W3C home > Mailing lists > Public > public-credentials@w3.org > March 2022

Re: Centralization dangers of applying OpenID Connect to wallets protocols (was: Re: 2022-2026 Verifiable Data Standards Roadmap [DRAFT])

From: Orie Steele <orie@transmute.industries>
Date: Tue, 22 Mar 2022 11:31:13 -0500
Message-ID: <CAN8C-_J2P6DEW97L1Tg0b8w-+x33B7296sBXh_8SkWp4rMZgqg@mail.gmail.com>
To: Dave Longley <dlongley@digitalbazaar.com>
Cc: Joe Andrieu <joe@legreq.com>, Credentials Community Group <public-credentials@w3.org>
Great news!

You can choose from 3 browsers and 4 operating systems.

"Wallet Apps" rely on trust in these in order to do anything related to

"Wallet Apps" outside the OS layer will always be less trustworthy, and OS
providers can leverage their control of the OS layer to create wallet
capabilities that no app could ever achieve.

Then binding directly to the OS capabilities they can ensure that no market
for "wallet apps" exists.

The OS is the original wallet... If you don't control the OS, and the
hardware... your identity is just rented to you.

Sometimes being root is a good thing.


On Tue, Mar 22, 2022 at 11:22 AM Dave Longley <dlongley@digitalbazaar.com>

> On 3/22/22 1:53 AM, Joe Andrieu wrote:
> > Hmmm...
> >
> > How is my wallet incentivized to falsify my consent?
> >
> > That's seems like worrying about revolvers that are incentivized to
> > misfire. Once it becomes known that a particular revolver has poor
> > performance characteristics, people will stop buying it. Problem solved.
> > Companies are always going to have varying quality in their products.
> > Choose wisely.
> >
> > If a wallet is compromised, you're screwed. Period. Trusting your wallet
> > is fundamental to being able to trust anything in the system.
> +1
> This is also why wallet choice is essential. If users don't have the
> freedom to choose their wallets, this feedback loop gets messed up. So,
> if we are worried about wallets mistreating their users -- then the
> solution is to ensure that users have the freedom to choose whatever
> wallet they want.
> --
> Dave Longley
> Digital Bazaar, Inc.

Chief Technical Officer

Received on Tuesday, 22 March 2022 16:31:38 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:25:29 UTC