Re: How much is it reasonable to generalize from the TruAge implementation?

From a human rights perspective, is there any difference between Capability
Detection and Product/Vendor detection in the context of Holder Binding?
What you're asking people to choose is a capability they do not control.
For example, we all have a choice of Apple, Android, or Purism phone OS as
vendors. Purism may not offer holder binding capability. The Apple holder
binding capability may be different from the Android holder binding
capability. How do I choose? One vendor has a track record of leading with
privacy. The other has a more open platform.

I hope we can stop using euphemisms like Capability Detection when talking
about people. Let's start by calling Holder Binding what it is. Or do we
mean Holder Locking? Are these two different capabilities?

Adrian

On Mon, Nov 13, 2023 at 12:15 PM John, Anil <anil.john@hq.dhs.gov> wrote:

> >I'm increasingly concerned by this whole "approved/certified app"
> concept. […]
>
> >Unless these certifications are based purely on "detecting features"
> (you've proven that you have an HSM-bound private key)
>
> >instead of "detecting vendors" (you've proven that you're Apple, come on
> through), I'm concerned that the road we're walking down leads
>
> >to centralization and anti-competitive behaviour wrt. certification.
>
>
>
> This is a concern that I share and is something we have discussed
> internally as well.
>
>
>
> The following is from an e-mail that I had sent to the Open Wallet
> Foundation Listserv back in August, that seeks to provide a bit more detail
> on this topic:
>
>
>
> Zooming out a bit, one of the motivations for our Digital Wallets and
> Verifiers solicitation is that when it comes to the 3 party identity model
> (Issuer, Holder, Verifier) there is significant amount of energy being
> expended when it comes to the pipes (protocols) that connect those 3
> entities and the payloads (data models) that move within those pipes.
>
>
>
> However, we are concerned about the **lack** of similar investments of
> attention and treasure to date to determine “What makes a good digital
> wallet?”.
>
>
>
> U.S. Customs and Border Protection and U.S. Citizenship and Immigration
> Services are both Issuers and Verifiers of very high value global
> credentials related to cross-border travel, employment and immigration. At
> a mechanical level, when a digital wallet shows up at our front door, we
> need to have an understanding of the security, privacy and interoperability
> capabilities of that wallet before we can make a decision to issue
> credentials into that wallet and verify credentials coming from that
> wallet.
>
>
>
> In an ideal world that could in-part consist of some manner of real time
> query, challenge, interrogation that could give information on a certain
> sub-set of the capabilities of that wallet.,
>
>
>
> However, there are simply some capabilities that are not amenable to such
> an approach. Which means, there needs to some manner of
> evaluation/assessment done of that wallet that results in some manner of
> trust mark provided by an acceptable entity that provides confidence to the
> issuers and verifiers that the wallet has been tested and assessed to have
> a specific set of capabilities.
>
>
>
> I tend to call this “Capability Detection” and contrast it with what is
> going on in the market right now which is simple “Product/Vendor Detection”.
>
>
>
> I think it is important if you seek a future of multiple independent,
> interoperable and capable digital wallets, the global community (including
> both the public and the private sector) put energy into developing a shared
> definition of what capabilities a digital wallet must have, how you can
> assess and evaluate the quality of those capabilities, and ultimately
> support mechanisms and process that use those openly developed criteria to
> do certifications and assessments of digital wallets against a set that
> shared, open criteria.
>
>
>
> In the absence of such investment, you will end up in a place where
> decisions regarding the acceptance of a digital wallet are based on the
> vendor or jurisdiction that produced it, with no understanding of how that
> wallet manages, uses, shares and potentially monetizes the very private and
> sensitive data in the wallet. And over time, the number of wallets will
> naturally reduce down to handful of entities who control **your** data
> within **their** wallet – rather than the promise of individual agency
> and control that many seek with the use of the 3 party model.
>
>
>
> We support and desire a future that is focused on “Capability Detection”
> and NOT “Product/Vendor Detection” when it comes to digital wallets, and
> that is something we would like to move the needle on.
>
>
>
>
>
> Best Regards,
>
>
>
> Anil
>
>
>
> Anil John
>
> Technical Director, Silicon Valley Innovation Program
>
> Science and Technology Directorate
>
> US Department of Homeland Security
>
> Washington, DC, USA
>
>
>
> Email Response Time – 24 Hours or more; I sometimes send emails outside of
> business days/times because it works for me; please do not feel any
> obligation to reply to them outside of your normal working patterns.
>
>
>
> [image: A picture containing graphical user interface Description
> automatically generated] <https://www.dhs.gov/science-and-technology>[image:
> /Users/holly.johnson/Library/Containers/com.microsoft.Outlook/Data/Library/Caches/Signatures/signature_1972159395]
>
>
>
>
>