W3C home > Mailing lists > Public > public-credentials@w3.org > March 2021

Re: Identity as relational - was: The "self-sovereign" problem (was: The SSI protocols challenge)

From: Henry Story <henry.story@gmail.com>
Date: Wed, 24 Mar 2021 17:41:22 +0100
Message-Id: <020A2171-598A-46CE-8B6E-3B123AE11120@gmail.com>
Cc: Credentials CG <public-credentials@w3.org>
To: Steven Rowat <steven_rowat@sunshine.net>


> On 24 Mar 2021, at 16:55, Steven Rowat <steven_rowat@sunshine.net> wrote:
> 
> On 2021-03-24 1:25 am, Henry Story wrote:
>> The point is not that one person ”owns” all ”their” data, but who says what,
>> who is responsible for what they say, and who is entitled to make claims of various
>> sorts.
>> ...[snip...]
>> 
>> 
>>  In SSI this comes to the individual holding his credentials,
>> which will 1) have an individual component (private/public key pair) and 2) a social component
>> with the verifiable claim being a statement by others of some relation of value.
>> 
>> 
> Thank you Henry for that first phrasing.
> 
> But I think it might be important that in "2)", you've omitted the fact that a statement BY the "individual holding his       credentials" can also be a social component.
> 
> I mean: if a person produces a digital work (blog, white paper, science study, piece of music, novel), and a verifiable claim that they are the author of the work, isn't this a "social component" just as much as any "statement by others" that they are the author (or are 18 years old, or have health issue X)?

That fits too. It is very important that we can self assert some claims (and not just
the public key possession).

To express it in terms that I know well:
I can have a WebID that tells people who my friends are, what my blogs are etc…

<#i> foaf:blog </blog/>;
   foaf:mbox <henry.story@bblfish.net>;
   foaf:knows <https://www.w3.org/People/Berners-Lee/card#i>,
              <http://danbri.org/foaf.rdf#danbri>;
    cert:key <did:…> .

For the Blog that can be verified by having the blog point back to the WebID,
the e-mail could have a way to respond automatically with a proof of the relation, …
And there there could be links to blockchain verifications for other claims.

Note though, that technology does have social component too, as it requires many people
working together on mathematics, standards, libraries, tools, and ontologies … for the
system to work. This is quite visible with cryptography, where most of us have to rely
on the knowledge of experts that these do indeed have the properties they claim to have.
And the ontologies or formats we use to express these facts are also conventions that
can be explained game theoretically as equilibrium points in a payoff matrix between
different actors (see David Lewis’ 1969 thesis Convention).

Henry


> 
> 
> 
> Steven Rowat
> 
> 
>> 
>> 
>> Henry
>> 
>> [1] Except for the section on WebIDs that instead of using the WebID diagram from
>> 
>> https://www.w3.org/2005/Incubator/webid/spec/identity/
>> 
>>  uses a 303 redirect hack that is both less elegant and a lot less efficient.
>>  The diagram from the spec would reveal the fundamental connection between both
>>  which essentially goes back to Frege’s Sense/Reference distinction.
>> 
>> 
>> 
>>> 
>>> Steven Capell
>>> Mob: 0410 437854
>>> 
>>> 
>>>> On 24 Mar 2021, at 12:55 am, sankarshan <sankarshan@dhiway.com>
>>>>  wrote:
>>>> 
>>>> We use the terminology of self-sovereign identity for describing a concept of giving individuals or organizations control over their digital identity. The identity resides with the identity subject in question, who is central to its administration. Sovereignty implies that individuals are equal among peers and are not administered by a central authority. This doesn't mean that individuals can suddenly issue themselves a new passport. Instead it means that individuals have control over how their personal data is shared and used. Moreover, individuals can now choose whether they would like to reveal their personal data and also which kind of data they would like to share in the event of a transaction or interaction. Through the use of cryptographic proofs SSI enables verifiability for all involved parties.
>>>> 
>> 


Received on Wednesday, 24 March 2021 16:41:38 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 24 March 2021 16:41:39 UTC