Re: existing identifiers for people

John, (and Matt and Stephen and other contributors to this thread): I just
want to thank you for one of the most detailed and enlightening discussions
of DIDs and their relationship to Verifiable Credentials and both of their
relationship to real-world/human identity that I have seen.

John, IMHO it would be ideal if you could blog your posts or publish them
on Medium or some other place we could link to them.

Outstanding work, all of you.

=Drummond

On Tue, Jun 12, 2018 at 7:10 PM, Jordan, John CITZ:EX <John.Jordan@gov.bc.ca
> wrote:

> Fair enough. No system is perfect for sure.
>
> However we can employ a variety of techniques to mitigate these risks. We
> don’t have to rely on a single credential in the digital realm. We can have
> others. We can expire credentials. We can revoke them. All these actions
> are more immediate and close down the gaps in Time and space which
> currently provide opportunity for some undesirable things to happen and are
> often the source of friction from a service perspective.
>
>
> > On Jun 12, 2018, at 14:29, David Booth <david@dbooth.org> wrote:
> >
> > On 06/12/2018 04:44 PM, Jordan, John CITZ:EX wrote:> . . .
> > > it is a lot easier to forge a document than it is to forge
> > > a verifiable credential that makes use of the kinds of
> > > cryptographic technique enabled by DIDs and the fancy math!
> >
> > SIDE NOTE: I think it would be wise to maintain a healthy skepticism
> > about this claim.
> >
> > Although the fancy math and crypto may be very good indeed, a huge
> weakness that digital mechanisms always have is that, once any tiny
> vulnerability is found, that vulnerability can be silently and relentlessly
> attacked with massive automated computing power . . . rendering that tiny
> vulnerability not so tiny after all.
> >
> > David Booth
> >
> >
>

Received on Wednesday, 13 June 2018 03:52:37 UTC