- From: Bill Claxton <williamc@itr8.com>
- Date: Fri, 15 Jan 2021 11:16:49 +0800
- To: public-credentials@w3.org
- Cc: "williamc@nextid.com" <williamc@nextid.com>
- Message-ID: <4946c124-7908-01db-34a9-89e6a882aad7@itr8.com>
Adrian, Well put. I agree on "a separation of concerns between who has the data and who controls how it's used". Let's say my VCs are stored in IPFS or similar decentralised storage and I am the only person with private key. To share a VC, I can make a temporary copy, encrypt it with a different key and post it in volatile storage. I can comply with GDPR requests to remove the information by simply deleting or expiring access to the volatile storage. All without ever disclosing the location of the VCs in IPFS or the keys. Regards, Bill Claxton (williamc@itr8.com <mailto:williamc@itr8.com>) Facebook, Skype, MSN, Yahoo, Twitter, Flickr or Gmail: wmclaxton Voice, Text or Whatsapp: +65-9012-4327 On 1/15/2021 11:02 AM, Adrian Gropper wrote: > Solid has fallen into the same trap as all first-generation > people-centered technologies of linking storage of > personal information to control of personal data. Yes, it's easier to > control data about you if you also store that data but the problem is > that almost nobody cares about the data you have in storage - they > have their own copies of that data and their own ways of monetizing it > whether you have a Solid Pod or not. > > I'm looking forward to scalable people-centered technologies where > personal data is controlled without having to be copied into a PDS. > Proper authorization standards like GNAP introduce a separation of > concerns between who has the data and who controls how it's used. If > we understand the case for end-to-end encryption, why would we insist > that two of our service providers must transfer data through my Pod as > a way to share it? > > I'm told by people who work on Solid that they could adopt > authorization standards to provide independent control over what's in > my Pod. Yet they haven't AFAIK. I would not trust Solid as being > person-centric until they provide me with standards-based > authorization for access control to what is in my Pod. Otherwise, > they're just like Apple who controls access to my health record stored > on my iPhone based on opaque App Store policies and proprietary app APIs. > > Adrian > > On Thu, Jan 14, 2021 at 9:23 PM Michael Herman (Parallelspace) > <mwherman@parallelspace.net <mailto:mwherman@parallelspace.net>> wrote: > > There is already 3-4 years of sources of general information on > Solid (e.g. Inrupt forums, Solid CG Specifications, Technical > Report, YouTube videos, etc.). > > In terms of inter-CG communication/discussions, I’m interested in > Inrupt/Solid’s directions in terms of its adoption of: > > 1. Decentralized Identity Models > 2. Self-Sovereign Identity Models (a subset of the above) > 3. Other points of potential intersection > > Best regards, > > Michael > > *From:*Heather Vescent <heathervescent@gmail.com > <mailto:heathervescent@gmail.com>> > *Sent:* January 14, 2021 9:54 AM > *To:* W3C Credentials CG (Public List) <public-credentials@w3.org > <mailto:public-credentials@w3.org>> > *Subject:* Re: Tim Berners-Lee: He Created the Web. Now He’s Out > to Remake the Digital World. > > All, > > The CCG and Solid co-chairs are discussing coordinating > introductory presentations from each group to each group in order > to jump start collaboration -- this will likely happen in February. > > CCG members: what questions on Solid would you like answered? > > More details as they happen. > > Cheers, > > -Heather > > On Thu, Jan 14, 2021 at 1:27 AM Kishore Bhatia > <kishore@affinidi.com <mailto:kishore@affinidi.com>> wrote: > > Thanks for shedding some more light on this Michael and > Dmitri, have been following Solid/Inrupt’s launch from > community pods to ESS and very interested in convergence or > parallels with Secure data storage! > > Looking at Solid again in 2021 for VC compliant storage: > encrypted data vault, maybe even Cloud-agents/identity-hub > like components in Affinidi’s architecture, would be great to > sync’up with you direct on the identity/VC relevant roadmap so > far - will ping direct! > > Cheers! > > Kishore > > On Thu, Jan 14, 2021 at 12:39 AM Dmitri Zagidulin > <dzagidulin@gmail.com <mailto:dzagidulin@gmail.com>> wrote: > > > Is there anyone from the Solid project or Inrupt a > member of CCG? > > I'll add my name to that list as well -- I'm an active > participant in the Solid project (am one of the core spec > editors, implementer, etc) as well. And in general, try to > bring Solid's perspective to various w3c groups I'm part > of (including the Confidential Storage group). > > > -- > > Heather Vescent <http://www.heathervescent.com/> > > Co-Chair, Credentials Community Group @W3C > <https://www.w3.org/community/credentials/> > > President, The Purple Tornado, Inc <https://thepurpletornado.com/> > > Author, The Secret of Spies <https://amzn.to/2GfJpXH> (Available > Oct 2020) > > Author, The Cyber Attack Survival Manual > <https://www.amazon.com/Cyber-Attack-Survival-Manual-Apocalypse/dp/1681886545/> (revised, > Dec 2020) > > Author, A Comprehensive Guide to Self Sovereign Identity > <https://ssiscoop.com/> > > @heathervescent <https://twitter.com/heathervescent> | Film > Futures <https://vimeo.com/heathervescent> | Medium > <https://medium.com/@heathervescent/> | LinkedIn > <https://www.linkedin.com/in/heathervescent/> | Future of Security > Updates <https://app.convertkit.com/landing_pages/325779/> >
Received on Friday, 15 January 2021 03:17:14 UTC