W3C home > Mailing lists > Public > public-credentials@w3.org > April 2017

Re: Blockchain Standardization (was Re: PR for playground)

From: Timothy Holborn <timothy.holborn@gmail.com>
Date: Wed, 05 Apr 2017 12:54:41 +0000
Message-ID: <CAM1Sok3pFOYDXcKN1Kx_GZOwc8q5=oruYCDB-2uZpHxWME_Hxw@mail.gmail.com>
To: "Lemieux, Victoria" <v.lemieux@ubc.ca>, Adrian Hope-Bailie <adrian@hopebailie.com>
Cc: Greg Adamson <g.adamson@ieee.org>, Melvin Carvalho <melvincarvalho@gmail.com>, Manu Sporny <msporny@digitalbazaar.com>, W3C Credentials Community Group <public-credentials@w3.org>, Blockchain CG <public-blockchain@w3.org>, David Wood <david.wood@ephox.com>
On Wed, 5 Apr 2017 at 19:56 Lemieux, Victoria <v.lemieux@ubc.ca> wrote:

> Hello All, I attended the ISO meetings today, and the group passed a
> series of resolutions that provide the scope of the work that they will
> begin.  As soon as the draft resolution is posted to the TC 307 site, I’ll
> circulate it to you. At this point the focus is on getting started on
> terminology, as well as on a series of study groups that will focus on
> reference architectures,

Can we set-up a web resource / location --> to illustrate these
architectures we're (all) talking about?

Whilst i understand the complications, i'm continuing to have issues with
the term 'blockchain'.  Part of my problem here is that the general
understanding of blockchains refer to a mechanism that requires 'mining',
which in-turn offers an opportunity to sell alot of hardware (and
thereafter use alot of energy).

Perhaps indeed, i need to simply get off it; and i know within the
'Fintech' space blockchain = buzzword --> people have budget for
'blockchain' stuff; yet on the web layer of this work, it appears modern
designs are working to take into account;

taxonomies and ontologies; security and privacy; identity; governance, use
> cases; and smart contracts,

plus much more.  From a technology perspective (rather than use-cases,
which include some of the former)

1. RDF
3. HTTP Signatures
4. some sort of provenance / version control
5. purge functionality
6. perhaps some way of packaging the referenced ontology definition (re:
point 4) (maybe build upon LDP?)
7. variable decentralisation mechanics (ie: distribute to every
participant, distribute to group -- (1 --> n)

I would like to add also dignity (as an interoperable developmental method
supportive of privacy)

Identity (access/auth/utility - use cases) is tricky - IMHO, packaged,
signed, sparql statements in plurality offer a flexible approach to
representations of bundled 'identity constituent' statements, supportive of
persona management.

8. have we reviewed https://www.w3.org/TR/ldn/

among other things.  The goal of these study groups will be to determine
> what work the committee should undertake in each of these areas.
> Nick Lee will lead the study group on Identity.
Define identity?

web (online/digital, et.al.) Identity is a nebulas, continuously evolving
permissive set of characterisations that are perceived by recipients
involving choices made by the 'subject' as to perform / elect persona
attributes within a temporally aware data space. These 'affirmations' are
likely perceived differently between participants of any one identity
related communication.  It gets more complex thereafter.

Constituents to an identity framework may includes;
- Authentication and preservation of access control
- implicit, explicit and unstructured counterparts of knowledge
representation provided on some sort of basis.
- internal/external influencers (balanced out with dignity / privacy
mechanics that may create/infer true/false pretexts)
- interferences with the confluence of structured, unstructured, accurate,
false/misleading knowledge fragments

https://www.w3.org/2005/Incubator/webid/spec/tls/ gives a relatively good
means (despite documentation aspects, particularly re: ontology use) to
define a device/account (being some devices have no accounts, and others
do); but it doesn't really identify the user of the machine, this is
currently inferred.

So, in other words, it’s very early days yet, and it will likely be several
> months before there is greater clarity on exactly what the committee will
> work on as formal work packages.
> I hope that this information provides some clarity on what has been
> happening within the ISO.

So, we have
- IETF (are they in the chat?)
- W3C
- OASIS was involved at some stage, not sure what's happening there...

I think the big thing here; is this 'identity' counterpart; i think we need
to be both particularly careful about it, but also honest and straight
forward.  The 'identity' piece, has often been over simplified and the web
has an array of characteristics throughout modern civilisation world-wide
due to these implicit decisions.

I watched it through the emergence of Web 2.0.  I think we need to consider
these variant challenges with more diligence this time around.  If we're
not going to look at that problem (or the implications of what we're doing
in how it will impact that problem); then a simple press release stating
so, may suffice.

If we're going to incorporate some thinking about these sorts of enormous
challenges...  (imho, better to have tried and failed than not to have
tried at all); then my thoughts are that the breadth of participation
(perhaps surrounding "linked data decentralised ledgers" on the
data-presentation layer) may yield better results.

I assume the use of these technologies will result in 'tamper evident',
'mathematic proofs' in machine/human readable formats for use as
'verifiable claims' as a high-level "identity constituent";

- i did this thing
- i own this
- this happened
- this creative work has properties that others support by way of digital


> Best wishes,
> Victoria
> Tim.H.

> On Apr 4, 2017, at 5:18 PM, Adrian Hope-Bailie <adrian@hopebailie.com>
> wrote:
> Hi Greg,
> I have read as much as I could find publicly on the ISO work in this space
> but I am still unclear on what the deliverables of such a group would be.
> What is the group aiming to standardize and why?
> Adrian
> On 3 April 2017 at 19:35, Greg Adamson <greg.adamson.engineer@gmail.com>
> wrote:
> Hi Adrian,
> On ISO, I will let you know once the TC307 meeting finishes in Sydney in a
> couple of days. I take your point that ISO moves slowly. But I think it is
> important to see they come up with the best possible result (which may be
> or include endorsement of what others have done). One problem in the ISO
> process at the moment is that the self-selected global group group of
> participating national standards organisations doesn't include India or any
> African country. I am working to rectify that if possible.
> Regards, Greg
> Dr Greg Adamson
> Principal, Digital Risk Innovation
> Chair, IEEE Design for Ethics Ad Hoc
> +61 423 783 527 <+61%20423%20783%20527>
> On Mon, Apr 3, 2017 at 4:29 AM, Adrian Hope-Bailie <adrian@hopebailie.com>
> wrote:
> On 2 April 2017 at 04:19, Melvin Carvalho <melvincarvalho@gmail.com>
> wrote:
> On 2 April 2017 at 04:19, Manu Sporny <msporny@digitalbazaar.com> wrote:
> bcc: Credentials CG
> cc: Blockchain CG
> Migrating this thread to the Blockchain CG mailing list as it's become
> more blockchain-y, than web payments-y or verifiable claim-y.
> For those that didn't see the start of this thread, it is here:
> https://lists.w3.org/Archives/Public/public-credentials/2017Mar/0023.html
> On 03/31/2017 11:25 PM, Adrian Hope-Bailie wrote:
> I am interested to hear from those of you involved what the goals of
> these [Blockchain Standardization] initiatives are?
> I think the goals are different between the standards bodies, and
> personally, I find it very difficult to track everything going on at the
> moment as things are still very dynamic.
> So it's not just me!
> What are you trying to standardize?
> I've heard at least these answers to that question:
> * governance for each blockchain
> Are governance parameters transferrable?

> * decentralized identifiers
> Method of decentralisation (ie: variable between 1 --> n)

> I think we have to standardize decentralized identifiers, as everything
> else is built on that.
> +1
> I feel like a lot of the technical standardization work is riding the
> blockchain hype. It's big "S" standardization just for the sake of
> standards bodies not wanting to miss the boat.
> meh. http://info.cern.ch/ --> good design is one thing.
https://www.w3.org/Consortium/Patent-Policy-20040205/ is investable, and
has different characteristics / properties from a socio-economic

> Somebody please tell me what an ISO technical committee is going to
> standardize wrt DLT and Blockchain. The ISO process is way too slow to be
> effective in such a fast developing area.
> Broader market overtime.  important, but perhaps not the incubation lead..

> IMO technical standardization it will be ineffective until it has a
> focused use case (like DIDs). Part of the reason Interledger has been
> successful is that it's not trying to standardize something broad like DLT
> it's focused on value transfer.
> it'll be interesting to see what happens with interledger over the next
decade.  It's a good step forward, but the problems in this landscape are
significant (imho) due to the applicability of the works more broadly.

> We've been stuck on this topic for 10 years as everyone has their pet
> favorite identity system.
> there's that *identity* word again...   as those people are simply
anecdotal to purpose.

> What is needed is a system that will interoperate, and we should
> aggressively throw out identity systems on the criteria that cant be shown
> to interoperate (which is most of them!) or have significant traction.
> i think people don't think about it enough, whilst also agreeing most
existing solutions are not capable of achieving compliance with a
well-formed 'fit for purpose' test.

Work required to produce such an analysis would include doing the identity
use-cases in a broad socioeconomic methodology - which isn't really a
blockchain mandate, that's something else.

> The main problem I see is that people are fascinated by overloading
> identifiers to do two (or three) different things.  This is wrong.
> Identifiers should be opaque.  The reason being that different people will
> overload in different ways, and that leads to failure to interoperate, and
> balkanization.
> Actually I think the problem is interoperability in the various protocols
> used to resolve and discover addresses and services from an identifier/name.
> And crucially, the need for identifiers to be useful and accessible to
> humans.
> Accessible? human rights doctrine has a concept of 'right to self
determination' (which i think should surely relate to 'accountability', but
is certainly complex).

> The most logical thing to do is to start by saying standardization of
> identities MUST be URIs.
> Then look at ecosystems within each URI scheme:
> For example
> http URIs have a perfectly good spec that is widely deployed called
> WebID.  Alternatives in the http world can be proposed, but let's be ready
> to standardize what makes sense.  I would recommend labeling any identity
> system that relies on http 303 redirects as an anti pattern, as experience
> has shown they are a nightmare to deal with, and also they mix the data
> layer with the transport layer.
> lots of HTTP frameworks therein...

> bitcoin seems to have significant traction as a uri scheme and fits into
> the anyURI category
> I think enough work has been done on DID URIs to merit further
> investigation
> Of course mailto: and tel: URI schemes exist.
> This is a nice start but then there needs to be a standard discovery
> protocol per scheme.
> We have a standard encoding for a Universal Resource Identifier and this
> has an allowance for a scheme so that we can define a different Universal
> Resource Discovery Protocol per scheme.
> We have at least one already: HTTP
> Assuming you have this, the final piece is a standard representation of a
> resource. i.e. If you give me a URI that you say identifies a person then
> when I use the appropriate discovery protocol for that URI scheme I should
> get back a resource I know how to interpret.
> (We're changing topic here again)
> Perhaps we should start a wiki page on identity, and lay out the
> guidelines to achieve standardization.  This is the building block for
> everything we do.
> * interledger transactions
> * interledger linking
> * standardization around Bitcoin/Ethereum
> * smart contracts
> * blockchain data models
> So, there is technical standardization and political governance. Our
> organization is most interested in the technical standardization, but I
> struggle to see any initiative that has drawn more than a handful of
> blockchain organizations to the table. Interledger seems to be the most
> far along. I think we're making progress for cross-chain decentralized
> identifiers (DIDs). The Linked Data Decentralized Ledger stuff is new,
> but I'm speaking at a workshop on the topic day after tomorrow in Perth,
> Australia and will have a better idea on what the industry is thinking
> wrt. traction at that point (I don't expect much traction at present).
> As I said above I don't see "blockchain" or "DLT" standardization
> happening soon. The industry is still figuring out the details and while
> there is still a feeling that there may be undiscovered opportunities
> around the next corner the prominent players are not going to fall over
> themselves to collaborate on a standard.
> And, for many in the industry the belief that a DLT provides
> interoperability is still widely held.
> Interledger is not a blockchain standardization effort. The amazing
> developments around value recording ledgers (like Bitcoin, Ripple,
> Ethereum) have provided the diversity of use cases to inspire a standard.
> In reality Interledger could have been developed to just work between
> traditional private ledgers but the desire to make it interoperate with
> public DLTs has been a key influence on the work.
> So Adrian, to give you a data point... I can't see anything clearly yet,
> but I know that we're going to be seeing more and more proposals for
> standardization over the next year and we'll see how those resonate with
> the community. I'm skeptical that we can do big "S" standardization and
> should instead be seeking little "s" standardization. I think things
> like Interledger, Chainpoint, decentralized identifiers, data models,
> and HTTP APIs are all we could suggest standardization proposals for at
> this point in time... and even then, they'll be rough for another year
> or three before we start to see some momentum. Just my $0.02.
> Thanks Manu. With all this talk of standardization I worried that there
> was something I was missing. But it seems we're all in the same boat.
> Waiting to see where the tide takes this thing...
> Adam, are you in Perth for WWW2017? Pindar and I will be there tomorrow
> along with Tim and a few other blockchain folks. Perhaps we could sit
> down and have a chat about what we see as reasonable things to pursue in
> the next year or two?
> We had fun :) it was great to finally meet a bunch of people i've been
working so hard, for so many years - but had never had that experience of a
real-world conversation --> awesome...


> -- manu
> --
> Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
> Founder/CEO - Digital Bazaar, Inc.
> blog: Rebalancing How the Web is Built
> http://manu.sporny.org/2016/rebalancing/
Received on Wednesday, 5 April 2017 12:55:31 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:24:44 UTC