- From: Dave Longley <dlongley@digitalbazaar.com>
- Date: Wed, 15 Jun 2016 09:37:13 -0400
- To: Melvin Carvalho <melvincarvalho@gmail.com>, Manu Sporny <msporny@digitalbazaar.com>
- Cc: W3C Credentials Community Group <public-credentials@w3.org>
On 06/15/2016 04:31 AM, Melvin Carvalho wrote: > > > On 14 June 2016 at 16:21, Manu Sporny <msporny@digitalbazaar.com > <mailto:msporny@digitalbazaar.com>> wrote: > > On 06/13/2016 07:33 PM, Melvin Carvalho wrote: > > "The Web currently does not have a mechanism where people and > > organizations can claim identifiers that they have sole ownership > > over. Identifiers, such as those rooted in domain names like emails > > addresses and website addresses, are effectively rented by people > > and organizations rather than owned. Therefore, their use as > > long-term identifiers is dependent upon parameters outside of their > > control. One danger is that if the rent is not paid, all data > > associated with the identifier can be made temporarily or permanently > > inaccessible. This document specifies a mechanism where people and > > organizations can cryptographically claim ownership over identifiers > > such that they control them and the documents that they refer to." > > > > This is not a significant danger. It's like saying the google could > > lose google.com <http://google.com> <http://google.com> due to > factors outside of their > > control. It wont happen, will it? Is the assertion that Google will be around forever -- or at least longer than anyone's lifetime? Is the assertion that the likelihood of Google losing its domain is the same as the likelihood of some random person? What about some random person who falls on difficult times and can't pay for their domain? What about some random person that needs an identifier that doesn't reveal certain aspects about them by being attached to their domain? I don't think this covers many cases. > > Have a look at > > https://tld-list.com/ > > There's a few domains in the $1-$2 range. > > Lets encrypt certs are free. But well HTTPS is not mandatory for a > domain. Certificates may be free, paying for the education to be able to maintain one and use Lets encrypt is not free (in many countries). HTTPS may be mandatory to be able to adequately prove various assertions about your identity. > > But actually I think everyone should get credit from the govt to have > one domain (and probably server space) for free. Which government? While a laudable goal, not every government is free and stable. > This is a service that > should be a utility and covered by tax revenue, or passport registration > fees. It should be started from school so that children have the > ability to learn programming. This may work coming from a first world perspective. What about everyone else? > > For example have a look at what you can get for 2.99 a month from scaleway: > > https://www.scaleway.com/ > > 2 x86 64bit Cores > 2GB Memory > 50GB SSD Disk > 200Mbit/s > Unmetered bandwidth Again, consider the perspective. This approach works for people living in first world countries with tech experience and the desire to run their own servers and/or governments that they trust to indefinitely provide these services on their behalf. Second of all, how are you going to pay for that in the first place? Are you going to present some identity and/or payment credentials that you already possess? I think perspective is key here. -- Dave Longley CTO Digital Bazaar, Inc.
Received on Wednesday, 15 June 2016 13:37:41 UTC