Re: decentralised from Melvin Carvalho on 2016-06-15 (public-credentials@w3.org from June 2016)

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Wed, 15 Jun 2016 15:14:59 +0200
To: dcrocker@bbiw.net
Cc: Manu Sporny <msporny@digitalbazaar.com>, W3C Credentials Community Group <public-credentials@w3.org>
Message-ID: <CAKaEYhL8PkpQAZEPwUrDu0Lxzxa-syLP9DOErLTAPXmYHXepdw@mail.gmail.com>

On 15 June 2016 at 13:25, Dave Crocker <dhc@dcrocker.net> wrote:

> On 6/15/2016 4:31 AM, Melvin Carvalho wrote:
>
>>
>>
>> On 14 June 2016 at 16:21, Manu Sporny <msporny@digitalbazaar.com
>> <mailto:msporny@digitalbazaar.com>> wrote:
>>
>>     On 06/13/2016 07:33 PM, Melvin Carvalho wrote:
>>
> ...
>
>>     >     Identifiers, such as those rooted in domain names like emails
>>     > addresses and website addresses, are effectively rented by people
>>     > and organizations rather than owned. Therefore, their use as
>>     > long-term identifiers is dependent upon parameters outside of their
>>     > control. One danger is that if the rent is not paid, all data
>>     > associated with the identifier can be made temporarily or
>> permanently
>>     > inaccessible.
>>
> ...
>
>>     > This is not a significant danger.  It's like saying the google could
>>     > lose google.com <http://google.com> <http://google.com> due to
>>     factors outside of their
>>     > control.  It wont happen, will it?
>>
>
> Yes it will.  Not often and probably not to vast numbers of people, but of
> course it will happen.
>
> Literally no private organization has ever lasted forever and many that
> cease to exist do so suddenly and traumatically.  That's certain to
> eventually be a domain name registry, a domain name registrar, or a user's
> ISP.
>
> Even governments fail, of sometimes quite messily.  (cf, Soviet Union.)
>
> So an operational scenario that relies on perfect continuity of naming
> administration support is going to be one that is certain, at some point,
> to demonstrate catastrophic failure.
>
>
> Yes user@host identifiers are vulnerable to his.  My sister actually got
>> locked out of her gmail because someone else tried to access it.
>>
>
> And then there is /that/ scenario.  Different details from 'failure of the
> organization' but same effect on the user.
>

Yes I'd be much more concerned with failure of a service provider (eg email
provider or identity provider etc.)


>
>
>
> d/
>
> --
>
>   Dave Crocker
>   Brandenburg InternetWorking
>   bbiw.net
>

Received on Wednesday, 15 June 2016 13:15:29 UTC