- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Mon, 18 Nov 2019 12:03:05 -0500
- To: daniel.hardman@evernym.com
- Cc: Daniel Buchner <daniel.buchner@microsoft.com>, Sam Curren <telegramsam@gmail.com>, "indy@lists.hyperledger.org" <indy@lists.hyperledger.org>, Rouven Heck <rouven.heck@consensys.net>, W3C Credentials CG <public-credentials@w3.org>, Tobias Looker <tobias.looker@mattr.global>, Orie Steele <orie@transmute.industries>, Dmitri Zagidulin <dzagidulin@gmail.com>
On 11/18/19 10:46 AM, Daniel Hardman wrote: > This email is a comment about the architecture that's beginning to > coalesce around the data hub concept. It is not me trying to derail > the effort--I think it's good and important--but me trying to raise a > cautionary flag and trigger some thoughtful dialog. Thank you for raising these concerns, Daniel. I personally found nothing in what you wrote with which to disagree... and I tried really hard to find a nuance that would send us down different paths. I think what you hope for is reflected in the Encrypted Data Vaults spec (which we hope to build Identity Hubs on top of), and if it isn't, it should be... because what you're saying should be at the heart of what we're doing. Again, personal opinion. I'm almost certain it's the opinion of Digital Bazaar. It also aligns w/ other cross-community discussions I've had over the past several months. The devil is in the details, but I think we're all headed down the same road... we'll find out if that's true on Friday. > This means that I would like it to be possible for Alice to put a > hub interface behind her own identity (and her own DID) rather than > the identity of a third party hub-serving intermediary. If we can > design hub interfaces such that this is a first-class mode of > operation, I will feel cheerful about this issue. +1, I feel like that's what we're trying to do. > Therefore, I am looking for any spec that gets written to include > the ability to interface with hubs over DIDComm. This means that in > the non-TLS mode, I ought to be able to authenticate the hub itself, > plus any party that interacts with a hub, using the keys in my DID > doc, NOT using certs and logins and API keys. +1, that's a design requirement for Encrypted Data Vaults, on which Identity Hubs should be able to be built (if we did the design correctly). I'm being brief because I agree with everything you said, Daniel... just wanted to make sure you know that there may be more alignment than you think. -- manu -- Manu Sporny (skype: msporny, twitter: manusporny) Founder/CEO - Digital Bazaar, Inc. blog: Veres One Decentralized Identifier Blockchain Launches https://tinyurl.com/veres-one-launches
Received on Monday, 18 November 2019 17:03:53 UTC