- From: Christoph Dorn <christoph@christophdorn.com>
- Date: Fri, 16 Sep 2016 16:38:09 +0000
- To: timothy.holborn@gmail.com
- Cc: msporny@digitalbazaar.com, public-credentials@w3.org
(I have not participated in the credentials work; just observing from afar) Microsoft is happy with current solutions which are either "heavy and encompassing" or "light and disjointed". They abstract the "heavy" for their customers into tools that can also accommodate the "light" for any purpose. There is no inherent motivation to go "light and encompassing". IMO what the credentials work is trying to achieve is to build a "light and principled core" that can be used to model the "heavy" of old and orchestrate the "light" of the new (pun intended). What I am talking about is a set of simple principles and standards that bring a crypto/mathematical foundation to data sets and exchange that is field of application agnostic. It is built from first principles that may be applied in different permutations to model any comparable/competing system. The standard and resulting implementations are small, easy to understand by newcomers, able to do all primary work in-standard and interface with a huge ecosystem of adapters for legacy porting and extra functionality. i.e. The standard is truly enabling instead of another silo. Act as if. IMO if the credentials work is ready then start building **small** core reference implementation components that are easily consumed in JavaScript (IDEs to model and runtimes) and build larger systems with these that specialize and bridge. This will flush out your core principles very quickly and if the core components have the right interfaces everyone can write their own implementations that scale. IMO many adopted standards are either forced, got lucky with timing, or precipitated from frustration with interoperability. There has to be a better way. IMO the credentials work is forward-looking and thus runs the risk of not being backwards friendly if the standard and implementation recommendations are not based on actual production implementations. Not being backwards friendly is a killer. I think the credentials work has the potential to spread as fast as JSON Web Tokens [1] if there is a simple standard, compact reference implementations and an implementation-agnostic test suite to ensure interoperability. Enable HTML5/JavaScript applications to leverage the whole credentials ecosystem irrespective of the browser/shell first. This will allow whoever is implementing the standard or expanding on it to work from the same **functional** base that can be collaboratively refined **today**. IMO if you treat the credentials discussions to arrive at a standard as your only venue of collaboration you disperse the force that is bringing your vision together because we all have such different points of view and difficulties communicating on the same terms. It makes it difficult to understand what the exact common denominator is because it cannot be functionally validated over time. If instead you focus on a common core reference implementation, a website with test suites and showcasing the live status of the growing ecosystem of leveraging projects and their current deviation from spec you not only have something to **work against** as a directing group but can also engage users of your standard. I find it immensely frustrating when I see how much time goes into emails that end up like **grains** of sand on a beach. Nothing to show. No impact. I would much rather build sand **castles** that have a chance to turn into palaces because others can **easily learn** and **usefully interact** with it **today**. Christoph [1] - https://jwt.io/ On September 15, 2016 09:17:03 pm PDT, "Timothy Holborn" <timothy.holborn@gmail.com> wrote: > One of the greatest applications of credentials could be via support for > any such standards apparatus being able to "uplift" active directory > functionality. > > Tim.H. > > On Fri., 16 Sep. 2016, 10:54 am Manu Sporny, <msporny@digitalbazaar.com> > wrote: > >> Hi all, >> >> Here's the latest feedback from Microsoft: >> >> >> https://lists.w3.org/Archives/Public/public-webpayments-ig/2016Sep/0023.html >> >> and the response: >> >> >> https://lists.w3.org/Archives/Public/public-webpayments-ig/2016Sep/0024.html >> >> -- manu >> >> -- >> Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny) >> Founder/CEO - Digital Bazaar, Inc. >> blog: Rebalancing How the Web is Built >> http://manu.sporny.org/2016/rebalancing/ >> >>
Received on Friday, 16 September 2016 16:38:50 UTC