W3C home > Mailing lists > Public > public-credentials@w3.org > January 2022

RE: Verifiable Credential Refresh 2021

From: John, Anil <anil.john@hq.dhs.gov>
Date: Tue, 4 Jan 2022 01:30:51 +0000
To: W3C Credentials CG <public-credentials@w3.org>
Message-ID: <SA1PR09MB8815BE3FFCFAB3D169479990C54A9@SA1PR09MB8815.namprd09.prod.outlook.com>
Adrian >There is a highly asymmetric power relationship in most cases of issue with DHS examples as the most extreme
Adrian > In cases where the subject does not sufficiently trust the issuer …

There is only one United States of America.
There is only one issuer of US immigration status in the world; the USG.
An immigrant to the US has only one entity, the USG, that can authoritatively assert the fact that they are an immigrant to the USA.
An immigrant can choose to not trust the USG, but the USG still remains the only entity that can assert their US immigration status.

You can consider this a highly asymmetric power relationship, but that does not change the reality that this specific type of relationship applies to every single Sovereign on the Planet when it comes to persons that they consider an immigrant. No new standard or choice of technologies is going to change that reality.

Adrian > … the subject has the option of taking possession of the VC as a means of control over presentation.
Adrian > This separation of concerns through delegation is arguably a fundamental human right.

I choose not to engage in a discussion on what is and what is not a fundamental human right. As someone who was not born in the western world, I tend to have very strong opinions on the topic … which are no one’s business but my own :-)

However, I acknowledge that you have remained consistent in your arguments regarding the topic of delegation. On that topic, I have two areas that I think about:

  1.  When it comes to immigration credentials, where delegation comes into play (not a complete list) is when you as a parent/relative are acting on behalf of a child or when a lawyer or other official are acting on behalf of someone.
  2.  Maturity of delegation technology at the current time and impact of tackling a technical implementation in the critical path of VC/DID based credential ecosystem maturity.
Re: (1)

We have been very clear and consistent from the start of our journey that we will not force digital credentials on anyone. We will continue to have the existing paper based credentials to ensure access and equity to the broadest audience. In our approach an immigrant has to explicitly request a digital credential to get one and that will happen only if they have an existing paper based credential i.e. there will NOT be a digital only credential issued and there will always be a bridge to paper to ensure access and inclusiveness.  There has been no discussions regarding other approaches – will certainly share if that perspective changes, but I am not expecting it to <shrug>

Other than the US passport, a PRC or an EAD are two of the most high value credentials issued by the USG. We are going to move forward in a structured, measured and thoughtful way in how we issue digital versions of those credentials and that means not tackling multiple, complex challenges all at once without understanding the lessons and impact (both intended and unintended) from the issuance and broad usage of non-delegated high value credentials which are a cleaner first step.

There exists *existing* business processes that allow for delegated presentation of credentials now. They work well and are used globally. Given that we are not getting rid of existing paper based credentials and how they are presented (delegated or otherwise), we already support a mechanism for delegated presentation. So for those folks for whom delegation is a pressing need right now – they can act on that as they already do!

Re: (2)

This has been extensively discussed in the CCG. I support the decisions that have been reached by the community regarding the delegation technology maturity level. Not re-opening a discussion on which a decision has already been made when no new information/input has changed.

My question to Manu was regarding credential refresh and not delegation,  so looking forward to continuing the discussion on that original topic.

Best Regards,

Received on Tuesday, 4 January 2022 01:31:38 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:25:28 UTC