W3C home > Mailing lists > Public > public-credentials@w3.org > November 2018

Re: Seeking to update Decentralized Identity related slides

From: Snorre Lothar von Gohren Edwin <snorre@diwala.io>
Date: Wed, 7 Nov 2018 19:36:01 +0100
Message-ID: <CAE8zwO0uLDEE7LacimmcXZFK28QqCauAnV3c5xEOPnMtnJan8w@mail.gmail.com>
To: David.Challener@jhuapl.edu
Cc: kim@learningmachine.com, kevin@kiva.org, Moses Ma <moses.ma@futurelabconsulting.com>, swcurran@cloudcompass.ca, markus@danubetech.com, Credentials CG <public-credentials@w3.org>
Can someone explain to me what the procedure of taking this to another
thread is?
I would like to answer David, but to not clutter up the current reason.
It might be a good discussion to exactly why DIDs are needed in this use
case.
It was once again just an answer directly to me so I would like to create a
new thread or discussion arena on it.
Transparency for the win 🎉

"No – just trying to understand.

I would think there are a lot of ways to fix this including:

1)     A webpage with a digital pub key for the university that can be used
to look up a transcript (password given to user)

2)     Digital signature over the transcript

A quick note – it appears the university of Illinois is doing 2), sent at
the request of the student to the place they have asked.



DiDs don’t seem to be required. (U of I isn’t using them).



Why does the admin have to take 6 months every time they get the piece of
paper with the shiny stickers? I assume that fraud is a real problem in
this country, and phones don’t work for some reason (call the university
and ask if the GPA/ major, and a few other things on the doc are correct),
but this still seems really excessive.



I do know of cases where people got a job saying they had a degree they did
not have – but I just assumed that HR didn’t do due diligence."

On Wed, Nov 7, 2018 at 7:00 PM Snorre Lothar von Gohren Edwin <
snorre@diwala.io> wrote:

> Are you deliberately just responding to me David? Let me know and I will
> stop reply to all. But i think this is important information for everybody,
> based on the discussion.
>
> "So if they have computers, why does it take 6 months to respond to a
> request for a transcript?
>
> Do they have computers, but no printers?"
>
>
> So the procedure in that country is that it is not allowed to just print a
> transcript. That is because they want high trust. There have been many
> fraud attempts, and this is the schools reputation.
>
> What takes time is the administrative to acctually go through the process
> of getting that special piece of paper with the watermarks, and shiny
> stickers, because that created trust.
>
> So, since all have mobiles, and there are computers, how can you verify
> something that creates trust, without having to go via the physical world?
>
> I think this sounds like a case for DID and VC`s?
>
> On Wed, Nov 7, 2018 at 6:44 PM Snorre Lothar von Gohren Edwin <
> snorre@diwala.io> wrote:
>
>> I would like to include in the collaborative discussion this answer:
>>
>> "So if it takes 6 months to get a transcript, I think there is a
>> different and very big problem to work on.  And DiDs probably won’t help in
>> this case (How long do you think it would take to get computers set up in
>> this school?)"
>>
>> My response to this is that, yes there are different root problems that
>> need to be worked on, but assuming they dont have computers, is ignorant.
>> They are mobile first country, they use less cash than whats going on in
>> the USA.
>> They are ready for a leapfrog of trusted tech to be able to build up
>> their infrastructure in a more digital way.
>> We are currently working in that country and see a massive readiness to
>> adopt this technology.
>>
>>
>> On Wed, Nov 7, 2018 at 6:07 PM Kevin O'Brien <kevin@kiva.org> wrote:
>>
>>> Having previously worked for a large university system, specifically on
>>> their transcript system, I can say that at least California state schools
>>> have no real interest in running their own transcript services. We also
>>> certainly didn't make money off of the transcripts.
>>>
>>> So, I think the transcript example is appropriate, although how much of
>>> a problem it is a fair question worth asking. As well, convincing said
>>> schools to do things in a new way would be a difficult challenge to
>>> overcome and the value proposition at the current point in time would be
>>> unlikely to be valuable enough to try such an endeavor. But through the
>>> work of folks like people such as yourselves I imagine it will get there
>>> some day :)
>>>
>>> On Wed, Nov 7, 2018 at 8:55 AM, Kim Hamilton Duffy <
>>> kim@learningmachine.com> wrote:
>>>
>>>> David Challener: those are common misconceptions. Re administrative
>>>> paperwork fees — that is negligible and just meant to cover the costs.
>>>>
>>>> As to angry alumni, I’ll skip to the punchline. Learning Machine has
>>>> university customers who think of these as features that delight their
>>>> alumni.
>>>>
>>>> P.s. it’s the education clearing houses that won’t like it
>>>>
>>>> On Wed, Nov 7, 2018 at 7:57 AM Snorre Lothar von Gohren Edwin <
>>>> snorre@diwala.io> wrote:
>>>>
>>>>> If you look at the world in whole, there is a problem.
>>>>> In Kamapala, Uganda some schools take 6 months to get transcripts to
>>>>> the user.
>>>>> What about Syria, what if the school is acctually bombed and you can't
>>>>> get a new transcript. Then a digital version of it with signatures from an
>>>>> earlier existed school is very powerfull, with the possibility to add news
>>>>> about what happened to the school.
>>>>> Is all these crazy techniques of watermark and other fancy paper
>>>>> uniquness the way we want to continue?
>>>>>
>>>>>
>>>>> On Wed, Nov 7, 2018 at 4:25 PM Challener, David C. <
>>>>> David.Challener@jhuapl.edu> wrote:
>>>>>
>>>>>> I don’t like this use case because I don’t think it is really viable.
>>>>>>
>>>>>> The university will not want to be disintermediated from its alumni.
>>>>>>
>>>>>> The university will not want to make its alumni angry.
>>>>>>
>>>>>> The university will not want to give up the money they make when they
>>>>>> give out transcripts.
>>>>>>
>>>>>>
>>>>>>
>>>>>> I just checked the U. of Ill. Technique and it is really easy to get
>>>>>> a transcript, so it isn’t clear there is a problem that needs to be solved
>>>>>> here anyway.
>>>>>>
>>>>>>
>>>>>>
>>>>>> *From:* Kim Hamilton Duffy <kim@learningmachine.com>
>>>>>> *Sent:* Wednesday, November 07, 2018 1:36 AM
>>>>>> *To:* Moses Ma <moses.ma@futurelabconsulting.com>
>>>>>> *Cc:* Stephen Curran <swcurran@cloudcompass.ca>; Markus Sabadello <
>>>>>> markus@danubetech.com>; Public-Credentials <public-credentials@w3.org
>>>>>> >
>>>>>> *Subject:* Re: Seeking to update Decentralized Identity related
>>>>>> slides
>>>>>>
>>>>>>
>>>>>>
>>>>>> About the DID value proposition, I think it is an easier sell in the
>>>>>> edu space because people accept certain things as axiomatic and this line
>>>>>> of reasoning (almost) always conveys it:
>>>>>> 1. You earned the degree, credential, etc. It should be shareable and
>>>>>> verifiable for your lifetime. There are some special cases (fraud,
>>>>>> mistakes) that require revocation, and some training requires
>>>>>> expiration/renewal, but in general people are primed to expect lifelong
>>>>>> ownership.
>>>>>> 2. The common verification processes have clear inefficiencies, and
>>>>>> ...(varying description for lay audiences) ... cryptographic techniques help
>>>>>> 3. If you buy into #2, long term key management is clearly a pressing
>>>>>> problem
>>>>>> 4. DIDs -> key lifecycle is a first class citizen
>>>>>>
>>>>>> Some of our working examples (drivers licenses, claims associated
>>>>>> with a social security numbers) don’t prime people with this frame of mind.
>>>>>> To Moses’s point, if we lead with examples like ID cards, our typical
>>>>>> business audiences think everything is fine except for when (seemingly
>>>>>> rare) bad incidents happen, e.g. equifax, personal identity theft. This
>>>>>> “when bad things happen” angle is often perceived as creating problems that
>>>>>> don’t exist, that apply to other people, or generally something that can be
>>>>>> put off. I’d imagine that getting audience-specific metrics is the only
>>>>>> convincing way forward.
>>>>>>
>>>>>> On Tue, Nov 6, 2018 at 10:01 AM Moses Ma <
>>>>>> moses.ma@futurelabconsulting.com> wrote:
>>>>>>
>>>>>> Hi Stephen et al,
>>>>>>
>>>>>>
>>>>>>
>>>>>> I’m an “innovation coach” and what I usually tell my clients or
>>>>>> audience is that the key to radical innovation is to look for something
>>>>>> that everyone sees as working just fine... but is actually broken. There is
>>>>>> no better  example of this phenomena than Internet identity, which is truly
>>>>>> broken, but everyone (but us DID revolutionaries) sees as situation normal.
>>>>>>
>>>>>>
>>>>>>
>>>>>> This corresponds with my slide titled “The Internet is Broken (and
>>>>>> it’s not Kim Kardashian’s fault)”
>>>>>>
>>>>>>
>>>>>>
>>>>>> The slides that follow propose that this is actually one of the the
>>>>>> greatest opportunity spaces in decades for blue ocean innovation.
>>>>>>
>>>>>>
>>>>>>
>>>>>> That usually gets the attention of enterprise customers.
>>>>>>
>>>>>>
>>>>>>
>>>>>> Moses
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> *Moses Ma | FutureLab Consulting Inc*
>>>>>>
>>>>>> moses@ngenven.com |moses.ma@futurelabconsulting.com
>>>>>>
>>>>>> *v* +1.415.952.7888 <(415)%20952-7888> | *m*+1.415.568.1068
>>>>>> <(415)%20568-1068> | *skype* mosesma
>>>>>>
>>>>>> *blog & social media: *my blog at psychologytoday.com
>>>>>> <http://www.psychologytoday.com/blog/the-tao-innovation> | linkedin
>>>>>> <http://www.linkedin.com/in/mosesma> | facebook
>>>>>> <http://www.facebook.com/moses.t.ma> | twitter
>>>>>> <http://twitter.com/mosesma>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Nov 6, 2018 at 9:42 AM, <Stephen Curran <swcurran@cloudcompass.ca>>
>>>>>> wrote:
>>>>>>
>>>>>> For an audience relatively new to the space, or for a less technical
>>>>>> audience, I start with the business/online existence problems people face
>>>>>> to ground the discussion. I did the Hyperledger Indy chapter for an edX
>>>>>> course and tried to start with DIDs and then to VCs and found it very
>>>>>> difficult to get to the "why this matters" point. Once I changed to start
>>>>>> with the business problem and how the use of DIDs and especially VCs
>>>>>> addressed the problems (and more), the understanding and importance was
>>>>>> grasped. At least I think it was :-).
>>>>>>
>>>>>>
>>>>>>
>>>>>> *Stephen Curran*
>>>>>>
>>>>>> Cloud Compass Computing, Inc (C3I)
>>>>>>
>>>>>> P: Cell: 250-857-1096
>>>>>>
>>>>>> W: http://cloudcompass.ca
>>>>>>
>>>>>> On Nov 5 2018, at 10:46 pm, Markus Sabadello <markus@danubetech.com>
>>>>>> wrote:
>>>>>>
>>>>>>
>>>>>>
>>>>>> On the technology/architecture side, when I do talks I usually start
>>>>>>
>>>>>> with DIDs, and then mention VCs after that.
>>>>>>
>>>>>>
>>>>>>
>>>>>> I find DIDs and why they are needed as a basis for everything else
>>>>>>
>>>>>> rather easy to explain. But I also feel that explaining SSI = DIDs +
>>>>>> VCs
>>>>>>
>>>>>> is a very simplified summary of what we're doing, and much more work
>>>>>>
>>>>>> will be needed on data models, protocols, etc. We're only at the
>>>>>>
>>>>>> beginning of building that architecture consisting not only of DIDs +
>>>>>>
>>>>>> VCs, but also DID Auth, agents, hubs, personal clouds, petnames,
>>>>>>
>>>>>> capabilities, key management, ZKPs, and more.
>>>>>>
>>>>>>
>>>>>>
>>>>>> "DIDs Unique Selling Proposition" looks like an interesting CCG
>>>>>> agenda item.
>>>>>>
>>>>>>
>>>>>>
>>>>>> Thanks for sharing your slides, that's great and I also plan to re-use
>>>>>>
>>>>>> some of them in upcoming events!
>>>>>>
>>>>>>
>>>>>>
>>>>>> Did they record your talk in Zurich?
>>>>>>
>>>>>>
>>>>>>
>>>>>> Markus
>>>>>>
>>>>>>
>>>>>>
>>>>>> On 11/6/18 12:54 AM, Christopher Allen wrote:
>>>>>>
>>>>>> Thank you everyone for sharing your slides! Very helpful, though there
>>>>>>
>>>>>> were many good ideas elsewhere I was unable to puzzle how to fit in.
>>>>>>
>>>>>> Next time.
>>>>>>
>>>>>>
>>>>>>
>>>>>> I did succeed in updating a lot of the terminology for my talk tonight
>>>>>>
>>>>>> in Zurich to the latest language & integrated at least a few of the
>>>>>>
>>>>>> better approaches from others that I felt were more effective than my
>>>>>>
>>>>>> own. Also, many thanks to Joe & Markus who reviewed over the weekend
>>>>>>
>>>>>> an early draft.
>>>>>>
>>>>>>
>>>>>>
>>>>>> New to this talk is I explicitly separate the Ideology from the
>>>>>>
>>>>>> Architecture, and each could potentially stand alone. I agree with Joe
>>>>>>
>>>>>> that using the term “movement” rather than ideology is likely better,
>>>>>>
>>>>>> but I didn’t change it as the title of talk was already advertised
>>>>>>
>>>>>> (and I think I’d need new images).
>>>>>>
>>>>>>
>>>>>>
>>>>>> I received a lot of positive feedback here in Switzerland on the
>>>>>>
>>>>>> ideology part of the talk, but it still needs work. In particular I
>>>>>>
>>>>>> felt Kaliya’s social context recursive triad definition of identity
>>>>>>
>>>>>> leads better into DIDs than Joe’s functional identity definition. I
>>>>>>
>>>>>> like aspects of both but wasn’t able to integrate them.
>>>>>>
>>>>>>
>>>>>>
>>>>>> The Architecture section is weaker. I tried to explain why we focused
>>>>>>
>>>>>> on DIDs first, but it wasn’t as easy a coherent story to tell. Best
>>>>>>
>>>>>> I’ve done to date, but feel I lost even some of my tech audience
>>>>>> there.
>>>>>>
>>>>>>
>>>>>>
>>>>>> The story connection from DID Docs to VCs was particularly weak. Some
>>>>>>
>>>>>> tell the story VC first/DIDs second, and I can see why, but right now
>>>>>>
>>>>>> the DID story is more important. We know decentralized is important
>>>>>>
>>>>>> but we are not yet effective is saying why yet.
>>>>>>
>>>>>>
>>>>>>
>>>>>> A lot of stuff is missing in section on future work: not sure how to
>>>>>>
>>>>>> present things like pair-wise DIDs & selective disclosure when only
>>>>>>
>>>>>> one party plans to implement it. I work hard in my talks to be as
>>>>>>
>>>>>> impartial/agnostic to blockchains and avoid single vendor specific
>>>>>>
>>>>>> solutions as I can.
>>>>>>
>>>>>>
>>>>>>
>>>>>> My final slides from last night are at:
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> https://docs.google.com/presentation/d/15M0tdSS1dRMVdJdVgBlFap8JwiuFdvocZ0AAu7c1eBk
>>>>>>
>>>>>>
>>>>>>
>>>>>> I welcome comments, improvements, re-usage, etc.
>>>>>>
>>>>>>
>>>>>>
>>>>>> — Christopher Allen
>>>>>>
>>>>>> --
>>>>>>
>>>>>> Kim Hamilton Duffy
>>>>>>
>>>>>> CTO & Principal Architect Learning Machine
>>>>>>
>>>>>> Co-chair W3C Credentials Community Group
>>>>>>
>>>>>> kim@learningmachine.com
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>>
>>>>>
>>>>> *Snorre Lothar von Gohren Edwin*
>>>>> Co-Founder & CTO, Diwala
>>>>> +47 411 611  <+47%20404%2061%20926>94
>>>>> www.diwala.io
>>>>>
>>>> --
>>>> Kim Hamilton Duffy
>>>> CTO & Principal Architect Learning Machine
>>>> Co-chair W3C Credentials Community Group
>>>>
>>>> kim@learningmachine.com
>>>>
>>>
>>>
>>
>> --
>>
>>
>> *Snorre Lothar von Gohren Edwin*
>> Co-Founder & CTO, Diwala
>> +47 411 611  <+47%20404%2061%20926>94
>> www.diwala.io
>>
>
>
> --
>
>
> *Snorre Lothar von Gohren Edwin*
> Co-Founder & CTO, Diwala
> +47 411 611  <+47%20404%2061%20926>94
> www.diwala.io
>


-- 


*Snorre Lothar von Gohren Edwin*
Co-Founder & CTO, Diwala
+47 411 611  <+47%20404%2061%20926>94
www.diwala.io
Received on Wednesday, 7 November 2018 18:37:02 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:24:50 UTC