- From: Chris Boscolo <chris@boscolo.net>
- Date: Sat, 2 Jun 2018 09:48:11 -0700
- To: "Jordan, John CITZ:EX" <John.Jordan@gov.bc.ca>
- Cc: Credentials Community Group <public-credentials@w3.org>, Manu Sporny <msporny@digitalbazaar.com>, Kettunen Antti J <antti.j.kettunen@tieto.com>
- Message-ID: <CAByYRhZwY896dDf+F27KzPzWh_7P=j6X8TfWBFg6jvmPjY85LQ@mail.gmail.com>
Thanks for this contribution, Jordan. I agree with you that GOV-issued VCs are the right way to prove the existence of a legal entity. I have a couple of follow-up questions/comments. 1) Since the issuer of a VC is also identified via a DID, how is this GOV DID that signs the Org VCs made know to others? 2) Not all organizations are legal entities. Some are more informal, like a book club? Who signs these VCs? I have some thoughts on these questions but am curious about what others think. -chrisb On Fri, Jun 1, 2018 at 12:37 PM, Jordan, John CITZ:EX <John.Jordan@gov.bc.ca > wrote: > So ... > > I think I have a different point of view on corporate identifiers ... I > don’t think we need a single identifier like we have been trying to > unsuccessfully have in some places for years. I feel like those numbers are > a bad side effect of centralized database primary keys. > > For sure a legal entity that isn't human (corporations, partnerships, > societies, etc) will have DIDs, however I don't think they need one DID to > be known by. These types of entities have to be created by some > legislatively authorized authority. They only exist as a construct of a > law. Therefore, there must be a Verifiable Credential issued to that > entity. It is this verifiable credential that is the proof of existence for > that legal entity. It may contain some sort of locally unique identifier > but that is beside the point I believe. The entity will have presented the > authority with a DID to which the verifiable credential would be issued > from the point of view of the authority. However, if the legal entity later > establishes a digital relationship with a supply chain partner or what not > .. they could use a different DID for that relationship and use the > verifiable credential they hold to prove they are a registered legal entity > (and whatever other proofs they are required to provide) to their new > partner. > > I think the reason I am quite resistant to a single identifier (if that is > what is being contemplated) for an organization is that in the real world > stuff happens. Organizations, change, merge, are sold and so forth. Very > rarely do they go about the task of informing all the connections they have > after this real world event has happened and when it impacts things like > legal name, the identifier they are known by and whatnot. And so, over time > the real world events wander off from these single identifiers no matter > who controls those identifiers. What is more dynamic and more closely > related to the real world happenings are the verifiable credentials. When a > corporation is bought by another there must be an interaction with the > Corporate Registrar to deal with credentials. This purchasing corporation > may, likely will, create new relationships (DIDs) and perhaps have ways to > have the verifiable credentials of the purchased company transferred to > them with the proper new legal name etc. > > Anyway, I think it better to separate the DID (addressing space) from the > verifiable credential (business space). > > My thoughts. > J > > > > On 2018-06-01, 6:12 AM, "Manu Sporny" <msporny@digitalbazaar.com> wrote: > > On 05/31/2018 07:15 AM, Kettunen Antti J wrote: > > Manu, this sounds a really interesting use case. The Corporate > > identifiers is a huge topic, since it touches on a vast number of > > additional use cases, like representation rights, founding > > documents, share ownership, etc. > > Yes, cryptographic corporate identifiers seem to be a very common use > of > Decentralized Identifiers. The process seems to be: > > 1. Organization gets a DID. > 2. Government issues a Verifiable Credential for the DID. > 3. DID + VC is used to perform some task. > > > Do you think these use cases should be separate, or should we > > collaborate on this? > > I think they are separate use cases that depend on the same three steps > above and I think you should submit your use case as well. We can > always > combine use cases later, but I think the most interesting thing about > your use case is that the DID is used in a different set of industries > and for a different set of purposes than the one I mentioned. > > Part of the purpose of these use cases is to demonstrate to the W3C > Membership (400+ organizations) that this technology has broad > applications and in order to do that, we need to show its use in a very > diverse set of market verticals and business processes as possible. > > -- manu > > -- > Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny) > Founder/CEO - Digital Bazaar, Inc. > blog: Veres One Decentralized Identifier Blockchain Launches > https://tinyurl.com/veres-one-launches > > > >
Received on Saturday, 2 June 2018 16:48:41 UTC