Re: When Technical Standards Meet Geopolitical Reality

Thanks to everyone who has participated in this thread. I think it is a
wonderful example of the CCG doing what it does best,
a diversity of perspectives debating a gnarly topic whilst remaining civil
and respectful. It is appreciated!

I had been meaning to write something similar to what Tim is saying here
ever since attending a session at the Global Digital Collaboration.
Tim's email finally motivated me to do just that.

I published it as a blog on my substack:
https://www.wordsfromwip.com/p/trust-in-transition

But I will also include the text in this email thread, because I appreciate
the archival nature of the W3C mailing lists.

Read wherever you prefer.

Trust in TransitionReflecting on a powerful session at the Global Digital
Collaboration conference in Geneva and a epic CCG email thread that has
followed

I have been meaning to write something up about a fantastic session I
attended on Day 2
of the GDC conference in Geneva, convened by Dr Emry's Schoemaker
<https://caribou.global/people/emrys-schoemaker/> and [Dr Margie Cheeseman](
https://about.me/cheesman.

The session was titled Trust in Transition and explored identity and
systems of identification within the context of war, climate disasters and
human migration. Critical conversations for our work at the Credentials
Community Group and the wider commuity of technologists working on
identity.

The humanitarian sector is a sector where systems of identification are
undoubtedly and justifiably required. It is also a sector with vastly
imbalanced power dynamics where vulnerable humans far from home must
subject themselves to the identification systems of a state or/and a
multitude of non-governmental organisations (NGOs). Additionally, the
humanitarian sector is vastly under resourced and oversubscribed. Even
conservatives projections into the future must accept that these challenges
are only going to be further excacerbated by our collapsing climate
stability, wars around the world and the terrifying rise in authoritarian
regimes we see today.

Many of these NGOs were represented in the room for this session including the
UN Refugee Agency (UNHCR) <https://www.unhcr.org/> and the International
Federation of Red Cross and Red Crescent Societies (IFRC)
<https://www.ifrc.org/>. State actors less so, although there were a few
big hitters from for profit organisations in the mix.

I made a decision to attend this session because of Emry's of Caribou
Digital. I have so much respect for him and the rest of the Caribou team.
Throughout my PhD I read much of the research and case studies that they
pushed out. In fact that research formed the backbone of one of my chapters
in my thesis <https://napier-repository.worktribe.com/output/3050571>
titled Identification Systems.

Some of their content that remains highly relevant and I that I cannot
recommend highly enough are:

   -

   The difference between digital identity, identification and ID
   <https://medium.com/caribou-digital/the-difference-between-digital-identity-identification-and-id-41580bbb7563>
   by Johnathan Donner precisely articulates the Caribou Digital style guide
   for talking about identity in the digital age.
   -

   The Identities Report <https://www.identitiesproject.com/report/>, an
   excellent, detailed report produced by Caribou Digital as part of the
   Identities Project. Stories of real people, with real experiences and real
   challenges navigating systems of identification in the digital age. From
   India to the world.

These outputs, and many, many more are deep and insightful. They definitely
helped to shape my thinking and perspectives of identity that continues to
this day.

Anyway, I finally motivated to write these words after the latest round of
responses on the CCG email thread - When Technical Standards Meet
Geopolitical Reality - kicked off by Christopher Allen's call to action
<https://lists.w3.org/Archives/Public/public-credentials/2025Jul/0082.html>
and concerns of the direction our community and technologies seem to be
being pulled in.

I don't agree with everything Christopher is saying, but I agree with the
sentiment and appreciate his voice and deep expertise in the space.

Christophers call to action kicked off a mammoth and fascinating email
thread that really highlights the strengths and the heart of the
Credentials Community Group. I am proud to be able to contribute to this
community as one of its chairs during this time.

The whole thread is worth a read, it contains a diversity of persepctives,
personal lived experiences and well-informed opinions from many of the
leaders in this space.

The latest round of emails were in responses to a series of blog
<https://kyledenhartog.com/centralized-ssi/> posts by Kyle raising serious
and thoughtful concerns about the centralization of power that these
technical architectures for identification enable, especially when the
focus is on *some authoratative* issuer issuing credentials to mere holders
and subjects of identification systems.

Over the weekend, after digesting Kyles words for some time Manu replied
with an excellent summary
<https://lists.w3.org/Archives/Public/public-credentials/2025Aug/0041.html>.

If I had to summarize the core of your message, you're suggesting that
we have over-optimized for large government issuers and have therefore
further entrenched traditional power dynamics (that some in this
community don't like). You are saying that when we identify use cases
that we want to address, we need to focus on the power dynamics
created by the solutions. Does it shift too much power and authority
to the issuer, a guardian, the holder, or the verifier? You're
suggesting that we need to explore architectures that don't
over-optimize for the issuer, and then you used an example with age
verification where we put the decision making power in the hands of a
guardian (the parent) instead of the verifier (the website).

...

What I was thinking that you and Christopher were saying was something
along the lines of: Decentralized Identifiers are broken and we should
abandon them. Verifiable Credentials are broken and we should abandon
those too... and so on. When I think what you're saying is that we
need to reevaluate how these primitives are put together into a
functioning architecture; specifically, what credentials are issued by
whom and who depends on those -- decentralize the issuers, if
possible.

A wonderful example of how in the heat of the moment we can mistakenly
infer intentions. Sometimes pausing for breath and coming back with a
considered response is far more fruitful. Manu is a master of this. It is
worth reading his full email response
<https://lists.w3.org/Archives/Public/public-credentials/2025Aug/0041.html>
in full if you have the time.

So as you might see this discussion on the imbalances of power felt highly
relevant to the Trust in Transition session at GDC. Inbalances in power are
a fact of the fabric of the societies that we live in today, but these
inbalances can, and are being, be further entrenched by information
technologies. And especially information technologies designed for the
purposes of recognising, remembering and responding to people and things.

Identity is powerful, just look at how it is weilded across the political
spectrum.

Not only that, information technologies are distrupting and
disintermediating some of the institutions whose role in society has been
to trust within the systems and activity across a domain which they
oversee. This is the OG (original) way societies have scaled trust to meet
the demands of increasingly complex fields of social activity. I tried to
write something to this effect in an earlier email response
<https://lists.w3.org/Archives/Public/public-credentials/2025Jul/0118.html>
on this thread.

Anyway, I digress.

What finally tipped me into writing this piece was a response from Tim Bouma
<https://lists.w3.org/Archives/Public/public-credentials/2025Aug/0046.html>
over the weekend.

Personally, I’ve come to the conclusion that we require a protocol where
the core primitive is ‘issuance’ (signing) such that there is no privileged
role of ‘issuer’ and/or ‘verifier’. Anyone using this so-called protocol,
no matter how disadvantaged they might be, must be on equal footing with
the strongest of users, namely government.

As things stand now, the current protocols simply reinforce the status quo,
and for the majority that’s ok, or don’t know anything differently. That’s
also ok, for the current generation of solutions, but we need to start
looking past that horizon.

This reminded me of something I wrote in my notebook towards the end of the
Trust in Transition session as we turned our attention towards the futures
for the humanitarian sector in relation to identity systems.

We were asked for our vision. Our aspirations.

What paths are we trying to navigate towards?

What futures are we striving to avoid?

These hooks sparked a great conversation around the room. One that, as very
much a guest in this space, I was mostly happy to listen to and digest. As
a wise man once told me, seek first to understand then to integrate.

I did have a vision to propose though. A vision that I attempted to
articulate towards the end of the discussion. One less rooted in the
current reality, more in the adjacent possible. It very much rhymes with
what Tim shared on the email thread.

Simply put: SIGN ALL THE THINGS.

Individuals should be capable of being the source authority over the
reality of their digital lives.

My vision is one of accountability and intersubjectivity between humans and
the systems which identify them and attempt to represent some facet or
fragement of their identity. Humans should be able to understand the web of
accountabilities between them and the systems that what to identify them.

We have much work to go before this is a reality.

However, unlike some voices on this thread, I still have hope. We are
laying the foundations, refining the primitives and exploring the building
blocks and their configurations.

I firmly believe these components open up a whole new possibility space for
designing, building and interacting with digital systems.

It is a possibility space we are only just starting to explore.

Sure, within that possibility space, over in some uninteresting corner, is
all the same systems and approaches we know and dislike today. But that is
tiny compared to what else might be possible.

I think it will take imagination, creativity and courage to bring some of
these possibilities into reality.

It will also take compromise. In certain situations and sectors. The state
isn't going away anytime soon. Like it or not, they are in a certain
position of authority over some of the facts of our lives. In these cases
we should look to gently nudge the framing, like Utah has done wonderfully.

States endorse identity, they do not issue it.
<https://le.utah.gov/~2025/bills/static/SB0260.html>

No one can issue you your identity, and if anyone trys to tell you
otherwise gentle correct them and point to some facets of the multitude of
identities that you contain.

That is probably enough for now.

I will close with an invitation and much encouragement to playfully explore
the possibilities enabled by decentralized technologies like Decentralized
Identifiers and the associated privacy-preserving cryptography primitives.

New digital realms possible. I firmly believe this.


Thanks for reading,

Best,

Will



On Sat, Aug 9, 2025 at 11:02 PM Tim Bouma <trbouma@gmail.com> wrote:

> Personally, I’ve come to the conclusion that we require a protocol where
> the core primitive is ‘issuance’ (signing) such that there is no privileged
> role of ‘issuer’ and/or ‘verifier’. Anyone using this so-called protocol,
> no matter how disadvantaged they might be, must be on equal footing with
> the strongest of users, namely government.
>
> As things stand now, the current protocols simply reinforce the status
> quo, and for the majority that’s ok, or don’t know anything differently.
> That’s also ok, for the current generation of solutions, but we need to
> start looking past that horizon.
>
> Tim
>
>
> On Sat, Aug 9, 2025 at 5:50 PM Daniel Hardman <daniel.hardman@gmail.com>
> wrote:
>
>> >> I would like to share an experience so that my strong words have some
>> softening context.
>> >I wanted to come back to this email, as it's been echo'ing in my head
>>
>> Thank you for the kind and thoughtful response, Manu.
>>
>> >> I think it is dangerous to build an ecosystem where proof of
>> personhood is largely assumed to come from governments.
>> >Yes, agreed; that should not be the only source, but I expect it will
>> be a primary source for some time to come.
>>
>> I'd like to clarify my mental model, because there seems to be both
>> important alignment and important divergence between mine and yours, Manu.
>>
>> Speaking of government, you used the phrase "be the only source". My
>> language was similarly general "proof of personhood comes from". In a
>> sense, it might seem that we're saying almost the same thing. But Let me
>> get more granular.
>>
>> I have no problem at all with the idea that a government-governed process
>> should be the common/default "source" or where "proof of personhood comes
>> from" -- in the near term or into the infinite future. My beef is with the
>> easy conflation of "source" and "issuer". A government process can produce
>> personhood evidence, but I don't want the identifier of the government to
>> be used as the *issuer* of that evidence. EVER. Hard stop, exclamation
>> point, non-negotiable human rights core principle that we don't stray from
>> even in version 0.1 of a system. And I believe we can actually achieve and
>> enforce this by being very careful with our definitions, which is why I'm
>> trying to be so picky about language.
>>
>> On what basis could we maintain the distinction between "source" and
>> "issuer"? In my mind, an acceptable process for issuing personhood evidence
>> would be whatever the government designs, and could use whatever
>> infrastructure the government provides -- but would result in issuance by a
>> named human being who has a publicly known legal identity endorsed by that
>> government for issuance of personhood credentials. This would make proof of
>> personhood just like an adoption decree -- signed by an individual human
>> judge who has delegated legal authority from the government -- NOT signed
>> by "the government" as an impersonal bureaucracy.
>>
>> I also don't want any fields in a personhood credential to attest to any
>> characteristics of legal identity, because legal identity characteristics
>> are changeable, whereas humanity is not. Conflating the two is dangerous.
>> The only fields that should exist in a personhood credential are various
>> biometrics and metadata about the issuance/level of assurance. A government
>> credential that attests to legal identity for a person is derivative of,
>> not equivalent to, proof of personhood, and modeling it any other way is
>> both a concept error and a human rights violation. It elevates government
>> opinion about legal identity facts to a place those facts do not belong,
>> which is on the level of human dignity.
>>
>> If we do it the way I'm recommending, then tribal elders or doulas in
>> remote highlands somewhere naturally function as peers of judges, which is
>> factually accurate, reasonable, just, and inclusive. The only difference
>> between their evidence output is whether you like the governance -- again,
>> factually accurate, reasonable, just, and inclusive. If, on the other hand,
>> "the government" is the issuer of proof of personhood -- or if we have
>> fields in the schema of such a credential that only governments can attest
>> to -- we permanently prevent humans from becoming peers of institutions on
>> the question of humanness.
>>
>> --Daniel
>>
>> On Sat, Aug 9, 2025 at 11:40 AM Manu Sporny <msporny@digitalbazaar.com>
>> wrote:
>>
>>> On Sun, Jul 20, 2025 at 6:40 PM Daniel Hardman <daniel.hardman@gmail.com>
>>> wrote:
>>> > I would like to share an experience so that my strong words have some
>>> softening context.
>>>
>>> I wanted to come back to this email, as it's been echo'ing in my head
>>> for the past several weeks and I wanted to acknowledge the sharing of
>>> a personal experience, thank Daniel for sharing it, and recognize
>>> where Daniel is coming from... which is from one of many acutely human
>>> experiences, which I hope is what we're all trying to improve with our
>>> work.
>>>
>>> For those of you that might have visited countries where you show
>>> your, or your child's, only form of international identification, only
>>> to have (without warning) security personnel walk away with it or
>>> suggest that they will keep it, is terrifying. The flush of
>>> adrenaline; the heat on your face, hits you before you can process
>>> what's going on. I'm sorry you had that experience, and I'm glad it
>>> worked out in the end... and both you and I know it does not always
>>> work out in the end.
>>>
>>> > How does this relate to personhood credentials? I think it is
>>> dangerous to build an ecosystem where proof of personhood is largely
>>> assumed to come from governments.
>>>
>>> Yes, agreed; that should not be the only source, but I expect it will
>>> be a primary source for some time to come.
>>>
>>> > If we raise the stakes further -- governments now decide who the rest
>>> of the world can/should believe is human (and thus worthy of human rights),
>>> I think we are truly in scary territory.
>>>
>>> I agree.
>>>
>>> > Doctors or nurses who sign birth certificates should be able to attest
>>> humanness. Tribal elders should be able to attest humanness. Government
>>> vetting processes that prove humanness should be signed by a human
>>> employee, not by the government itself, because it is the human rather than
>>> the bureaucracy that is safely definitive on this question. We should NEVER
>>> forget this.
>>>
>>> Yes, also agree.
>>>
>>> I would hope that most in this community would agree with all of the
>>> above. What concrete set of things to do about it is the question...
>>>
>>> My hope is that focusing on a few things help:
>>>
>>> * Ensure that one can prove things about your or others in a way that
>>> is so broadly disseminated that "confiscating the original documents"
>>> becomes something that cannot happen. That is, ensure broad
>>> dissemination, true ownership, and consent over transmission of
>>> digital credentials.
>>>
>>> * Ensure that one can prove things about yourself at the proper level
>>> of pseudonymity for the transaction. That is, no phone home, prove
>>> things in zero knowledge, etc.
>>>
>>> * Ensure that fundamental human rights are not centralized purely with
>>> government bureaucracies. That is, enable a broad base of issuers and
>>> many equivalent roots of trust.
>>>
>>> I think the folks in this community endeavoring to standardize stuff
>>> are actively working on at least the three items above, but at levels
>>> that are frustratingly slow. We're putting a lot of effort into the
>>> first bullet item, trying as hard as we can to move the second one
>>> forward (but have been slowed by the painfully slow IETF CFRG review
>>> process and a disinterest by a number of governments and private
>>> industry in funding the work), and are missing a truly compelling
>>> solution for the last item (though birth certificates and notaries do
>>> provide for alternate, positive paths forward... alongside local
>>> government agencies).
>>>
>>> I don't expect any of this will reduce the feeling of concern about
>>> proof of personhood and government intervention in that regard. I just
>>> wanted to note that we are working on technologies that I hope align
>>> more with addressing your concerns than ceding all authority on
>>> human-ness to large and indifferent bureaucracies of any kind.
>>>
>>> -- manu
>>>
>>> --
>>> Manu Sporny - https://www.linkedin.com/in/manusporny/
>>> Founder/CEO - Digital Bazaar, Inc.
>>> https://www.digitalbazaar.com/
>>>
>>

Received on Monday, 11 August 2025 12:30:56 UTC