W3C home > Mailing lists > Public > public-credentials@w3.org > March 2022

Re: Centralization dangers of applying OpenID Connect to wallets protocols (was: Re: 2022-2026 Verifiable Data Standards Roadmap [DRAFT])

From: Dmitri Zagidulin <dzagidulin@gmail.com>
Date: Thu, 24 Mar 2022 12:50:00 -0400
Message-ID: <CANnQ-L5xzFNRJA=puJqXaQCbBChaiVbRvNSH4Jcqmf6TYjWU4A@mail.gmail.com>
To: Anthony Nadalin <nadalin@prodigy.net>, "public-credentials@w3.org" <public-credentials@w3.org>
> Why is SIOP  the “worst” solution ? David W.  has asked tis many times
without a proper response I have noticed.

As previously mentioned in the thread -- SIOP is the worst solution (in
terms of usability, security, and centralization/monopolization incentives)
because it relies on the openid:// custom protocol handler. This poses
significant challenges on the desktop, mobile, and web; challenges that the
SIOP spec itself highlights.

On Thu, Mar 24, 2022 at 9:04 AM Anthony Nadalin <nadalin@prodigy.net> wrote:

> >Out of CHAPI, DIDCommv2, and OpenID... OpenID is the most centralizing, worst
>
> solution for Verifiable Credential Exchange on the table today.
>
>
>
> Manu, you obviously don’t understand the difference between OpenID
> Connect core and SIOP to make a statement like that. It seems that this is
> just a thread trying to bash OpenID without understanding.
>
>
>
> Not sure where to begin here as there are so many responses that are all
> over the place.
>
>
>
> Need to separate OIDC and SIOP and discuss how SIOP supports a 3 party
> model and decentralization.
>
>
>
> There is no worst solution, this is all use case driven, it seems you are
> trying to dictate what protocols developers should use without
> understanding what their needs are, just a blanket statement. You seem to
> base your comments on a specific decentralized usecase but don’t want to
> hear about other usecases.
>
>
>
> So please explain why you believe SIOP V2 is centralized ? Why is SIOP
> the “worst” solution ? David W.  has asked tis many times without a proper
> response I have noticed.
>
>
>
>
>
> Sent from Mail <https://go.microsoft.com/fwlink/?LinkId=550986> for
> Windows
>
>
>
Received on Thursday, 24 March 2022 16:51:30 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:25:29 UTC