- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Mon, 23 Jan 2023 17:52:29 -0500
- To: W3C Credentials CG <public-credentials@w3.org>
On Mon, Jan 23, 2023 at 4:18 PM steve capell <steve.capell@gmail.com> wrote: > I'd expect that uptake will sort out competition. Simplicity usually wins the day. It's dangerous to bet on that, isn't it? The best/simplest technology is not guaranteed to win in the long run. There are many aspects to a technology succeeding, and we can't discount education and marketing as some of those factors... especially when there is an active marketing counter-campaign going on right now to dilute the term "verifiable credential" to mean something it isn't. This is related to the VCWG megathread around gutting the Verifiable Credentials data model in the name of "building a bigger tent": https://github.com/w3c/vc-data-model/issues/947 If people want a "big tent" term, we should follow the "Canadian National Technical Specification for Digital Credentials and Digital Trust Services" lead and call them "digital credentials". It's one of the things, among many, that the Canadian federal team got right. Through our customer engagements, we have noticed a significant uptick in vendors attempting to confuse organizations by insisting that they've been doing "verifiable credentials" for years and then citing a bunch of technologies (such as bare JWTs) that are clearly not verifiable credentials, but are instead their own proprietary solutions or different standards (or pre-standards) such as mDL or mDoc. There is nothing wrong with using the term JWT/mDL/mDoc, or Verifiable Credential... but there is a big problem with calling an mDL a Verifiable Credential (or a Verifiable Credential an mDL) -- two observably different technologies. They're both types of "digital credentials"... but calling one the other is, at best, misguided, or at worst, disingenuous. ... or in other words, diluting the "Verifiable Credentials" name to mean "any digital credential technology" in an attempt to possibly 1) ride on the coattails of what this community has been doing for 7+ years while not supporting the features that make Verifiable Credentials useful, or 2) confuse the customer into adopting a proprietary solution, or 3) sell an alternate stack that has little to no demonstrable cross-vendor interoperability. > I note the "grand unified theory of trust" presentation that puts a lot of weight behind KERI. It could well be that I've simply not understood it properly but it seems to me that KERI adds a lot of complexity for very little value. I have the same set of confusions around the KERI stack, for more or less the same reasons that you highlight, but have chosen to "let the market sort it out" rather than try and argue the points from an academic standpoint. -- manu -- Manu Sporny - https://www.linkedin.com/in/manusporny/ Founder/CEO - Digital Bazaar, Inc. News: Digital Bazaar Announces New Case Studies (2021) https://www.digitalbazaar.com/
Received on Monday, 23 January 2023 22:53:19 UTC