Re: Prioritizing Individual Sovereignty over Interoperability from Justin Richer on 2019-05-13 (public-credentials@w3.org from May 2019)

From: Justin Richer <jricher@mit.edu>
Date: Mon, 13 May 2019 20:49:09 +0000
To: "Michael Herman (Parallelspace)" <mwherman@parallelspace.net>
CC: "public-credentials@w3.org" <public-credentials@w3.org>, Steven Rowat <steven_rowat@sunshine.net>
Message-ID: <01E3C7D6-D603-4A40-877B-EA40FF30A088@mit.edu>
I largely agree with this concern and have voiced it on several occasions. One of the biggest points of interoperability or non-interoperability of this spec is going to be around the mapping of method strings to actual resolution methods — not to mention the issue of verifying the resolution having taken place (as Joe mentioned).

It’s absolutely true that DNS is decentralized. I can set up my own root server and set everything on my network to point to it, and then that’s all they’ll ever see. There are plenty of air-gapped networks that do exactly this. But this group is not seeing DNS as a technology in that light, they’re seeing it as the control over root-servers.net<http://root-servers.net> and the associated TLD mappings, and the registry system that exists from that point on downward.

What’s being proposed here is akin to early internet days, where basically all protocol registries went through one person: John Postel. As the internet matured, this gave rise to IANA.

So the question is, what exactly is the problem we’re trying to solve with the “unofficial registry” and the UDS, and is it a problem that we’re creating ourselves by not availing ourselves of existing processes?

I think we should have a single IANA registry for method names and a normative reference in the DID URL and Resolution specs that say something like:

> If the given method is supported, it MUST be resolved using the method referenced in the [IANA did-method-registry].

This would of course have appropriate cutouts for resolution caches and the like, which has been brought up in the past.

— Justin

On May 4, 2019, at 12:25 PM, Michael Herman (Parallelspace) <mwherman@parallelspace.net<mailto:mwherman@parallelspace.net>> wrote:

The [Universal] DID Service (UDS) is looking more and more like the Internet Domain Name Service (DNS) ...in every way.

Both can be deployed centralized or decentralized, private or public, secured or unsecured, ...with dialable, quantifiable levels of trust.

DIDs can be used to deference any type if  document or page,  any collection of documents, or any property of a document/page, or subcollection of documents)/pages (e.g..existence, size of a subcollection), etc.

I'll be back to my home base soon and will be able to elaborate on this in more detail.

Best regards,
Michael Herman
Independent Blockchain Architect and Developer



________________________________
From: Steven Rowat <steven_rowat@sunshine.net<mailto:steven_rowat@sunshine.net>>
Sent: Tuesday, April 30, 2019 2:13:05 PM
To: public-credentials@w3.org<mailto:public-credentials@w3.org>
Subject: Re: Prioritizing Individual Sovereignty over Interoperability

On 2019-04-30 7:24 am, Markus Sabadello wrote:
> You are right, my last comment went too far, I fully agree the community
> is gaining much, not losing.
>
> I think what I meant to say is that "DID" is losing (or changing) its
> original meaning and intent if it we say that domain names, Facebook
> usernames, etc. can also be DIDs.
>
> If that is the community consensus at the end of the debate, great.
> If we arrive at some middle ground that can enable the "bigger tent"
> while still maintaining the original narrative, also great.

While I accept Manu's concerns, I think also the debate has become
fuzzy and is not over. I don't think a "bigger tent" is necessarily
the only way to measure success. It depends on what the people in the
various sub-tents are being helped to do by the VC/DID system envisioned.

Perhaps reframing the "DID decentralization" and did:facebook and
did:web issue as the following will help:

1. Monetizing the Internet has created the stalking advertising model,
which now widely accepted as seriously problematic.

2. A Verifiable Claims / DID standard has in the past promised to help
make other monetizing methods more doable: direct sale of information,
private transactions, pseudo-anonymity, micropayments, subscriptions.

The question for me then is whether #2 is being helped or hurt by the
currently discussed changes. Is DID being set up now so that it will
principally help #1, because that's where the "bigger tent" currently is?

I'm not saying I know which way the technical details about
did:facebook and did:web fall. But if the debate could be framed about
which of those two is being helped, it might make it easier to follow,
at least for me.

Steven Rowat
Received on Monday, 13 May 2019 20:50:03 UTC