Re: committing fraud with credentials

On 5/15/19 1:48 AM, Daniel Hardman wrote:
> So I've done that: credential-fraud-study@googlegroups.com 
> <mailto:credential-fraud-study@googlegroups.com>. Feel free to join 
> the group or pass its address along to colleagues that you think 
> would be interested.

I'm wondering if it might be better for the CCG to just take this
discussion on instead of creating another group?

There is a trade-off (which I think you've been rightly sensitive to),
which is overburdening this group w/ that discussion... but it feels
pretty core to credentials ecosystem... if we end up with a loose
checklist of all the types of credential fraud and a self-assessment on
how that fraud is mitigated, it'll be better than what we have right now.

The worst case is that there is a subgroup in this community that has an
active mailing list discussion and those that don't want to be a part of
that discussion just don't pay attention to the email threads. The
mailing list traffic feels low volume enough now to support that
credential fraud discussion.

I know at least I'm challenged when it comes to tracking multiple
threads across multiple mailing lists and often opt to not join new
mailing lists (because it's just going to be filtered to a folder that I
never get around to reading due to time pressures).

Credential fraud and mitigations seems like something this group should
be working on. It feels close enough to the "Decentralization Rubrics"
document that Joe is working on, which we seem to be adopting. I see no
reason why the same wouldn't be true for a "Credential Fraud Mitigation
Strategies" document.

Just my off the cuff $0.02... throwing it out there in case it resonates
w/ anyone else.

-- manu

-- 
Manu Sporny (skype: msporny, twitter: manusporny)
Founder/CEO - Digital Bazaar, Inc.
blog: Veres One Decentralized Identifier Blockchain Launches
https://tinyurl.com/veres-one-launches

Received on Wednesday, 15 May 2019 14:12:12 UTC