- From: John, Anil <anil.john@hq.dhs.gov>
- Date: Tue, 2 Oct 2018 21:16:29 +0000
- To: Manu Sporny <msporny@digitalbazaar.com>, Credentials Community Group <public-credentials@w3.org>
- Message-ID: <88DC30CCB7BA984096DFCAF8C642DAAE79D23493@D2ASEPREA023>
Manu and W3C Credential Community Working Group, I do not have access to Google Drive/Forms from my org infrastructure, so am not able to fill in the information in the format requested. However, I would be remiss in my duty as the person who has been managing the Blockchain Security and Privacy R&D portfolio for the U.S. Department of Homeland Security for the last 3+ years, if I did not convey why the ultimate standardization of specifications around Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs) is important and articulate why we have funded, supported and championed the work in this area particularly when it comes to their application to Blockchain and distributed ledger technologies. Attached you will find the history of our work and contributions in this area, the lessons learned from our experience, and what specifications and work we are moving out on based on those lessons learned. Of particular relevance to what you asked for is our concern that in the race to achieve technological advantage and market share by technology providers, we see the potential for the development of “walled gardens” or closed technology platforms that do not support common standards for security, privacy, and data exchange. This would limit the growth and availability of a competitive marketplace of diverse, interoperable solutions for government and industry to draw upon to deliver cost effective and innovative services based on Blockchain and distributed ledger technologies. And we, similar to any large Enterprise that needs to interoperate globally, are very interested in ensuring that we are not locked into a particular technology vendor or stack as we harness and utilize innovative technologies. Innovation should be built on a foundation of interoperability, or to put it more bluntly, the value add of a vendor's "magic sauce" is fine provided it is built on top of standards that ensure interoperability. Otherwise it is simply an opportunity to walk an organization into a corner and give them no choice in what to do next. Creating this diverse, innovative and interoperable future means to support the development of globally available standards that are openly developed, royalty free, and free to implement to ensure interoperability across systems while ensuring there is no vendor lock-in. In this space, and for our use cases, those include: 1) Decentralized Identifiers (DIDs) via World Wide Web Consortium (W3C) Standardization Process 2) Verifiable Credential Data Model via W3C Standardization Process I will also note that unlike many, we have put in time, treasure and resources in support of this future by (1) funding and supporting the DID and VC standardization work (2) utilizing early versions of those interoperability specifications in our implementations and (3) by committing to provide lessons learned from those experiences to the standardization work at W3C to ensure that the ultimate standards incorporate real operational needs. In addition, based on internal work and analysis, U.S. Customs and Border Protection (the largest Customs Organization on the face of this planet) recently made an explicit decision to "... adopt the specifications ... as a CBP standard" (See slide 19 of attached) when it comes to using any type of Blockchain or Distributed Ledger technologies. We are going down this path because we believe that this good for us, good for our public and private sector partners, and for the public good to have a competitive, diverse and innovative but interoperable market-place of products and solutions we can all draw upon as we build systems, services and solutions. At the same time, I will caveat the above noted support with a note of caution. The support above should not in any way be taken to be a blanket support for Blockchain/DLT technologies or some sort of offering at the Techno-Utopian alter of "Self-Sovereign Identity". That may be because I work for a Sovereign, so tend to have an understanding and appreciation of both its value and limitation. However, it is also the perspective of someone who has spent a considerable amount of time in the identity management domain over the years and simply see the "Blockchain Identity Movement" being driven more by the desires of Blockchain fans rather than by the understanding of Identity Experts <shrug> In particular, my caution and caveat revolves around the desire to attempt to re-invent the wheel when it comes to strong authentication technologies using Blockchain/DIDs etc. To be blunt, strong authentication is a standardized commodity. The work that has been done by FIDO and many others to implement standards such as UAF/U2F & OIDC combined with the baked in support for those standards by platforms and product vendors does not need to be re-invented! Instead it should be encouraged and leveraged. So let us not waste time and resources doing that, shall we? Feel free to ping me if you have any questions. Best Regards, - Anil Anil John Technical Director Silicon Valley Innovation Program Science and Technology Directorate US Department of Homeland Security Washington, DC, USA anil.john@hq.dhs.gov Email Response Time – 24 Hours -----Original Message----- From: Manu Sporny <msporny@digitalbazaar.com> Sent: Sunday, September 30, 2018 7:21 PM To: Credentials Community Group <public-credentials@w3.org> Subject: Need help demonstrating support for Decentralized Identifiers The W3C Technical Plenary is at the end of this month. A number of us are going to socialize the W3C Decentralized Identifier Working Group proposal at the meeting. In order for that meeting to be successful, we need your help to demonstrate support. We typically do this by collecting data to show what organizations are interested, which use cases they're interested in, and whether or not they'd join W3C to push the work forward. If you work for an organization that wants to see DIDs progress to an international standard, now is the time to show your support by filling out the following questionnaire: https://goo.gl/forms/Yg3kPYN5OjlSbowQ2 We need your response by the end of this week (or ASAP for larger organizations) in order to prepare and circulate the material we need in advance of W3C TPAC 2018. -- manu -- Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny) Founder/CEO - Digital Bazaar, Inc.
Attachments
- application/pdf attachment: DHS.ST.Blockchain_201800921.pdf
Received on Tuesday, 2 October 2018 21:18:42 UTC