Unique Personhood Requirement for some DID Use Cases from Christopher Allen on 2018-06-12 (public-credentials@w3.org from June 2018)

From: Christopher Allen <ChristopherA@lifewithalacrity.com>
Date: Tue, 12 Jun 2018 11:29:21 -0700
To: Bohdan Andriyiv <bohdan.andriyiv@validbook.org>
Cc: Credentials Community Group <public-credentials@w3.org>, Nicolas Gailly <nikkolasg@gmail.com>, Phil Barker <phil.barker@pjjk.co.uk>, "bryan.ford@epfl.ch" <bryan.ford@epfl.ch>, "eleftherios.kokoriskogias@epfl.ch" <eleftherios.kokoriskogias@epfl.ch>, "linus.gasser@epfl.ch" <linus.gasser@epfl.ch>, "maria.borgechavez@epfl.ch" <maria.borgechavez@epfl.ch>, "philipp.jovanovic@epfl.ch" <philipp.jovanovic@epfl.ch>
Message-ID: <CACrqygAsRSWfq6=wBvPMpy1h0ta6hJTp+j9Z1TGWwG4KQwMwjw@mail.gmail.com>

A number of DID (Decentralized Indentifier)  use cases being discussed here
seem to explicitly or implicitly require unique personhood, in particular
scenarios requiring voting.

Personally I call this “Proof of Unique Natural pPerson in a Context”.
Given a context (say member of W3C) there is one, and only one, unique
natural person representing each membership. I believe that it is possible
to do this in a privacy preserving way using web-of-trust claims that is
statistically highly accurate (99%+) though not absolutely
deterministically, which I believe to be sufficient for many voting
scenarios.

There has also been some research on the topic of unique personhood that
I’ve been interested in, mostly related my hopes for pseudonymous
web-of-trust support in the DID BTCR Method & Verifiable Claims.

These ideas are talked about the academic paper  “Proof of Personhood” from
Bryan Ford’s Group at EPFL in Switzerland.

https://www.zerobyte.io/publications/2017-BKJGGF-pop.pdf

Also pseudonym parties:
http://ww.bford.info/log/2007/0327-PseudonymParties.pdf

Maybe we should schedule an upcoming W3C Credentials CG
https://w3c-ccg.github.io meeting on the topic of unique personhood, and
get Bryan (or someone from his team) to present, along with Bohdan’s
thoughts on unique identity (SURLHI - Statement of Unique Representation of
Living Human Individual), and my hopes for BTCR.

I also would love to have something basic that is implementable to test
using DID BTCR architectures by #RebootingWebOfTrust for week of September
in 24th in Toronto. Maybe a pseudonym party!

— Christopher Allen

On Tue, Jun 12, 2018 at 10:35 AM Bohdan Andriyiv <
bohdan.andriyiv@validbook.org> wrote:

> Presumably there is a use case for someone to be able to assert that their
>> DID represents the same person as an ORCID or ISNI?
>
>
>
> We do this on Validbook by using Validbook Statement of Ownership.
> Basically, this is a Verifiable Credential with evidence that you control
> some digital asset. Where evidence is a satisfaction of some challenge -
> publish random number on or by using that digital asset.
> Mainly, these Statements of Ownership are used to prove that DID/SSI
> controls social networking account or blog, but of course they can be used
> to assert ownership over ORCID, ISNI also.
>
> Bohdan
>
> On Tue, Jun 12, 2018 at 8:09 PM, Phil Barker <phil.barker@pjjk.co.uk>
> wrote:
>
>> Presumably there is a use case for someone to be able to assert that
>> their DID represents the same person as an ORCID or ISNI?
>>
>> Phil
>>
>> On 12/06/18 18:03, Steven Rowat wrote:
>>
>> On 2018-06-12 8:50 AM, Siegman, Tzviya wrote:
>>
>> Hi All,
>>
>> I’m seeing a lot of use cases for persistent identifiers for people. In
>> the STEM world, the ORCID [1] is widely used. Some publishers (like the one
>> I work for) require authors to have an ORCID. There is an overlapping
>> system called ISNI [2]. These are real-world scenarios that already have
>> ecosystems supporting them.
>>
>>
>> That's very interesting, and the Wikipedia page for it shows that it's
>> widespread and increasing rapidly.
>>
>> https://en.wikipedia.org/wiki/ORCID
>>
>> But it seems to me that it's happening at a different logical layer than
>> DID, and that DID will have different capabilities; and so both could be
>> used together if DID becomes widespread.
>>
>> For example, the ORCHID doesn't appear to support pseudonymous use, or
>> multiple use, or to be safe for web commerce (via public/private keys); or
>> Self-Sovereign Identity in general; the control of the data is by the
>> ORCHID organization, which is centralized.
>>
>> These are just first impressions; perhaps I'm mistaken. But I don't think
>> it's solving the same problem DID can potentially solve. ORCHID appears to
>> be for researchers embedded in institutions who are using publisher
>> organizations, whereas DID is attempting to be useful -- though admittedly
>> in a similar way at some points -- for everybody on the internet.
>>
>> Steven
>>
>>
>>
>> Tzviya
>>
>> [1] https://orcid.org/
>>
>> [2] http://www.isni.org/
>>
>> *Tzviya Siegman*
>>
>> Information Standards Lead
>>
>> Wiley
>>
>> 201-748-6884
>>
>> tsiegman@wiley.com <mailto:tsiegman@wiley.com> <tsiegman@wiley.com>
>>
>>
>>
>> --
>>
>> Phil Barker <http://people.pjjk.net/phil>. http://people.pjjk.net/phil
>> PJJK Limited <https://www.pjjk.co.uk>: technology to enhance learning;
>> information systems for education.
>> CETIS LLP <https://www.cetis.org.uk>: a cooperative consultancy for
>> innovation in education technology.
>>
>> PJJK Limited is registered in Scotland as a private limited company,
>> number SC569282.
>> CETIS is a co-operative limited liability partnership, registered in
>> England number OC399090
>>
>

Received on Tuesday, 12 June 2018 18:30:00 UTC