm...

Posted on 2005-05-02 at 14:07. File under jabber.

link ~

identity...

Peter Saint-Andre

my back pages

me
home
music
jabber
poems
journal
essays
dotplan
résumé
ism book
contact me
colorado blogs

my group blogs

albion's seedlings
extended conversation
floss foundations
microid development
planet jabber

jabberites

adam nemeth
daniel henninger
google talkabout
hal rottenberg
jeremie miller
kevin smith
mickael hallendal
ralph meijer
remko tronçon
robert quattlebaum

techies

barry leiba
bob wyman
eric rescorla
fred stutzman
future pundit
mike linksvayer
paul hoffman
the speculist
steve o'grady
stowe boyd

wonks

cafe hayek
chicago boyz
the futurist
instapundit
joel kotkin
marginal revolution
michael barone
rand simberg
rants and raves
samizdata

i use...

Jabber

CAcert

Firefox

Thunderbird

ClaimID

Rimu Hosting

i support...

IJ

PERC

i listen to...

Last.fm Tunes

fighting censorship...

current threat level...

Terror Alert Level

flying the flag...

Don't Tread On Me
PD no rights reserved Google
powered by vi, xml, and xslt

Blogshares

@ MEMBER OF PROJECT HONEY POT
Spam Harvester Protection Network
provided by Unspam