- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Tue, 14 Jun 2016 10:21:09 -0400
- To: public-credentials@w3.org
On 06/13/2016 07:33 PM, Melvin Carvalho wrote: > "The Web currently does not have a mechanism where people and > organizations can claim identifiers that they have sole ownership > over. Identifiers, such as those rooted in domain names like emails > addresses and website addresses, are effectively rented by people > and organizations rather than owned. Therefore, their use as > long-term identifiers is dependent upon parameters outside of their > control. One danger is that if the rent is not paid, all data > associated with the identifier can be made temporarily or permanently > inaccessible. This document specifies a mechanism where people and > organizations can cryptographically claim ownership over identifiers > such that they control them and the documents that they refer to." > > This is not a significant danger. It's like saying the google could > lose google.com <http://google.com> due to factors outside of their > control. It wont happen, will it? No, that will probably not happen, but people do lose access to services (and thus the identifiers for those services) for a variety of reasons. For example, I used to have this email address: msporny@marshall.edu and then this one msporny@vt.edu and now I have this one msporny@digitalbazaar.com Only one of those work these days. I've lost access to the other two, and with them, I lost access to all of my personal data and identities tied to those identifiers. > The fact is there's a small management fee for maintaining a global > lookup table, which can be as low as $1 a year, and if you want a > vanity address it's a bit more expensive. The last time I checked, a domain and SSL certificate cost a bit more than $1/year, not to mention hosting fees. :) Having a secure domain that you control with services attached to it costs roughly $223.64/year. This is what we pay for a barebones VM at a generic hosting provider with domain and SSL cert fees factored in. Before someone claims that they can do it for half of that price, keep in mind that we haven't factored in maintenance, security updates, or just "keeping the site" running into that equation at all. Also keep in mind that the price above assumes that you know how to setup and maintain these systems. The vast majority of the human population (99.9%) has no idea how to do that. Running a self-sovereign service on the current Internet is a very expensive proposition. Walk into to a refugee camp and tell them that they can self-issue identifier documents (this is one of our use cases, btw) to help them transition to another country and all it'll cost them is $223.64/year. It's a non-starter. > What you get for that price is participation in the biggest global > network in the history of the planet, allowing you to publish > arbitrary documents and code, for you, and anyone you wish to put on > a subdomain. We've never had anything like this before. While it's true that we've never had anything like this before, it's also a solution that assumes you have lots of money or you're willing to trade your self-sovereignity for a "free" service (which many do today). There's a better way, which is what WebDHT, Namecoin, OneName, and others are attempting to pursue. I know you already agree with a good bit of this, Melvin. :) I'm primarily taking issue with the "This is not a significant danger." statement. I think that's a dangerous way to think about the issue because it leaves some of the most vulnerable people on the planet without a solution to their needs (documenting that they are living human beings). -- manu -- Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny) Founder/CEO - Digital Bazaar, Inc. blog: The Web Browser API Incubation Anti-Pattern http://manu.sporny.org/2016/browser-api-incubation-antipattern/
Received on Tuesday, 14 June 2016 14:21:35 UTC