Re: Comments on draft charter [Was: Agenda: Verifiable Claims Teleconference - Tuesday, March 8th 2016]

On 03/12/2016 06:27 PM, Steven Rowat wrote:
> RE: "Identity fragility"
> 
> I flagged this a few days ago and got no comments, but on re-reading the
> Charter draft it still stands out for me, and this time I have a
> suggested improvement.
> 
> Currently, the Problem Statement includes:
> 
> "In existing attribute exchange architectures (like SAML, OpenID
> Connect, Login with SuperProviderX, etc.), users, and their verifiable
> claims, do not independently exist from service providers. This means
> users can't easily change their service provider without losing their
> digital identity. This leads to vendor lock-in, identity fragility,
> reduced competition in the marketplace, and reduced privacy for all
> stakeholders. "
> 
> As this stands, the main direct problem for the credential holder --
> besides privacy -- is 'identity fragility'. I'd suggest that:
> a) that's vague
> b) there are other things happening: IMO the vendor lock-in leads to
> identity duplication, confusion, loss, and inaccuracy.
> 
> Perhaps all those things together could be characterised as 'fragility',
> but since the vendor lock-in issue is a major reason why verifiable
> claims are needed, IMO it's best to spell it out. I suggest the last
> sentence be amended to:
> 
> "This leads to: vendor lock-in, identity fragility (duplication,
> confusion, loss, and inaccuracy), reduced competition in the
> marketplace, and reduced privacy for all stakeholders."
> 
> And of course we could also fight about (I mean discuss) which of those
> four descriptors are accurate, and/or add others.

"Undue/undesirable fragmentation" is another.


-- 
Dave Longley
CTO
Digital Bazaar, Inc.

Received on Sunday, 13 March 2016 22:44:55 UTC