RE: Goals and Requirements for DID Method Standardization? from steve.e.magennis@gmail.com on 2024-11-30 (public-credentials@w3.org from November 2024)

From: <steve.e.magennis@gmail.com>
Date: Sat, 30 Nov 2024 08:36:51 -0800
To: "'Christopher Allen'" <ChristopherA@lifewithalacrity.com>, "'Andres Olave'" <andres.olave@velocitycareerlabs.com>
Cc: "'Manu Sporny'" <msporny@digitalbazaar.com>, "'Steve Capell'" <steve.capell@gmail.com>, "'W3C Credentials CG'" <public-credentials@w3.org>
Message-ID: <021f01db4346$0f7be0b0$2e73a210$@gmail.com>

Christopher, 

 

I think an important distinction needs to be made between how long-lived a credential is and how long a credential is useful. Part 1: Can I prove after 20 years that some entity called BGI.edu and no other issued me an MBA in Sustainable Systems and parenthetically, at the time of issuance BGI was accredited. Part 2:  If 20 years after receiving my digital MBA I present it to someone, can they be compelled to care and if they do care would there be a way for them to stitch together a meaningful historical context of BGI that existed at the time of issuance and potentially convince themselves of a chain of ‘legitimacy’ over the subsequent 20 years.

 

Part 1 I think is not trivial, but a relatively straight forward problem to solve. Part 2 is a whole lot more complicated because it involved more than simply passing along information generated at the point of issuance – it involves a host of future 3rd parties stipulating what additional data needs to be bound to an issuance event to make the credential useful at their future point(s) in time.

 

-S

 

From: Christopher Allen <ChristopherA@lifewithalacrity.com> 
Sent: Friday, November 29, 2024 4:15 PM
To: Andres Olave <andres.olave@velocitycareerlabs.com>
Cc: Manu Sporny <msporny@digitalbazaar.com>; Steve Capell <steve.capell@gmail.com>; W3C Credentials CG <public-credentials@w3.org>
Subject: Re: Goals and Requirements for DID Method Standardization?

 

My challenge for long-lived VCs is that likely they require more than digital signatures, such aa additional proofs. Until we have some better choices for quantum-resistant signatures (a tough nut to crack) that means at minimum publicly provable time stamps with no phone-home or correlation (I currently use 

https://opentimestamps.org and am investigating very large Sphinx hash-based co-signing). 

 

My example use case is that I have over a hundred students that got their MBA in Sustainable Systems from an accredited small college, circa 2009. The school was then BGI.edu, become Pinchot.edu, merged with Presidio.edu, acquired by Dominican College. Multiple states, multiple accreditation bodies. But they should be able to have a credible MBA digital certificate for life. They can’t currently. 

 

Other long-term scenarios are IP transfers (not only copyright & trademark but trade secrets), fiduciary and healthcare directives, marriage related (a particular challenge given same-sex marriage being illegal in many countries), etc. Even many peer credentials need to survive a peers death. 

 

Biggest challenge in this category will be physical real property, or property mixed physical with digital (art in particular). Both will need to be provable 70+ years, well into a quantum-capable future. 

 

— Christopher Allen

Received on Saturday, 30 November 2024 16:36:59 UTC