Re: Using Email as an Identifier

This is a fantastically clear yet brief description of VCs. Great insights
in your response, Eric.

> Verifiable Credentials are externalizing and giving the credential
usefulness outside of the boundary of the entity issuing it.

On Mon, Nov 15, 2021 at 5:30 PM Dave Crocker <dhc@dcrocker.net> wrote:

> On 11/12/2021 8:05 AM, Kerri Lemoie wrote:
> > There’s been an ongoing discussion in the Open Badges community about
> > using email addresses as an identifier when a wallet is not being used.
> > This is a dilemma particularly in the Open Badges community because it
> > has been using email addresses as recipient identifiers. Over the years
> > using emails as identifiers has been problematic in numerous ways
> > especially considering that the recipients don’t have control over their
> > email addresses and in the past has led to lost badges.
>
>
> A topic like this, needs to be very cautious about distinguishing theory
> from practice.  Theory is always more appealing, because it does not yet
> show the scars from suffering the realities of practice.
>
> Identification at global scale is rather more difficult than under more
> limited circumstances.
>
> Assignment of identifiers looks simple.  Until it is done at scale.
> Independence from a controlling organization might look simple.  Go try
> that at scale.  The same applies to queries using an identifier.
> Simple, until done at scale.
>
> In practice, the choices involve tradeoffs, rather than between terrible
> vs. perfect.
>
> Having a single, private organization own and administer all the
> identifiers is about as bad as this topic can get.  It's not a matter of
> whether the organization is enlightened or evil, but in the nature of
> designing a single point of administrative and operational failure.
>
> If you think it's possible to do identifier assignment and lookup where
> no organization is involved, please provide an example that has
> demonstrated utility at scale, because I haven't heard of it.
>
> Absent that, we are back to tradeoffs.
>
> Domain names are an example of a single, public organization, having
> control over the top of the hierarchy, but in practical terms, both
> administration (assignment) and operation (query) are massively
> distributed.  In practical terms, for most of us, the concerning
> dependency is primarily on the domain registrar and registry, rather
> than on ICANN.
>
> And for the left-hand side of the email address, the question is who is
> in charge of the domain name.
>
> If you get your own domain name, the answer is: you!  And you can move
> to different platform provides as you wish.  The burden, then, is the
> hassle of knowing enough to exploit this choice.
>
> If you go with an email service provider and use their domain name, then
> we're back to a single -- typically private -- organization controlling
> your fate.  However the improvement is that they don't have to be
> controlling mine.  Or the other guys'.
>
> It's easy to criticize the use of email addresses as global identifiers.
>   What is difficult is finding a better alternative.  That works at scale.
>
> d/
>
> --
> Dave Crocker
> Brandenburg InternetWorking
> bbiw.net
>
>

Received on Tuesday, 16 November 2021 03:52:06 UTC