Re: "Identity" from Timothy Holborn on 2017-06-01 (public-credentials@w3.org from June 2017)

From: Timothy Holborn <timothy.holborn@gmail.com>
Date: Thu, 01 Jun 2017 02:45:04 +0000
To: Manu Sporny <msporny@digitalbazaar.com>, public-credentials@w3.org
Message-ID: <CAM1Sok2yOtUh0M10RSEYBC1PC8yxQugEH=U2dGmn=jWv7csWsg@mail.gmail.com>
Looking for an appropriate area to have the discussion. Considering various
options.

The instrument for a blockchain or certificate approach comes down to a
private key?

I've had a few overtime. as life has it, I keep loosing them.

Anyhow.

Tim.h.

On Thu., 1 Jun. 2017, 11:03 am Manu Sporny, <msporny@digitalbazaar.com>
wrote:

> On 05/30/2017 01:40 PM, Joe Andrieu wrote:
> > I started this note to send to Manu in particular, but realized it
> > would be useful to share with the larger community.
>
> +1, to not having off-list discussions about important topics like this.
> It should be a community discussion. Good call, Joe.
>
> > Unfortunately, establishing "Identity" as something we can't talk
> > about undermines the effort to shift that conversation. It's the
> > Overton window. When we make Identity off-topic for conversation, we
> > can't fix how we talk about it.
>
> I don't think anyone is meaning to imply that "Identity" is off-topic
> for the conversation. What was mentioned on the VCWG call today was
> specifically about aligning terminology that was used in the spec
> because it was schizophrenic about whether it was talking about an
> "identity" or an "entity".
>
> > I argue the best way to avoid the rathole is to find the right way to
> > talk about it. The right context. The right definitions. The right
> > boundaries of scope.  Especially because whether we embrace it or
> > fight it, verifiable claims are going to be used for identity. I'd
> > like to face that head on rather than pretend it isn't going to
> > happen.
>
> Many of us know that Verifiable Claims are going to be used for some
> aspects of what we call "identity" (and I'm using the term in a very
> broad and vague sense here).
>
> Let's fast forward to a point where this community has properly defined
> "identity" in a coherent way. Here are the problems that we will still
> face:
>
> 1. Some other community has defined it in some other way that makes
> sense to them and they are unwilling to change the definition... and
> we're back to not having a unified definition.
>
> 2. Those that do not want this work to succeed due to self interest will
> twist the mere fact that we are "working on identity" to demonize the work.
>
> It's #2 above that concerns me the most because it was exactly that
> mechanism that was used to delay the work for a year.
>
> We don't need to define or make "identity" prominent to build a
> technology that will be useful for meeting many "identity use cases".
>
> > I don't see wholesale exorcism as the right way to move the
> > conversation forward either.
>
> Agreed.
>
> > So, my request is to please work with me to find a way to avoid the
> > rathole without demonizing the term itself, for example, by putting
> > it in "quotes" and adding caveats every time it is used.
>
> Good proposal... now propose some solid spec text where you see the
> problem unfolding. That's the best way to get this concept into the spec.
>
> > My current focus is on framing the conversation it terms of how
> > identity functions rather than what it means culturally,
> > psychologically, politically, or metaphysically. I also distinguish
> > "Identity" and "Digital Identity", the latter being a tool to
> > facilitate the former. That may or may not work for the groups in
> > this conversation, but I believe it is a promising direction.
>
> -1 to "Digital Identity" as it feels too similar to "Identity".
>
> I like your "functions" approach and don't mind phrases like:
>
> "...to establish that the individual is above the age of 18..."
>
> "...to authenticate the employment status of a person..."
>
> "...to verify the shipping address of a customer..."
>
> Those are all specific statements that are a part of what many would
> consider an identity. The benefit in the statements above is that
> they're not vague and so there is little room for re-interpretation in a
> negative way.
>
> My primary concern with these "identity" discussions are:
>
> 1. Unless they help us produce specs and code, they belong in a more
>    academic forum. At best they are a distraction and at worst, they
>    prevent the technical discussions we need to have from happening.
>    We do need to talk about enough of it so that the specs stick
>    together in a coherent way.
> 2. If we /do/ define "identity" and make it a central topic of the
>    group, then it opens us up to a wide range of political attacks that
>    /will/ slow things down (as they have over the past year). I'm
>    personally not fond of having to deal with the fallout from that
>    stuff because it 1) happens behind closed doors and 2) saps energy
>    from those trying to build this stuff.
>
> So, +1 to not making the discussion around "identity" verboten, but
> within reason. I'm sure we'll find the right balance in time, but until
> we do, let's try to leave the controversial bits out of the spec.
>
> -- manu
>
> --
> Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
> Founder/CEO - Digital Bazaar, Inc.
> blog: Rebalancing How the Web is Built
> http://manu.sporny.org/2016/rebalancing/
>
>
Received on Thursday, 1 June 2017 02:45:50 UTC