W3C home > Mailing lists > Public > public-credentials@w3.org > October 2021

Re: Does the W3C still believe in Tim Berners-Lee's vision of decentralization?

From: Drummond Reed <drummond.reed@evernym.com>
Date: Wed, 13 Oct 2021 08:34:33 -0700
Message-ID: <CAAjunna=t0h0AK+w+sw5Z75snYBx-MCcfe1FH7fNzpnxwJvhZQ@mail.gmail.com>
To: Nikos Fotiou <fotiou@aueb.gr>
Cc: Credentials Community Group <public-credentials@w3.org>
On Wed, Oct 13, 2021 at 2:48 AM Nikos Fotiou <fotiou@aueb.gr> wrote:

> Hi,
>
> My 2c
>
> - IMHO trying to diminish the objections based on the supposedly motives
> of the objectors can fire back. E.g., what are really the motives of
> Evernym for supporting DID spec?
>

Nick, I wasn't trying to diminish the objections on that basis. The
arguments against the objections are each handled separately. I was only
trying to shine a light on the possible motivations for the
misunderstandings about the DID spec.

Evernym is happy to be very transparent about our motivations. We are an
SSI tech vendor. DIDs are integral to our software and services because we
believe deeply in decentralization and so do our customers.


> - The responses to the “divergence” and the “interoperability” comments
> are not convincing. The DID specification registry includes tens of methods
> that try to “lock” users in their respective registries. IMHO, we don’t
> want to end up in a situation where there is did:google, and the only way
> to use it is by interacting with google servers;
>

The whole idea of a registry of DID methods is to let the market choose
from among independent DID methods as long as they are spec compliant. The
DID WG has discussed the hypothetical "did:facebook" as an example for the
last two years. If Facebook (or Google, or Apple, or
choose-your-large-provider) decided that it wanted to try to compete with
other DID methods that do not have a dependency on a single company, that's
a choice the market can make.


> it is better to have something that has similar properties to DNS names,
> where you are free to choose your registrar, you can host your DID even by
> yourself, you can use any DID resolution service you like, and you can
> change any of these providers without having to change your DID.
>

There are in fact some DID methods that have that quality (did:keri is one
example). And others like did:peer do not need any "registrar" at all. You
control all your own peer DIDs in your own digital wallet.

But should we require all DID methods to have those properties? The DID
spec was designed to let the market innovate the best DID methods. That's
why the DID Rubric <https://w3c.github.io/did-rubric/> is important as a
tool to help the public evaluate DID methods.

If you feel strongly that there is a clear line in the sand that can be
drawn about what DID methods should be excluded, please feel free to
suggest it as a policy the DID Spec Registries
<https://www.w3.org/TR/did-spec-registries/> could adopt.

We don’t want to have web sites that have a list of tens of “Log in with…”
> buttons.
>

On that point, the whole idea of DIDs is that if a site uses a DID
resolver, a single "Log in with..." button can service all DIDs that use
DID methods supported by that resolver.

Best,

=Drummond


>
>
> Best,
>
> Nikos
>
>
>
> *From:* Drummond Reed <drummond.reed@evernym.com>
> *Sent:* Wednesday, October 13, 2021 9:58 AM
> *To:* Credentials Community Group <public-credentials@w3.org>
> *Subject:* Does the W3C still believe in Tim Berners-Lee's vision of
> decentralization?
>
>
>
> I want to share this email I just sent to the W3C Advisory Committee
> regarding the DID 1.0 formal objection (FO) issue.
>
>
>
> The Evernym blog post it links to is here:
> https://www.evernym.com/blog/w3c-vision-of-decentralization/
>
>
>
> Best,
>
> =Drummond
>
> ---------- Forwarded message ---------
> From: *Drummond Reed* <drummond.reed@evernym.com>
> Date: Tue, Oct 12, 2021 at 11:54 PM
> Subject: Does the W3C still believe in Tim Berners-Lee's vision of
> decentralization?
> To: W3C AC Forum <w3c-ac-forum@w3.org>
>
>
>
> AC Members,
>
>
>
> Let me start by saying I appreciate the extensive discussion about the
> Formal Objection process over the past few days. I suspect it has helped
> educate many of us who are not involved in the intricacies of the W3C
> process (and how it needs to evolve to become "director-free"). It has also
> given me, as one editor of the DID 1.0 spec, a modicum of reassurance that
> the FO's lodged against it will be handled via a reasonable process.
>
>
> Assuming that good faith, I'd like to turn the AC's attention to the
> substance of those FOs. Specifically, I want to follow the advice Tobie
> Langel gave yesterday in response to a suggestion by David Singer:
>
>
>
> Anchoring decision-making into shared values and principles is critical
> for W3C’s long-term credibility and for W3C to stay functional once
> “director-free.”
>
>
>
> I could not agree more. In the case of these FOs, I believe the principle
> at stake is *decentralization*.
>
>
>
> Evernym joined the W3C four years ago specifically to work on standards
> for *decentralized digital trust infrastructure*, starting
> with verifiable credentials and DIDs. To be frank, we were skeptical
> that W3C was the right place for that work. The issue of centralization of
> the Web was already looming large—specifically as raised by Mozilla in
> their 2017 Internet Health Report
> <https://foundation.mozilla.org/en/insights/internet-health-report/>.
> But Manu Sporny and other leaders of the W3C Credentials Community Group
> convinced us that the W3C was serious about decentralization. So we agreed
> to contribute our efforts here.
>
>
>
> Four years later, the FOs lodged by Google, Apple, and Mozilla against the
> DID 1.0 spec have shaken our confidence. It would be one thing if these
> objections had serious merit. But we were frankly stunned at how much they
> reflected misunderstandings not only about the purpose and design of the
> DID 1.0 spec, but also about the other deliverables of the DID WG.
>
>
>
> I realize that's a strong statement. So over the past week we worked to
> fully document this in a blog post we published tonight
> <https://www.evernym.com/blog/w3c-vision-of-decentralization/>.
>
>
>
> I urge you to read it and to share your thoughts on the topic
> of decentralization with the rest of the AC.
>
>
>
> =Drummond
>
>
>
> P.S. The conclusion of the blog post raises some questions about the
> motivations for these FOs. This is not meant to impugn Google's, Apple's,
> and Mozilla's intentions. It is meant to underscore that *decentralization
> is about avoiding concentrations of power*. There is no way around that
> issue—which is why it is so important that we discuss it here.
>
>
>
>
>
>
>
>
>
>
>
Received on Wednesday, 13 October 2021 15:34:59 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 13 October 2021 15:35:01 UTC