RE: How much is it reasonable to generalize from the TruAge implementation?

>Out of curiosity, how are people looking to support “Capability detection” while still keeping the wallets and web platform open?

My specific point is the following from my original e-mail:

I think it is important if you seek a future of multiple independent, interoperable and capable digital wallets, the global community (including both the public and the private sector) put energy into developing a shared definition of what capabilities a digital wallet must have, how you can assess and evaluate the quality of those capabilities, and ultimately support mechanisms and process that use those openly developed criteria to do certifications and assessments of digital wallets against a set that shared, open criteria.

What has become clear by the responses is that when folks speak to “capability detection” it means something different for different people.  There needs to be a priority in the community to *develop a shared definition of capabilities* that allows for detecting the granular capabilities of the wallets (TBD) rather than detecting the vendor or jurisdiction that produced it as a proxy for capabilities, while ensuring that the openly developed shared criteria (TBD) take into account an approach that ensures an open, standards-based and competitive ecosystem with input from relevant stakeholders in both the privacy and security communities.

This is not happening right now.

The vast majority of the conversations about wallets are about what protocols and credential formats they support, and not about how the “thing that actually stores and protects the information in credentials” is defined.

Because it is not, the conversation of what a good, standards-compliant, secure and privacy respecting wallet is, is being defined by vendors and platforms articulating capabilities and features only their particular wallet product can meet.

Best Regards,

Anil

Anil John
Technical Director, Silicon Valley Innovation Program
Science and Technology Directorate
US Department of Homeland Security
Washington, DC, USA

Email Response Time – 24 Hours or more; I sometimes send emails outside of business days/times because it works for me; please do not feel any obligation to reply to them outside of your normal working patterns.

[A picture containing graphical user interface  Description automatically generated]<https://www.dhs.gov/science-and-technology>[/Users/holly.johnson/Library/Containers/com.microsoft.Outlook/Data/Library/Caches/Signatures/signature_1972159395]

Received on Tuesday, 14 November 2023 09:11:31 UTC