Re: VCs at GS1 from Lucy Yang on 2025-02-11 (public-credentials@w3.org from February 2025)

From: Lucy Yang <lucy@identitywoman.net>
Date: Tue, 11 Feb 2025 11:23:41 -0500
To: Phil Archer <phil.archer@gs1.org>
Cc: "public-credentials@w3.org" <public-credentials@w3.org>, "public-vc-wg@w3.org" <public-vc-wg@w3.org>, "public-did-wg@w3.org" <public-did-wg@w3.org>
Message-ID: <CAHbErWkgHW3zsWvGhS1wXpOv2xjZESOZnUJ+5Fpz1-g9zidYZg@mail.gmail.com>
Hi Phil,

It is great to see that GS1 invested in developing the tech landscape. And
thank you for sharing with us the output and the small steps you are about
to take at GS1. Taking a measured approach is sensible.

I also agree that there is quite some complexity in implementing VCs and
DIDs for the majority of organizations. It is even hard for those of us
actively working in the decentralized identity space to keep up-to-date
with what is going on. This is the downside of decentralization - too much
stuff going on at the same time and too many non-trivial decisions to make.
The advantage for long-standing membership-based organizations is that it
is relatively easier to find a balance point between centralization
(convenience) and decentralization thanks to the existing trust you have
with members.

I have a few comments on the tech landscape for your reference:

   - *Missing activities outside of Europe and US: *Knowing that GS1 has a
   global membership base, I'd like to point out that the technical landscape
   seems to be missing activities outside Europe and US. For example,
   TradeTrust <https://www.tradetrust.io/> led by the Singapore government
   to facilitate digital trade, and Trustana <https://www.trustana.com/>, a
   venture-backed commerce platform gaining traction in the APAC region. Some
   of the VC and DID influence may not start in or reach the supply chain
   space, but still worth noting. For example, with MOSIP implementing VCs for
   its Inji module
   <https://docs.mosip.io/1.2.0/collab-getting-started-guide/collab-inji-setup-guide>,
   more developing countries will get exposure to these emerging standards. I
   joined a GLEIF vLEI update session at the last IIW and learnt that the
   interest in vLEs in the APAC region is quite strong.
   - *Geographical differences in adopting standards: *The reason why it is
   important to look at the global landscape of VC and DID adoption is because
   there are geographic differences in how technology is adopted. Some of my
   personal observations/thoughts:
      - Europe is leading the way in a legislation/regulation first
      approach, but the effort is huge and complex. Even though the timeline is
      quite aggressive, I am uncertain whether the market and majority
of players
      will be ready in time. Since many are still funded by government grants
      with an unproven commercial model, we also don't know what will
happen when
      the funds run short/out. I am going to DICE Ecosystems in March to learn
      more about what is going on in Europe.
      - The U.S. is very fragmented and more likely industry-driven in most
      areas of adoption. But the uptake of mobile driver's license in
the U.S. is
      bringing digital credentials to the mainstream attention. The
challenge in
      the U.S. (or North America in general) is the near-term (business) value
      for adopting VCs and DIDs, but we are seeing more and more promising
      implementations of VCs and DIDs that are meeting where the
market is today
      and demonstrating enough value to sustain and advance the
implementations.
      This helps the decentralized identity space to be more
market/value-driven
      and converge around the common business values.
      - What makes APAC, MENA, and many other developing countries/regions
      unique is their lack of legacy technology infrastructure, which
means they
      may encounter one less barrier to adopting new technology. The lack of
      resources in some of those regions also require technology
implementations
      to be super practical as well. Bhutan <https://www.bhutanndi.com/>
      made a strong case through its National Digital Identity
      <https://www.bhutanndi.com/>. There are many other interesting
      geopolitical and economic dynamics in those regions that are
worth looking
      into when evaluating the potential of technology adoption, which I won't
      dive into here.
   - *Distinction between solution providers and actual use case
leaders: *Solution
   providers are playing a critical role in defining standards and
   accelerating adoption of standards, but there is an important distinction
   to make between solution providers and those they are implementing
   solutions for (the actual use case leaders). Hearing directly from those
   paying for real-world implementations can offer valuable perspective and
   insights into adoption level and technology maturity, which may (or may
   not) differ from what you learn from solution providers.

I would like to name a Canadian solution provider, Mavennet/Neoflow
<https://www.mavennet.com/>, which I didn't see in the landscape. They are
doing critical work in the energy supply chain space and also a part of the
DHS SVIP cohort. Our newest CCG chair Mahmoud is the Director of
Engineering at Mavennet.

Thanks again for keeping the community updated about the important work at
GS1 and sharing valuable resources. Hope to hear more about your upcoming
work at IIW.

Best,
Lucy


On Tue, Feb 11, 2025 at 8:29 AM MXS Insights <mxsinsights@gmail.com> wrote:

> Hi Phil,
>
> This is very good news.
>
> I completely understand the measured approach, this kind of change can
> bring a lot of cultural resistance and a methodical approach brings people
> along versus running them over.
>
> Cheers!
>
> Michael Shea
>
>
>
>
> On Feb 11, 2025, at 1:39 PM, Phil Archer <phil.archer@gs1.org> wrote:
>
> Dear all,
>
> I am acutely aware that I and my GS1 colleagues have been almost entirely
> absent from the standards development work around DIDs and VCs for over a
> year. I can only apologise.
>
> However, the topic has been discussed and considered at our senior level
> and I wanted to share the positive output of those discussions here.
>
> First of all, GS1 itself is unknown to almost everyone so a quick intro:
> we're the organization behind the barcode (evil federated/issued
> identifiers, boo!!). Alongside our identifiers that appear in 1 and 2D
> optical symbols and RFID tags there's a catalogue of standards related to
> supply chains and related business processes.
>
> So... VCs are obviously a good fit for our work. We hired two consultants
> whose task was to recommend what, if anything, we should do. The cut a long
> story short:
>
> 1. The reasons why we *should* implement VCs in some way are compelling.
>
> 2. The reasons why we *should not* implement VCs are also strong.
>
> One of the documents created during this process was a survey of the tech
> landscape which we have just published at
> https://ref.gs1.org/docs/2025/VCs-and-DIDs-tech-landscape. Some of you
> will know its author, Ira Bolychevsky.
>
> Following this work, GS1 is committed to taking small steps with VCs. Some
> of our GS1 Member Organisations (such as GS1 US, GS1 Netherlands and
> others) will be able to issue a VC proving that a GS1 identifier is
> licensed by a company we know. GS1 Global Office will act as a root of
> trust. This will be consistent with things like the UN Transparency
> Protocol.
>
> However, as I say, there were also reasons for caution. Therefore, we will
> wait and see the take up and reaction to our minimal steps (what we call
> 'Crawl') before making a decision on whether to invest in 'Walk', let alone
> 'Run'. This means that we are not yet ready to commit to make it a normal
> part of every GS1 Member Organisation's operation. That is my hope and
> expectation, but if we're to make that kind of commitment, we need
> compelling evidence that, today, isn't quite there.
>
> We have a lot of work ahead of us even for 'Crawl' but the journey has
> begun and I hope it will prove to be an important use of the technology
> that people here have worked so hard to create.
>
> Thank you
>
> Phil
>
> ---
>
> Phil Archer
> Web Solutions Director, GS1
> https://www.gs1.org
>
> https://philarcher.org
> +44 (0)7887 767755
> @philarcher.bsky.social
>
> CONFIDENTIALITY / DISCLAIMER: The contents of this e-mail are
>  confidential and are not to be regarded as a contractual offer or
> acceptance from GS1 (registered in Belgium).
> If you are not the addressee, or if this has been copied or sent to you in
> error, you must not use data herein for any purpose, you must delete it,
> and should inform the sender.
> GS1 disclaims liability for accuracy or completeness, and opinions
> expressed are those of the author alone.
> GS1 may monitor communications.
> Third party rights acknowledged.
> (c) 2020.
>
>
>
>
Received on Tuesday, 11 February 2025 16:24:02 UTC