- From: Michael Burchill <mburchil@gmail.com>
- Date: Sat, 25 Jan 2025 18:14:34 -0700
- To: Manu Sporny <msporny@digitalbazaar.com>
- Cc: W3C Credentials CG <public-credentials@w3.org>
- Message-Id: <5C119571-7247-4643-85ED-9ED06341997D@gmail.com>
This has been a very good thread, in fact this is the first time I’ve wanted to contribute. > At the risk of oversimplifying: Why can't we just start with a list of > DIDs that a verifier software trusts and configure it locally? You > build that list yourself, you get that list from an authority you > trust, or a combination of the two. What doesn't scale with that > approach? > I don’t think this is an oversimplification; this approach covers many use cases that VCs could be solving right now. Since mid-2024, trust has been top of mind for the clients I am interacting with. Two things are clear: Depending on the use case, there may be a need for external, centrally managed trust registries. Many private entities would prefer to keep control over the majority of their trust relationships to avoid the nightmare that certificates and certificate authorities have created for them. So far, what this community has created is very much in the spirit of an open, decentralized, and accessible internet. I don’t think we should discourage centralized trust registries. If they provide value, then they’re justified. However, it’s not something we should be forcing down people’s throats. Let’s not give new names to old problems. > > PS: I'd also like to join Wayne in asking again: What's the going > market rate for a Brad Pitt DID, and can you please link to that > article about the fake French Brad Pitt boyfriend? Clearly, we need to > add "Defending Against Fake Brad Pitts" to the threat model. :P I think George Clooney already has the Brad Pitt DID. regards, Michael Burchill
Received on Sunday, 26 January 2025 01:15:47 UTC