W3C home > Mailing lists > Public > public-credentials@w3.org > January 2021

Re: Tim Berners-Lee: He Created the Web. Now He’s Out to Remake the Digital World.

From: Kim Hamilton <kimdhamilton@gmail.com>
Date: Fri, 15 Jan 2021 18:33:40 -0800
Message-ID: <CAFmmOzdFF92GBeABavwRn7kNduGssAR_G8t7Zt49=KpdvB6L0w@mail.gmail.com>
To: "Michael Herman (Parallelspace)" <mwherman@parallelspace.net>, Kayode Ezike <kezike13@gmail.com>, info@csarven.ca
Cc: Bill Claxton <williamc@itr8.com>, "public-credentials@w3.org" <public-credentials@w3.org>, "williamc@nextid.com" <williamc@nextid.com>
Last year or so, Kayode Ezike (added) presented his solid/VC work on a CCG
call.

Here's the github repo:
https://github.com/kezike/solid-vc

The idea of using a Solid profile (URI) as the VC credentialSubject.id appeals
to me. I get Adrian's concern about whether people would be motivated to
manage their own PDS.  But, supposing one wants to deploy VC-based projects
in the immediate future, it's challenging identifying DID methods suitable
for individuals*, and Solid profiles start to look more feasible and
intuitive.

* Based on criteria such as open-standard based, avoiding lockin,
longevity, ease of use. Again, this applies to methods available at the
current time



On Thu, Jan 14, 2021 at 7:41 PM Michael Herman (Parallelspace) <
mwherman@parallelspace.net> wrote:

> RE: If we understand the case for end-to-end encryption, why would we
> insist that two of our service providers must transfer data through my Pod
> as a way to share it?
>
>
>
> I’m not sure this is a target use case for Inrupt/Solid.  From what I’ve
> read so far, it sounds like the idea behind what TimBL and Inrupt are
> building is to create a new Web, based on pods, that runs as a peer to the
> WWW on top of the Internet.
>
>
>
> Michael
>
>
>
> *From:* Bill Claxton <williamc@itr8.com>
> *Sent:* January 14, 2021 8:17 PM
> *To:* public-credentials@w3.org
> *Cc:* williamc@nextid.com
> *Subject:* Re: Tim Berners-Lee: He Created the Web. Now He’s Out to
> Remake the Digital World.
>
>
>
> Adrian,
>
> Well put.  I agree on "a separation of concerns between who has the data
> and who controls how it's used".
>
> Let's say my VCs are stored in IPFS or similar decentralised storage and I
> am the only person with private key.  To share a VC, I can make a temporary
> copy, encrypt it with a different key and post it in volatile storage.  I
> can comply with GDPR requests to remove the information by simply deleting
> or expiring access to the volatile storage.  All without ever disclosing
> the location of the VCs in IPFS or the keys.
>
> Regards, Bill Claxton (williamc@itr8.com)
> Facebook, Skype, MSN, Yahoo, Twitter, Flickr or Gmail: wmclaxton
> Voice, Text or Whatsapp: +65-9012-4327
>
> On 1/15/2021 11:02 AM, Adrian Gropper wrote:
>
> Solid has fallen into the same trap as all first-generation
> people-centered technologies of linking storage of personal information to
> control of personal data. Yes, it's easier to control data about you if you
> also store that data but the problem is that almost nobody cares about the
> data you have in storage - they have their own copies of that data and
> their own ways of monetizing it whether you have a Solid Pod or not.
>
>
>
> I'm looking forward to scalable people-centered technologies where
> personal data is controlled without having to be copied into a PDS. Proper
> authorization standards like GNAP introduce a separation of concerns
> between who has the data and who controls how it's used. If we understand
> the case for end-to-end encryption, why would we insist that two of our
> service providers must transfer data through my Pod as a way to share it?
>
>
>
> I'm told by people who work on Solid that they could adopt authorization
> standards to provide independent control over what's in my Pod. Yet they
> haven't AFAIK. I would not trust Solid as being person-centric until they
> provide me with standards-based authorization for access control to what is
> in my Pod. Otherwise, they're just like Apple who controls access to my
> health record stored on my iPhone based on opaque App Store policies and
> proprietary app APIs.
>
>
>
> Adrian
>
>
>
> On Thu, Jan 14, 2021 at 9:23 PM Michael Herman (Parallelspace) <
> mwherman@parallelspace.net> wrote:
>
> There is already 3-4 years of sources of general information on Solid
> (e.g. Inrupt forums, Solid CG Specifications, Technical Report, YouTube
> videos, etc.).
>
>
>
> In terms of inter-CG communication/discussions, I’m interested in
> Inrupt/Solid’s directions in terms of its adoption of:
>
>
>
>    1. Decentralized Identity Models
>    2. Self-Sovereign Identity Models (a subset of the above)
>    3. Other points of potential intersection
>
>
>
> Best regards,
>
> Michael
>
>
>
> *From:* Heather Vescent <heathervescent@gmail.com>
> *Sent:* January 14, 2021 9:54 AM
> *To:* W3C Credentials CG (Public List) <public-credentials@w3.org>
> *Subject:* Re: Tim Berners-Lee: He Created the Web. Now He’s Out to
> Remake the Digital World.
>
>
>
> All,
>
>
>
> The CCG and Solid co-chairs are discussing coordinating introductory
> presentations from each group to each group in order to jump start
> collaboration -- this will likely happen in February.
>
>
>
> CCG members: what questions on Solid would you like answered?
>
>
>
> More details as they happen.
>
>
>
> Cheers,
>
>
>
> -Heather
>
>
>
> On Thu, Jan 14, 2021 at 1:27 AM Kishore Bhatia <kishore@affinidi.com>
> wrote:
>
> Thanks for shedding some more light on this Michael and Dmitri, have been
> following Solid/Inrupt’s launch from community pods to ESS and very
> interested in convergence or parallels with Secure data storage!
>
>
>
> Looking at Solid again in 2021 for VC compliant storage: encrypted data
> vault, maybe even Cloud-agents/identity-hub like components in Affinidi’s
> architecture, would be great to sync’up with you direct on the identity/VC
> relevant roadmap so far - will ping direct!
>
>
>
> Cheers!
>
> Kishore
>
>
>
>
>
> On Thu, Jan 14, 2021 at 12:39 AM Dmitri Zagidulin <dzagidulin@gmail.com>
> wrote:
>
> >  Is there anyone from the Solid project or Inrupt a member of CCG?
>
>
>
> I'll add my name to that list as well -- I'm an active participant in the
> Solid project (am one of the core spec editors, implementer, etc) as well.
> And in general, try to bring Solid's perspective to various w3c groups I'm
> part of (including the Confidential Storage group).
>
>
>
>
>
>
> --
>
> Heather Vescent <http://www.heathervescent.com/>
>
> Co-Chair, Credentials Community Group @W3C
> <https://www.w3.org/community/credentials/>
>
> President, The Purple Tornado, Inc <https://thepurpletornado.com/>
>
> Author, The Secret of Spies <https://amzn.to/2GfJpXH> (Available Oct 2020)
>
> Author, The Cyber Attack Survival Manual
> <https://www.amazon.com/Cyber-Attack-Survival-Manual-Apocalypse/dp/1681886545/> (revised,
> Dec 2020)
>
> Author, A Comprehensive Guide to Self Sovereign Identity
> <https://ssiscoop.com/>
>
>
>
> @heathervescent <https://twitter.com/heathervescent> | Film Futures
> <https://vimeo.com/heathervescent> | Medium
> <https://medium.com/@heathervescent/> | LinkedIn
> <https://www.linkedin.com/in/heathervescent/> | Future of Security Updates
> <https://app.convertkit.com/landing_pages/325779/>
>
>
>
Received on Saturday, 16 January 2021 02:34:06 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:25:07 UTC