Re: Seeking to update Decentralized Identity related slides

Hi David,

- I purposely did not mention DID in my description.
- I do think we need to be clear about the scope of the VC data model and
understand whether the VC standard is improving on the current use of
certificates.
- The prescription VC use case brings with it very important revocation
issues (can a VC be revoked by a joint decision of the subject and the
verifier when the prescription is filled?) or must VC revocation always go
through the issuer?
- There could be privacy benefits to using the VC specification instead of
current certificates.

Adrian

On Thu, Nov 8, 2018 at 9:50 AM Challener, David C. <
David.Challener@jhuapl.edu> wrote:

> Hi Adrian –
>
> This one has potential, but I wonder if the solution shouldn’t be easier:
>
> The licensing authority gives the physician a cert for his key, and he
> uses that key (with cert) when signing a prescription.
>
> The pharmacy checks the cert has not be revoked by checking the
> certificate revocation server when filling the prescription. (That server
> is in the certificate.)
>
>
>
> This is better than anything “permanent” on the DiD, because if it is
> found the physician is prescribing huge amounts of opioids, his license can
> be easily yanked.
>
> Also all the software necessary to implement it has been around forever.
>
>
>
> *From:* Adrian Gropper <agropper@healthurl.com>
> *Sent:* Wednesday, November 07, 2018 6:34 PM
> *To:* Christopher Allen <ChristopherA@lifewithalacrity.com>
> *Cc:* W3C Credentials Community Group <public-credentials@w3.org>
> *Subject:* Re: Seeking to update Decentralized Identity related slides
>
>
>
> I explain the design and economic impact of decentralized identity from a
> physician's perspective:
>
>
>
> - the root value proposition is that a physician can write a prescription
> and charge for it
>
> - the prescription is a VC with the patient as subject and the licensed
> physician as issuer
>
> - the pharmacy, as inspector, decides if the (decentralized) identity
> system implied in the prescription VC is sufficient to keep the physician
> accountable and them, the pharmacy, out of trouble
>
> - working backwards, the physician as subject is licensed and accountable
> based on a separate VC issued by the state
>
>
>
> Decentralized identity simply means that only two institutions are
> involved in the value chain: the pharmacy and the state license authority.
>
>
>
> Adrian
>
>
>
>
>
>
>
> On Wed, Nov 7, 2018 at 3:17 PM Christopher Allen <
> ChristopherA@lifewithalacrity.com> wrote:
>
> On Wed, Nov 7, 2018 at 4:25 PM Challener, David C. <
> David.Challener@jhuapl.edu> wrote:
>
> I don’t like this use case because I don’t think it is really viable.
>
> The university will not want to be disintermediated from its alumni.
>
> The university will not want to make its alumni angry.
>
> The university will not want to give up the money they make when they give
> out transcripts.
>
>
>
> I just checked the U. of Ill. Technique and it is really easy to get a
> transcript, so it isn’t clear there is a problem that needs to be solved
> here anyway.
>
>
>
> The story of my experience with educational institutions is quite
> different.
>
>
>
> I taught for 5 years at Bainbridge Graduate Institute (bgi.edu), in a
> sustainable (aka "green") MBA program. Over 200 alumni of my classes paid
> in excess of $60-90K to get their MBAs from an accredited school.
>
>
>
> However, in the years since they changed their name to Pinchot.edu, and
> due to rules about .edu had to relinquish the bgi.edu name.  All old
> email addresses, including my own don't work. No forwarding is allowed by
> the .edu gTLD. If X.509 certificates had been issued the too probably would
> no longer function.
>
>
>
> Worse, more recently the school as a whole was "acquired" by Presidio.edu,
> which has a different executive and academic leadership team. So once
> again, all email & certificates for Pinchot.edu nee BGI.edu are invalid. In
> fact, someone now has somehow poached the Pinchot.edu name and it redirects
> to a commercial website. Despite being a former teacher of BGI,
> Presidio.edu will not give me an email address unless I am a current
> teacher, current student, or graduated alumni. Thus I can no longer respond
> to a variety of academic documents as well as alumni requests. Fortunately,
> those who need it can still find me.
>
>
>
> Presidio is rumored to be in financial trouble, so yet again all my
> students will become digital refugees if the world wants a digital
> credential for their MBAs. Yet the students did the work, met the
> requirements, paid for the work, the institution(s) themselves at the time
> of graduation were properly accredited, etc.
>
>
>
> As the education industry is increasingly going through a transition
> and/or disintermediation, these type of incidents will only become more
> common. Education credentials with various timestamps demonstrating that
> the credentials were valid when issued I believe are an important use case.
>
>
>
> -- Christopher Allen
>
>
>
>
>
>
> --
>
>
>
> Adrian Gropper MD
>
> PROTECT YOUR FUTURE - RESTORE Health Privacy!
> HELP us fight for the right to control personal health data.
>
> DONATE: https://patientprivacyrights.org/donate-3/
>
-- 

Adrian Gropper MD

PROTECT YOUR FUTURE - RESTORE Health Privacy!
HELP us fight for the right to control personal health data.
DONATE: https://patientprivacyrights.org/donate-3/