W3C home > Mailing lists > Public > public-credentials@w3.org > November 2018

RE: Seeking to update Decentralized Identity related slides

From: Neil Butters <nbutters@interac.ca>
Date: Wed, 7 Nov 2018 14:29:13 +0000
To: Kim Hamilton Duffy <kim@learningmachine.com>, Moses Ma <moses.ma@futurelabconsulting.com>
CC: Stephen Curran <swcurran@cloudcompass.ca>, Markus Sabadello <markus@danubetech.com>, Public-Credentials <public-credentials@w3.org>
Hi, I’m relatively new to this group and have been following from afar.  We at Interac have been using a similar angle as Kim as to the value of DIDs.  Here’s a whitepaper we recently released on DID in Healthcare, as an example.  Although we are focused on the Canadian market, this topic of healthcare may not completely apply to our friends to the south and in other parts of the world, but there are aspects that I believe still do.


From: Kim Hamilton Duffy <kim@learningmachine.com>
Sent: November-07-18 1:36 AM
To: Moses Ma <moses.ma@futurelabconsulting.com>
Cc: Stephen Curran <swcurran@cloudcompass.ca>; Markus Sabadello <markus@danubetech.com>; Public-Credentials <public-credentials@w3.org>
Subject: Re: Seeking to update Decentralized Identity related slides

About the DID value proposition, I think it is an easier sell in the edu space because people accept certain things as axiomatic and this line of reasoning (almost) always conveys it:
1. You earned the degree, credential, etc. It should be shareable and verifiable for your lifetime. There are some special cases (fraud, mistakes) that require revocation, and some training requires expiration/renewal, but in general people are primed to expect lifelong ownership.
2. The common verification processes have clear inefficiencies, and ...(varying description for lay audiences) ... cryptographic techniques help
3. If you buy into #2, long term key management is clearly a pressing problem
4. DIDs -> key lifecycle is a first class citizen

Some of our working examples (drivers licenses, claims associated with a social security numbers) don’t prime people with this frame of mind. To Moses’s point, if we lead with examples like ID cards, our typical business audiences think everything is fine except for when (seemingly rare) bad incidents happen, e.g. equifax, personal identity theft. This “when bad things happen” angle is often perceived as creating problems that don’t exist, that apply to other people, or generally something that can be put off. I’d imagine that getting audience-specific metrics is the only convincing way forward.

On Tue, Nov 6, 2018 at 10:01 AM Moses Ma <moses.ma@futurelabconsulting.com<mailto:moses.ma@futurelabconsulting.com>> wrote:
Hi Stephen et al,

I’m an “innovation coach” and what I usually tell my clients or audience is that the key to radical innovation is to look for something that everyone sees as working just fine... but is actually broken. There is no better  example of this phenomena than Internet identity, which is truly broken, but everyone (but us DID revolutionaries) sees as situation normal.

This corresponds with my slide titled “The Internet is Broken (and it’s not Kim Kardashian’s fault)”

The slides that follow propose that this is actually one of the the greatest opportunity spaces in decades for blue ocean innovation.

That usually gets the attention of enterprise customers.


Moses Ma | FutureLab Consulting Inc

moses@ngenven.com<mailto:moses@ngenven.com> |moses.ma@futurelabconsulting.com<mailto:moses.ma@futurelabconsulting.com>

v +1.415.952.7888<tel:(415)%20952-7888> | m+1.415.568.1068<tel:(415)%20568-1068> | skype mosesma

blog & social media: my blog at psychologytoday.com<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.psychologytoday.com_blog_the-2Dtao-2Dinnovation&d=DwMFaQ&c=5gprImo1iii6-dVgMR0yEg&r=SEtGGf8yKFhGUk7XCH6gEixS4RKOv_i5a6ZZ6RES0sg&m=88wBm5oi-MqBV6oeuoC57R_iJ1P1V0SbsmluNp2xK1k&s=PCDOjjQOYc9z2Y-8iUt2SU8uJ1af3Vt4C7dVXrzlV10&e=> | linkedin<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.linkedin.com_in_mosesma&d=DwMFaQ&c=5gprImo1iii6-dVgMR0yEg&r=SEtGGf8yKFhGUk7XCH6gEixS4RKOv_i5a6ZZ6RES0sg&m=88wBm5oi-MqBV6oeuoC57R_iJ1P1V0SbsmluNp2xK1k&s=OQaHNvu8l6hvHtU8FdGbd9cZYtVQ-upflKVLzB0Ew-M&e=> | facebook<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.facebook.com_moses.t.ma&d=DwMFaQ&c=5gprImo1iii6-dVgMR0yEg&r=SEtGGf8yKFhGUk7XCH6gEixS4RKOv_i5a6ZZ6RES0sg&m=88wBm5oi-MqBV6oeuoC57R_iJ1P1V0SbsmluNp2xK1k&s=RoNO_Q-G2JdbWEsYppplKzeGpn-8p9jLaeHy33v_yJY&e=> | twitter<https://urldefense.proofpoint.com/v2/url?u=http-3A__twitter.com_mosesma&d=DwMFaQ&c=5gprImo1iii6-dVgMR0yEg&r=SEtGGf8yKFhGUk7XCH6gEixS4RKOv_i5a6ZZ6RES0sg&m=88wBm5oi-MqBV6oeuoC57R_iJ1P1V0SbsmluNp2xK1k&s=j8FSmluu5okrr22A_-rWrdWF51BimTaKQJRF5wmd4y4&e=>

On Nov 6, 2018 at 9:42 AM, <Stephen Curran<mailto:swcurran@cloudcompass.ca>> wrote:
For an audience relatively new to the space, or for a less technical audience, I start with the business/online existence problems people face to ground the discussion. I did the Hyperledger Indy chapter for an edX course and tried to start with DIDs and then to VCs and found it very difficult to get to the "why this matters" point. Once I changed to start with the business problem and how the use of DIDs and especially VCs addressed the problems (and more), the understanding and importance was grasped. At least I think it was :-).

Stephen Curran
Cloud Compass Computing, Inc (C3I)

P: Cell: 250-857-1096<tel:Cell:%20250-857-1096>
W: http://cloudcompass.ca<https://urldefense.proofpoint.com/v2/url?u=http-3A__cloudcompass.ca&d=DwMFaQ&c=5gprImo1iii6-dVgMR0yEg&r=SEtGGf8yKFhGUk7XCH6gEixS4RKOv_i5a6ZZ6RES0sg&m=88wBm5oi-MqBV6oeuoC57R_iJ1P1V0SbsmluNp2xK1k&s=nEsm5LqLF00JBZuXCepv8T1YMtn-8k83gKLECKr-fAc&e=>

On Nov 5 2018, at 10:46 pm, Markus Sabadello <markus@danubetech.com<mailto:markus@danubetech.com>> wrote:

On the technology/architecture side, when I do talks I usually start
with DIDs, and then mention VCs after that.

I find DIDs and why they are needed as a basis for everything else
rather easy to explain. But I also feel that explaining SSI = DIDs + VCs
is a very simplified summary of what we're doing, and much more work
will be needed on data models, protocols, etc. We're only at the
beginning of building that architecture consisting not only of DIDs +
VCs, but also DID Auth, agents, hubs, personal clouds, petnames,
capabilities, key management, ZKPs, and more.

"DIDs Unique Selling Proposition" looks like an interesting CCG agenda item.

Thanks for sharing your slides, that's great and I also plan to re-use
some of them in upcoming events!

Did they record your talk in Zurich?


On 11/6/18 12:54 AM, Christopher Allen wrote:
Thank you everyone for sharing your slides! Very helpful, though there
were many good ideas elsewhere I was unable to puzzle how to fit in.
Next time.

I did succeed in updating a lot of the terminology for my talk tonight
in Zurich to the latest language & integrated at least a few of the
better approaches from others that I felt were more effective than my
own. Also, many thanks to Joe & Markus who reviewed over the weekend
an early draft.

New to this talk is I explicitly separate the Ideology from the
Architecture, and each could potentially stand alone. I agree with Joe
that using the term “movement” rather than ideology is likely better,
but I didn’t change it as the title of talk was already advertised
(and I think I’d need new images).

I received a lot of positive feedback here in Switzerland on the
ideology part of the talk, but it still needs work. In particular I
felt Kaliya’s social context recursive triad definition of identity
leads better into DIDs than Joe’s functional identity definition. I
like aspects of both but wasn’t able to integrate them.

The Architecture section is weaker. I tried to explain why we focused
on DIDs first, but it wasn’t as easy a coherent story to tell. Best
I’ve done to date, but feel I lost even some of my tech audience there.

The story connection from DID Docs to VCs was particularly weak. Some
tell the story VC first/DIDs second, and I can see why, but right now
the DID story is more important. We know decentralized is important
but we are not yet effective is saying why yet.

A lot of stuff is missing in section on future work: not sure how to
present things like pair-wise DIDs & selective disclosure when only
one party plans to implement it. I work hard in my talks to be as
impartial/agnostic to blockchains and avoid single vendor specific
solutions as I can.

My final slides from last night are at:


I welcome comments, improvements, re-usage, etc.

— Christopher Allen
Kim Hamilton Duffy
CTO & Principal Architect Learning Machine
Co-chair W3C Credentials Community Group

Received on Wednesday, 7 November 2018 14:37:47 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:24:50 UTC