- From: Phillip Long <pdlong2@asu.edu>
- Date: Wed, 30 Jul 2025 14:39:23 +0000
- To: Manu Sporny <msporny@digitalbazaar.com>
- CC: W3C Credentials CG <public-credentials@w3.org>
- Message-ID: <53E51273-7E6D-4C71-8474-0DB614475C63@asu.edu>
Manu: this is encouraging and a tribute to the 8+ hard years that the CCG and its related task forces and workgroups have labored to move these and related standards forward. Change starts with a small group of dedicated people working together, to paraphrase the famous anthropologist Margret Mead, It always does. Thanks for brightening our morning, Cheers, Phil Phillip D. Long, Ph.D. Senior Consultant, Office of the CIO ASU Enterprise Technologies, VC/LER,Digital Identities Arizona State University https://tech.asu.edu/infosec-digital-trust e: pdlong2@asu.edu<mailto:pdlong2@asu.edu> — Senior Fellow, Center for New Designs in Learning and Scholarship Georgetown University e: pl673@georgetown,edu<mailto:pl673@georgetown.edu> https://cndls.georgetown.edu/ — LER Network Consultant T3 Innovation Network, US Chamber of Commerce Foundation Signal: radhertz e: phil@rhzconsulting.com<mailto:phil@rhzconsulting.com> LinkedIn: https://www.linkedin.com/in/longpd — CEO, RHz Consulting, LLC. Inquire-Listen-Design-Prototype-Analyze-Repeat e: phil@rhzconsulting.com<mailto:phil@rhzconsulting.com> LinkedIn: http://www.linkedin.com/in/longpd/ <http://www.linkedin.com/in/longpd/> T: (434) 234-4479 ] On Jul 30, 2025, at 7:29 AM, Manu Sporny <msporny@digitalbazaar.com> wrote: One signal of a successful specification is when people start building on it without any engagement with the original community. This is usually a good sign because it means that the people building on it 1) conceptually understand why the specification is useful -- that is, you didn't have to convince them of anything, they understood the value by just reading the spec/docs, and 2) it's specified well enough to not need hand-holding for a developer to implement and deploy it. We've seen this happen twice over the past month or so with specifications that were incubated in the Credentials Community Group for market verticals that are typically not represented in this community. The first is that Cloudflare has integrated HTTP Message Signatures for their Verified Bots program. That specification was incubated in the Credentials Community Group for 8+ years before being placed onto the standards track at IETF with AnnabelleB and JustinR doing the lionshare of shepherding it through the IETF process: https://blog.cloudflare.com/verified-bots-with-cryptography/ It took 11 years from when the spec was introduced in this community to it getting into production at Cloudflare. HTTP Message Signatures is a good reminder of how long it can take for a good idea to get traction. The second is that agntcy.org, founded by Google, Dell, Red Hat, Oracle, and Cisco, has just launched their AI Agent protocols program as a Linux Foundation project. They're using W3C Decentralized Identifiers and W3C Verifiable Credentials to identify AI agents and provide digital credentials to them so that they can express their capabilities to humans and other AI agents in a way that's cryptographically verifiable: https://docs.agntcy.org/identity/identity/#standards Both of those surprised me (in a good way) -- they were not on my radar at all until they were in production. -- manu -- Manu Sporny - https://www.linkedin.com/in/manusporny/ Founder/CEO - Digital Bazaar, Inc. https://www.digitalbazaar.com/
Received on Wednesday, 30 July 2025 14:39:31 UTC