Re: Centralization dangers of applying OpenID Connect to wallets protocols (was: Re: 2022-2026 Verifiable Data Standards Roadmap [DRAFT])

> No actually. The latest version of OIDC4VPs describes how federations of
any size can be supported by VCs using OIDC4VPs. The method supports
different types of federations and utilises DIF PE.

David, can you say a bit more about this? I'm familiar with the latest
version of OIDC4VP and DIF PE, and as far as I know, neither one of them
has mechanisms to solve the NASCAR / wallet selection problem.
How does your approach solve this?


On Fri, Mar 18, 2022 at 1:42 PM David Chadwick <
d.w.chadwick@verifiablecredentials.info> wrote:

> On 18/03/2022 17:26, Manu Sporny wrote:
>
> On 3/18/22 12:59 PM, Anders Rundgren wrote:
>
> Take Open Banking as example.  How do you select bank when they count in
> the 100 000+ region? The Open ID foundation have solved this issue in a
> radical way: leave it to the market to figure out.
>
> Yep, exactly, Anders.
>
> No actually. The latest version of OIDC4VPs describes how federations of
> any size can be supported by VCs using OIDC4VPs. The method supports
> different types of federations and utilises DIF PE.
>
> The way forward was led by Fraunhofer in the eSSIF lab TRAIN project. We
> have implemented this approach in our VC eco-system. It is very simple to
> implement and is a decentralised approach, in that anyone can set up their
> own trust federation, and any issuer can join any existing trust federation
> providing they abide by the trust rules of the federation. Any verifier can
> decide which trust federation operators to trust.
>
> This will be described in a paper that we have submitted to the Open
> Identity Summit, scheduled for July 7/8 this year.
>
> Kind regards
>
> David
>
> This sort of "Let each Relying Party decide by picking a handful of big
> banks... 'cause we can't possibly fit them all on the same screen" approach is
> exactly what is being proposed w/ the OpenID for Verifiable Credentials work.
>
> "Let the each website decide among all the wallet vendors on the planet! It's
> a market-driven approach!" will just turn into "Well, we can't go wrong with
> Apple Wallet, Google Wallet, and Microsoft Wallet, let's just support those to
> start" decisions being made at the Relying Party... and we all know where that
> story ends -- centralization -- we have years of data showing that it leads to
> centralization in social log in.
>
> ... which is why solving this problem is mandatory:
>
>
> 2. Eliminate NASCAR screens; don't allow verifiers to pick/choose which
> wallets they accept. If you allow either of these things to happen, you
> enable centralization.
>
> None of the OpenID for Verifiable Credentials  specifications solve that
> problem and without solving that problem, you have centralization in the
> ecosystem.
>
> -- manu
>
>
>
>

Received on Friday, 18 March 2022 18:19:46 UTC