W3C home > Mailing lists > Public > public-credentials@w3.org > March 2022

Re: Centralization dangers of applying OpenID Connect to wallets protocols (was: Re: 2022-2026 Verifiable Data Standards Roadmap [DRAFT])

From: Manu Sporny <msporny@digitalbazaar.com>
Date: Tue, 22 Mar 2022 14:56:48 -0400
To: "W3C Credentials CG (Public List)" <public-credentials@w3.org>
Message-ID: <b3522ba7-da84-fa08-e447-ca556bdea727@digitalbazaar.com>
On 3/22/22 2:51 PM, Orie Steele wrote:
> I'm not trolling, you can't just focus on building apps and app layer 
> protocols... you need to focus on the full software supply chain to
> prevent abuse.

Ok, I get (most) of what you were saying now, thanks for the clarification.

> No, but ... we need to acknowledge where vendor lock in exists before we 
> can address it seriously.

Yes, agreed.

> Implementing more web apis that offer access to devices is critical to 
> enabling healthy competition at the layers beyond the hardware and the 
> OS... That Mozilla and Apple are so strongly opposed to this is creating a 
> market pressure that is driving secure use cases away from the web 
> platform... If that's because it's impossible to secure the web platform
> if it has good general purpose device APIs, that's understandable, but if 
> instead that's happening to drive more users into native apps or because 
> browser vendors can't afford to implement secure device apis based on open 
> standards, that's a problem... and not one solved by building more apps or 
> app layer protocols.

Yes, all good points/questions.

> If we can get OIDC to penetrate to these lower layers, it's worth it IMO, 
> armies travel both directions on roads.

Can you elaborate on this point more? How do we "get OIDC to penetrate to
these lower layers"?

-- manu

Manu Sporny - https://www.linkedin.com/in/manusporny/
Founder/CEO - Digital Bazaar, Inc.
News: Digital Bazaar Announces New Case Studies (2021)
Received on Tuesday, 22 March 2022 18:57:04 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:25:29 UTC