Re: [EXTERNAL] Re: Using Email as an Identifier

Thanks, Manu for acknowledging the dangers.

https://www.nytimes.com/2021/11/12/opinion/facebook-privacy.html





On Sat, Nov 13, 2021 at 11:01 AM Manu Sporny <msporny@digitalbazaar.com>
wrote:

> On 11/12/21 5:52 PM, Adrian Gropper wrote:
> > What are the human rights implications of a "more capable" wallet?
>
> The question is too nebulous to answer.
>
> What are the human rights implications of a physical wallet? What are the
> human rights implications of a slice of Bologna? :)
>
> > Is it a "certified" wallet that Apple or Google provides to pretty much
> > everyone with a certified biometric lock?
>
> No, it is not. That is the anti-thesis of what this community is after. At
> least, not the sort of "more capable" wallet I'm talking about.
>
> > Allow me to stipulate that Apple and Google will adopt any (W3C) standard
> > that allows them to keep their wallet franchise just like Apple almost
> > introduced coerced "local scanning" for illegal content in end-to-end
> > secure messaging.
>
> Yes, of course they will and corrupt it just like they did with the Web
> Payments Payment Request API -- which started out as an open ecosystem and
> now
> only supports wallets supported by the browser manufacturers.
>
> > Once that becomes the norm and we're all expected to have such a capable
> > biometric wallet for our cryptographically secure "papers please" what is
> > left for the SSI community to do?
>
> We have to build competitive alternatives to closed ecosystems. This has
> always been a part of the mission (and will continue to be into the
> foreseeable future).
>
> We have to make sure closed wallet ecosystems don't become the norm by
> building competitive alternatives and voting against anything of the sort
> at
> W3C. Most likely by pushing back hard against a chartering vote for
> anything
> that looks like a play for a non-competitive digital wallet ecosystem.
>
> The new FedCM work at W3C by Google looks like such a trap, IMHO.
>
> > Do we have some kind of regulation or governance system or technology in
> > mind to mitigate this risk?
>
> Yes, the Credential Handler API (CHAPI), which currently needs the
> permission
> of no trillion dollar corporation to deploy across the Web/Internet. It has
> been in operation since 2015:
>
> https://github.com/digitalbazaar/credential-handler-polyfill#features
>
> Certain DIDComm-based solutions could also be a viable "no permission
> needed
> to innovate" alternative.
>
> I'll note that some of the other federated solutions that some in this
> community are dangerously suggesting we use as a stop-gap falls into this
> "certified wallet/ecosystem" trap. If we get to a future where every
> individual isn't making a coerced decision on what digital wallet to use,
> we
> know we've achieved another milestone in this community.
>
> -- manu
>
> --
> Manu Sporny - https://www.linkedin.com/in/manusporny/
> Founder/CEO - Digital Bazaar, Inc.
> News: Digital Bazaar Announces New Case Studies (2021)
> https://www.digitalbazaar.com/
>
>
>

Received on Saturday, 13 November 2021 17:15:12 UTC