Re: [External] Pop Quiz: Where do DIDs belong from an Enterprise Architecture perspective?

Daniel, I swear some of your email essays are like poetry (at least to me).

I could not agree with you more. When it comes to everyday Internet citizens (vs. enterprises who have the resources to be more sophisticated about cryptographic tools like DIDs and VCs), it feels like the sweet spot is to do exactly what you recommend—have people understand their “critical control point(s)” without needing to—as Alan recommends—expose them to any of the actual underlying complexity.

I’m reminded of Kim Cameron’s analogy to people driving cars. There is enormous complexity “under the hood” (in fact a modern vehicle is essentially a computer on wheels). But all a typical driver needs to do is understand a handful of critical control points and they can drive safely and enjoyably.

That’s what we need to do for digital wallets, digital credentials, and personal AI agents.

Happy New Year to all (I have a good feeling this is going to be a breakout year for this community).

=Drummond

From: Daniel Hardman <daniel.hardman@gmail.com>
Date: Tuesday, December 31, 2024 at 9:40 AM
To: Alan Karp <alanhkarp@gmail.com>
Cc: Merul Dhiman <me@merul.org>, Michael Herman (Trusted Digital Web) <mwherman@parallelspace.net>, Kishore Rajasekharuni <kishore.rajasekharuni@jukshio.com>, public-credentials (public-credentials@w3.org) <public-credentials@w3.org>
Subject: Re: [External] Pop Quiz: Where do DIDs belong from an Enterprise Architecture perspective?
A part of me is in violent agreement with the sentiment that DIDs are low-level details. I think I get all of the reasons why it's desirable for this to be the answer.

However, another part of me is sounding a little bit of a dissonant bell, at the back of my brain. I think we might be ignoring some important nuance.

DIDs are points of control. We talk about "DID controllers". If a user has points of control but doesn't know she has them, in what sense(s) is she really in control? Pet names make points of control tractable from a human memory perspective, but if the mental model of a user doesn't have a place for the control point that they name, do we truly understand what we are accomplishing? Do we need to? How does this relate to sovereignty?

Each of us has many "points of control" over our physical body. Understanding and using these points of control is an important developmental task, and it is never "complete", only "mastered to level X". We're born blinking autonomously, but we also have conscious control over our eyelids very early and without instruction. We typically learn to wink a few years later -- not hard, but takes a little focused intent that we don't spontaneously come up with until we see it modeled. Eventually we learn to ride bikes and play musical instruments and juggle and dance samba with a partner and slow our heartbeats during meditation. These learnings require us to discover and take advantage of control points...

I'm wondering if intentional use of DIDs -- not *all* DIDs under a person's control, but the subset of them that a person deems interesting enough to pay attention to -- is an important outcome of a good "system". I'm also wondering if a good "system" ought to understand which DIDs need to be under conscious control early, which ones ought to be like eyelids that are both consciously and automatably controllable, and which ones should remain unconscious except in rare cases of troubleshooting or weird requirements.

On Tue, Dec 31, 2024 at 9:20 AM Alan Karp <alanhkarp@gmail.com<mailto:alanhkarp@gmail.com>> wrote:
On Tue, Dec 31, 2024 at 3:41 AM Merul Dhiman <me@merul.org<mailto:me@merul.org>> wrote:
This is a very interesting question which often gets asked to me. We have always thought of DIDs and VCs as low level architecture details, and that is where they shall belong its just a technology which allows us to issue and digitally verify data.

I think we never even need to tell the user about the technology which lies underneath, as it is, for them totally not relevant. However we tell them what we solve for them and address their pain points and empathise with them.

That's the right approach, a lesson we learned from one of our projects.  We built a file sharing application that used opaque identifiers (not DIDs) under the covers.  The user only saw petnames except in one place.  Wouldn't you know it?  Almost every user complained about it.

--------------
Alan Karp


On Tue, Dec 31, 2024 at 3:41 AM Merul Dhiman <me@merul.org<mailto:me@merul.org>> wrote:
This is a very interesting question which often gets asked to me. We have always thought of DIDs and VCs as low level architecture details, and that is where they shall belong its just a technology which allows us to issue and digitally verify data.

I think we never even need to tell the user about the technology which lies underneath, as it is, for them totally not relevant. However we tell them what we solve for them and address their pain points and empathise with them.


Best Wishes,

Merul Dhiman
CTO
AuvoDigital OÜ

https://auvo.io<https://auvo.io/>




On Sun, Dec 29, 2024 at 15:57 Michael Herman (Trusted Digital Web) <mwherman@parallelspace.net<mailto:mwherman@parallelspace.net>> wrote:
An interesting related question for a UX expert is: If DIDs are low-level technology artifacts, what are the best/most appropriate UX metaphors to surface in real apps?

Get Outlook for Android<https://aka.ms/AAb9ysg>
________________________________
From: Michael Herman (Trusted Digital Web) <mwherman@parallelspace.net<mailto:mwherman@parallelspace.net>>
Sent: Sunday, December 29, 2024 8:13:29 AM
To: Kishore Rajasekharuni <kishore.rajasekharuni@jukshio.com<mailto:kishore.rajasekharuni@jukshio.com>>

Cc: public-credentials (public-credentials@w3.org<mailto:public-credentials@w3.org>) <public-credentials@w3.org<mailto:public-credentials@w3.org>>
Subject: Re: [External] Pop Quiz: Where do DIDs belong from an Enterprise Architecture perspective?

Thank you for your analysis Kishore.When I say "DIDs", I'm being very literal:
A DID = decentralized identifier = "did:wxyz:1234" character string.

The answer to the question gets into the subtleties of decentralized identifiers (e.g. did:wxyz:1234).. They are not intended to be human-friendly or comprehensible (like a checksum or a GUID); hence in my mind, they are low-level technical/infrastructure concepts/elements - at the very most, the lowest levels of your application architecture (admitting this is actually going too far IMO).

It would be interesting to revisit how a platform like .NET abstracts an identifier up the chain into higher level application objects like an Identity or Principal (.NET terminology).

Michael Herman
CEO and First Principles Thinker
Web 7.0 Foundation / Trusted Digital Web (TDW)

Get Outlook for Android<https://aka.ms/AAb9ysg>
________________________________
From: Kishore Rajasekharuni <kishore.rajasekharuni@jukshio.com<mailto:kishore.rajasekharuni@jukshio.com>>
Sent: Friday, December 27, 2024 8:34:31 AM
To: Michael Herman (Trusted Digital Web) <mwherman@parallelspace.net<mailto:mwherman@parallelspace.net>>
Cc: public-credentials (public-credentials@w3.org<mailto:public-credentials@w3.org>) <public-credentials@w3.org<mailto:public-credentials@w3.org>>
Subject: Re: [External] Pop Quiz: Where do DIDs belong from an Enterprise Architecture perspective?

My understanding - DiD can be part of  Party Management in the Business architecture layer.  At the application architecture layer, it can be the Digital Identity module exposing APIs for Onboarding, Identity Proofing and Fraud Detection. The underlying Digital Identity Apps / Portals can be part of the Technology / Infrastructure architecture.

regards
Kishore


On 27 Dec 2024, at 12:07 PM, Michael Herman (Trusted Digital Web) <mwherman@parallelspace.net<mailto:mwherman@parallelspace.net>> wrote:

Are DIDs part of the:
- Business architecture/layer/domain
- Application architecture/layer/domain
- Technology/Infrastructure architecture/layer/domain?

Get Outlook for Android<https://www.google.com/url?q=https://aka.ms/AAb9ysg&source=gmail-imap&ust=1735886469000000&usg=AOvVaw3dZOsMm5uX8vKzgHgmZY6E>