Re: W3C Credentials CG Call Tues: mobile DL deck from Jim St.Clair on 2021-10-10 (public-credentials@w3.org from October 2021)

From: Jim St.Clair <jim.stclair@lumedic.io>
Date: Sun, 10 Oct 2021 00:13:06 +0000
To: Adrian Gropper <agropper@healthurl.com>, Andrew Hughes <andrewhughes3000@gmail.com>
CC: David Chadwick <d.w.chadwick@verifiablecredentials.info>, W3C Credentials Community Group <public-credentials@w3.org>
Message-ID: <PH0PR04MB71605DBB6B32924C615C91D59FB49@PH0PR04MB7160.namprd04.prod.outlook.com>
"I'm skeptical of government influence on SSI and mDL standards. Is that wrong of me?"
>>Not necessarily, but ISO participation is based on organizations, not individuals. Most of those orgs are companies. If you're skeptical of the Canadian government more than Microsoft or Google, I think there are grounds for further discussion....
Point being IMO you have to choose your battles and position yourself where it makes the most difference.
Bottom line is W3C gives you an open standards body that allows you  to assert your philosophy, at the expense of being seen through as a globally recognized ISO standard (though as I keep saying there's a route for that).



Best regards,

Jim



________________________________
From: Adrian Gropper <agropper@healthurl.com>
Sent: Saturday, October 9, 2021 4:56:57 PM
To: Andrew Hughes <andrewhughes3000@gmail.com>
Cc: David Chadwick <d.w.chadwick@verifiablecredentials.info>; Jim St.Clair <jim.stclair@lumedic.io>; W3C Credentials Community Group <public-credentials@w3.org>
Subject: Re: W3C Credentials CG Call Tues: mobile DL deck

I don't think I implied any motives. Government has a tense relationship with self-sovereign anything. They are the ultimate sovereign. That's not a motive.

I'm skeptical of government influence on SSI and mDL standards. Is that wrong of me?

-Adrian

On Sat, Oct 9, 2021 at 4:00 PM Andrew Hughes <andrewhughes3000@gmail.com<mailto:andrewhughes3000@gmail.com>> wrote:
+1
It would help greatly as well if speculation about motives in the absence of information could be toned down. There's no experience quite like cooperating with others who openly suspect ulterior motives. If you take my meaning.

On Sat, Oct 9, 2021 at 12:43 PM Jim St.Clair <jim.stclair@lumedic.io<mailto:jim.stclair@lumedic.io>> wrote:

"In other words, if they really did want to harmonize with VCs and DIDs they would open up the relevant standards."

>> Just to recall the conversation started (oh so many emails ago) b/c of recognition that ISO 18013 was poised on the precipice of mass adoption with no consideration of DIDs/VCs.

I had hoped this discussion would emphasize the importance of "us" working to harmonized with "them", Not expecting "them" to have any intrinsic motivation to harmonize with "us".

As I've also mentioned, there is a W3C liaison C status with ISO - I can assure you "they" simply expect you to use that for any need for harmonization, not "us" sitting by the phone waiting for "them" to call.



Best regards,

Jim



From: Andrew Hughes <andrewhughes3000@gmail.com<mailto:andrewhughes3000@gmail.com>>
Sent: Saturday, October 9, 2021 2:17 PM
To: Adrian Gropper <agropper@healthurl.com<mailto:agropper@healthurl.com>>
Cc: David Chadwick <d.w.chadwick@verifiablecredentials.info<mailto:d.w.chadwick@verifiablecredentials.info>>; W3C Credentials Community Group <public-credentials@w3.org<mailto:public-credentials@w3.org>>
Subject: Re: W3C Credentials CG Call Tues: mobile DL deck



"They" is "us"



On Sat, Oct 9, 2021 at 12:07 PM Adrian Gropper <agropper@healthurl.com<mailto:agropper@healthurl.com>> wrote:

That ISO is funded by gov entities makes the use of pay-for standards even worse. It really make as little sense as putting laws behind a paywall.



I'm not saying we should write ISO off. I am saying that, like IEEE, they can be asked to open the standards that they want to be supportive of modern privacy and security practices. In other words, if they really did want to harmonize with VCs and DIDs they would open up the relevant standards.



- Adrian



On Sat, Oct 9, 2021 at 3:01 PM David Chadwick <d.w.chadwick@verifiablecredentials.info<mailto:d.w.chadwick@verifiablecredentials.info>> wrote:

On 09/10/2021 18:05, Dmitri Zagidulin wrote:

I think the IETF, W3C or DIF models are preferable, in terms of accessibility and adoption.

I also agree that the IETF and W3C are preferable in terms of adoption, primarily because they require two interworking systems to exist before the standard can be published. This acts as a natural brake on gold plating, which many ISO standards have suffered from.

But ISO standards can also become ubiquitous e.g. X.509, without which the secure web would not exist. So we cannot write ISO off.

Kind regards

David

You pay for membership, but not for access to the spec. How is it possible to call something an open standard, when it's behind a significant paywall?



(That said, Andrew - I am intensely grateful that both you and David Chadwick are participating in the mDL WG, so it is in no way a criticism of the work. I am merely bewildered at the ISO approach.)



On Fri, Oct 8, 2021 at 11:53 PM Andrew Hughes <andrewhughes3000@gmail.com<mailto:andrewhughes3000@gmail.com>> wrote:

I'm curious. For the not "pay-for-standards" - where does the money come from?

Because someone is paying for the collaborative work spaces...



On Fri, Oct 8, 2021 at 2:01 PM Adrian Gropper <agropper@healthurl.com<mailto:agropper@healthurl.com>> wrote:

Pay-for standards should have no role in SSI because they are inaccessible to community-supported F/OSS.



IEEE has tried to split this baby with their privacy-inflected 7000 series. It's a potential solution for ISO. As it stands, ISO collaboration seems like a good way for W3C and IETF to lose our way.



- Adrian



On Fri, Oct 8, 2021 at 3:11 PM Jim St.Clair <jim.stclair@lumedic.io<mailto:jim.stclair@lumedic.io>> wrote:

"+100
Pay-for-standards was a great idea..twenty years ago."

...yeah, except we're sitting here realizing our standard is being displaced by this new standard using the 20 year old model, so....



Best regards,

Jim

_______________



Jim St.Clair

Chief Trust Officer

jim.stclair@lumedic.io<mailto:jim.stclair@lumedic.io> | 228-273-4893<tel:228-273-4893>

Let's meet to discuss patient identity exchange: https://calendly.com/jim-stclair-1



________________________________

From: Anders Rundgren <anders.rundgren.net@gmail.com<mailto:anders.rundgren.net@gmail.com>>
Sent: Friday, October 8, 2021 1:00:12 PM
To: dzagidulin@gmail.com<mailto:dzagidulin@gmail.com> <dzagidulin@gmail.com<mailto:dzagidulin@gmail.com>>; Credentials Community Group <public-credentials@w3.org<mailto:public-credentials@w3.org>>
Subject: Re: W3C Credentials CG Call Tues: mobile DL deck



CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.


On 2021-10-08 19:46, Dmitri Zagidulin wrote:
> David Chadwick wrote:
>
>  > At the same time I advised the W3C VC WG about mDL and suggested that we could utilise their well developed protocols as we had none. But again that request fell on deaf ears.
>
> I suspect part of the issue here is just culture clash. All of us (most of us?) want as much wide interop as possible, and to respect prior art. However, for any given W3C WG member, the idea of paying $200 or whatever it is to just LOOK at the ISO spec... that's a hard sell.

+100
Pay-for-standards was a great idea..twenty years ago.

Anders

> Dmitri


--

Andrew Hughes CISM CISSP
In Turn Information Management Consulting
o  +1 650.209.7542 m +1 250.888.9474
5043 Del Monte Ave,, Victoria, BC V8Y 1W9<https://www.google.com/maps/search/5043+Del+Monte+Ave,,%C2%A0Victoria,+BC+V8Y+1W9?entry=gmail&source=g>
AndrewHughes3000@gmail.com<mailto:AndrewHughes3000@gmail.com>
https://www.linkedin.com/in/andrew-hughes-682058a
Digital Identity | International Standards | Information Security



--

Andrew Hughes CISM CISSP
In Turn Information Management Consulting
o  +1 650.209.7542 m +1 250.888.9474
5043 Del Monte Ave,,<https://www.google.com/maps/search/5043+Del+Monte+Ave,,+Victoria,+BC+V8Y+1W9?entry=gmail&source=g> Victoria, BC V8Y 1W9<https://www.google.com/maps/search/5043+Del+Monte+Ave,,+Victoria,+BC+V8Y+1W9?entry=gmail&source=g>
AndrewHughes3000@gmail.com<mailto:AndrewHughes3000@gmail.com> <https://www.google.com/maps/search/5043+Del+Monte+Ave,,+%C2%A0+Victoria,+BC+V8Y+1W9?entry=gmail&source=g>
https://www.linkedin.com/in/andrew-hughes-682058a
Digital Identity | International Standards | Information Security
--
Andrew Hughes CISM CISSP
In Turn Information Management Consulting
o  +1 650.209.7542 m +1 250.888.9474
5043 Del Monte Ave,, Victoria, BC V8Y 1W9<https://www.google.com/maps/search/5043+Del+Monte+Ave,,%C2%A0Victoria,+BC+V8Y+1W9?entry=gmail&source=g>
AndrewHughes3000@gmail.com<mailto:AndrewHughes3000@gmail.com>
https://www.linkedin.com/in/andrew-hughes-682058a
Digital Identity | International Standards | Information Security
Received on Sunday, 10 October 2021 00:13:26 UTC