Identity as relational - was: The "self-sovereign" problem (was: The SSI protocols challenge) from Henry Story on 2021-03-24 (public-credentials@w3.org from March 2021)

From: Henry Story <henry.story@gmail.com>
Date: Wed, 24 Mar 2021 09:25:06 +0100
To: Steve Capell <steve.capell@gmail.com>
Cc: sankarshan <sankarshan@dhiway.com>, public-credentials@w3.org
Message-Id: <7DA969F0-DCEF-4C8B-814F-B140926CAC7C@gmail.com>
> On 23 Mar 2021, at 22:03, Steve Capell <steve.capell@gmail.com> wrote:
> 
> +1 - that’s a paragraph that can be used with policy makers.  I like it
> 
> “ We use the terminology of self-sovereign identity for describing a concept of giving individuals or organizations control over their digital identity. The identity resides with the identity subject in question, who is central to its administration. Sovereignty implies that individuals are equal among peers and are not administered by a central authority. This doesn't mean that individuals can suddenly issue themselves a new passport. Instead it means that individuals have control over how their personal data is shared and used. Moreover, individuals can now choose whether they would like to reveal their personal data and also which kind of data they would like to share in the event of a transaction or interaction. Through the use of cryptographic proofs SSI enables verifiability for all involved parties.”

I bought the book and I thought it was very well balanced in this respect [1] and
also very helpful to get an overview of the subject.

The Self-Sovereign concept works on many levels, as there are many types of peers:
individuals, groups, institutions, local authorities and nation states. People
tend to think of nations as centralised, but actually they are peers in a web of nations,
which political scientists often call an anarchy of states. So the Self-Sovereign identity
concepts apply just as well to them too. See:

  https://co-operating.systems/2020/06/01/WoN.pdf

The point is not that one person ”owns” all ”their” data, but who says what,
who is responsible for what they say, and who is entitled to make claims of various
sorts. Robert Brandom, the US philosopher who studied  this in detail in his works
on analytic pragmatism, puts language in terms of games of asking for and giving reasons.
Socrates often made the point nearly 2500 years ago, that we don’t go to the metallurgist
for advice on medical treatment nor the other way around.
Or if we did, that would not constitute a reasonable defense for a mistaken treatment
in a court of law.

  As people have pointed out, identity is relational. For the doctor’s knowledge
relies on institutions of education, which rely on an ecosystem of actors, from
mothers, to  road builders, electrical plants operators, construction workers,
school teachers, soldiers, policemen, bakers, … Each of these can make an innovative
contribution to society which changes its identity over time. Some are fundamental changes
such as when Ford changed the whole makeup of America with the standard built car, or
later when Roosevelt introduced social security in the US in order to allow every
American to buy those cars. So the individual is fundamental to identity, but only via his
relations to others. One can gain some insight into this from a concept that appears
in Category Theory that an object in a network is identified  by all its relations
to other nodes in the network.

So the individual plays a fundamental role in this: he is responsible for what he
says, even if only reporting on what others have said, and has to be answerable to
questions on what was said. Without this we could not be able to work together and new ideas could
not be expressed and debated. In SSI this comes to the individual holding his credentials,
which will 1) have an individual component (private/public key pair) and 2) a social component
with the verifiable claim being a statement by others of some relation of value.

In this system the nodes are just as important as the links between the nodes.

Henry

[1] Except for the section on WebIDs that instead of using the WebID diagram from
  https://www.w3.org/2005/Incubator/webid/spec/identity/
 uses a 303 redirect hack that is both less elegant and a lot less efficient.
 The diagram from the spec would reveal the fundamental connection between both
 which essentially goes back to Frege’s Sense/Reference distinction.


> 
> Steven Capell
> Mob: 0410 437854
> 
>> On 24 Mar 2021, at 12:55 am, sankarshan <sankarshan@dhiway.com> wrote:
>> 
>> We use the terminology of self-sovereign identity for describing a concept of giving individuals or organizations control over their digital identity. The identity resides with the identity subject in question, who is central to its administration. Sovereignty implies that individuals are equal among peers and are not administered by a central authority. This doesn't mean that individuals can suddenly issue themselves a new passport. Instead it means that individuals have control over how their personal data is shared and used. Moreover, individuals can now choose whether they would like to reveal their personal data and also which kind of data they would like to share in the event of a transaction or interaction. Through the use of cryptographic proofs SSI enables verifiability for all involved parties.
Received on Wednesday, 24 March 2021 08:25:23 UTC