- From: Daniel Hardman <daniel.hardman@gmail.com>
- Date: Mon, 11 Aug 2025 13:32:45 -0600
- To: Manu Sporny <msporny@digitalbazaar.com>
- Cc: "public-credentials (public-credentials@w3.org)" <public-credentials@w3.org>
- Message-ID: <CACU_chknO8y3xrL58MJfeuamBHwBSTCZMQ5sstMu_ib54C5gWA@mail.gmail.com>
>>What you're talking about sounds a lot like how OpenCVRS works wrt. birth declarations... The only difference here is when that digital credential pops out of the process... What it seems that you're looking for is for digital credentials to exist by the certifier, attendant, and the parents first. Those are the things you are saying must be foundational and the government should only recognize (or not) those foundational things as a second digital credential. Translating that to something concrete, it means that if we were to use verifiable credentials for this activity, there would be VCs from the certifier, attendant, and the parents, and then a VC that would refer to those and/or wrap those by the local vital records agency (as a second step). Is that accurate, and if not, where did I go wrong? This is close to how I might summarize. YES - tbere should be two forms of verifiable data, and the government's credential should be second, and endorse information created earlier, elsewhere. However, I think there's still a core part of my argument that I'm not getting across, because the summary above doesn't emphasize how the two types of data differ except by issuer. Let me try to refine. It is not necessary to know (or have) a legal identity to be a person. If I encounter a stranger, I know they are a person (and could even testify to that fact in a rigorous court proceeding or a war crimes tribunal) long before I ever get around to wondering what their legal identity is. A stateless person may have no legal identity, but they are indisputably a person. So if we say that a personhood credential is issued by a government, and if we put fields in the schema of that credential that only a government can attest to, then we teach the world to ignore this distinction, and we implement stacks that make the short-circuit inevitable. Not only do national governments have a monopoly on the use of force to enforce their legal regime, they also end up with a monopoly on the question of whether a particular entity is a person or not. This is the human rights violation that I claim is intolerable. The first verifiable data in my mental model should attest the existence of a person. The focus of the required fields in its schema should be whatever is practical to uniquely identify an individual human being. That probably means biometrics of various types, but also less strong identifiers like birthmarks, parentage, blood type, etc. Some basis of comparing a human to the verifiable data is needed, but I don't want to narrow the options to just one biometric type, or just to extremely strong ones. Any biometric fields that are not null in this data must be selectively disclosable. Essential metadata should also be part of the schema (e.g., DOB). For convenience, there could also be some given and personal name hint fields, but these fields MUST NOT be construed as an assertion about legal names, because the question that this data answers is NOT whether this person has a legal identity, but whether the described entity is a person at all. Also, since these fields contain mutable data and the rest of the fields do not, I'm tempted to exclude name entirely to avoid confusion. I've called this artifact "verifiable data" instead of a "credential", because I don't think it should be bound to a cryptographic identifier for a holder. Babies can't be holders, and a lot of stateless persons lack access to tech, too. Their proof of binding is their inherent ability to match the biometrics, not fragile cryptographic control. A good name for this artifact might be a "personhood affidavit". Although this affidavit might be hidden or suppressed or deleted from various registries, as long as the original exists somewhere, the personhood it proves cannot be broken by a human trafficker or a hostile or uncaring government. (I read today that Epstein or Maxwell compared young victims on Epstein's island to disposable kleenex, to be discarded as worthless after they'd served their purpose. History is replete with similar objectifications. A personhood affidavit must withstand such assaults on human dignity without recourse to legal systems that may prove far weaker.) Even if an individual affidavit does get lost, it can be recreated (with lower assurance about DOB) simply by transparently and formally witnessing the existence of a person again. I think the issuer of this verifiable data must be one or more individual human beings. They could be human beings that have a trusted role authorized by a government (e.g., judge, doctor, nurse, tribal elder, etc), and they could be registered somewhere to give them gravitas with strangers, and they could (and should) follow carefully processes mandated by authorities, and they could use government tools for the mechanics -- but they still have to issue with their own identifiers, in their own names. I don't think we should encourage trusting any nameless bureaucracy or any pure piece of technology to attest humanness. Once a personhood affidavit exists, then I think a government (that is, an identifier controlled by a government bureaucracy via its IT infrastructure) could issue a birth certificate. This artifact should reference a personhood affidavit. It shows that the data in the personhood affidavit has been checked, accepted as referring to a unique and previously unregistered person, and recorded by a government vital records office. For convenience, it may repeat some of the information from the personhood affidavit, but there should be no confusion about where personhood came from (elsewhere!). In addition, it adds information that is connected to legal identity -- the full legal name of the person, and the legal parents or guardians of the person, for example. I have no problem with this part; a government truly is authoritative about the legalities it recognizes for a given human being. Further, birth certificates can be changed if the legalities around a person change (name change, adoption, etc.). But we should never imagine that governments change personhood. So, to restate my beef: I'm not just focused on "when a credential pops out". I'm focused on keeping these two types of data very separate. The first data isn't a birth certificate from the government bureau of vital statistics -- the second and derivative one is. The first data doesn't have to be at a local records office, either. It logically pre-exists any interaction with offices.
Received on Monday, 11 August 2025 19:33:04 UTC