- From: Joe Andrieu <joe@legreq.com>
- Date: Fri, 13 Feb 2026 08:46:39 -0800
- To: Lars Kæraa Lücke <lkl@cph.ai>
- Cc: Anders Rundgren <anders.rundgren.net@gmail.com>, Jori Lehtinen <lehtinenjori03@gmail.com>, Christopher Allen <ChristopherA@lifewithalacrity.com>, Detlef Hühnlein <detlef.huehnlein@ecsec.de>, public-credentials <public-credentials@w3.org>
- Message-ID: <CAEOiD0Ehh_pytetp2X9ipBZ=ftU+60ARyo4KWV924CeZXEEaoA@mail.gmail.com>
On Fri, Feb 13, 2026 at 2:27 AM Lars Kæraa Lücke <lkl@cph.ai> wrote: > We’ve been following this debate with great interest. The tension between > the EUDI (State-Anchored) and SEDI (Individual-Anchored) models highlights > a critical gap in our current architecture: *How do we trust the Client > without controlling it?* > This is brilliant. It clearly illustrates the disconnect between the EUDI approach and SEDI. Unfortunately, it also illustrates the fundamental error in the EUDI approach. You only need to trust those things you can't control. If you control something, trust is not in question. The question itself isn't well-formed. The point of SEDI is that the inspired leadership in Utah has found a way to ensure that neither the state nor corporations control the means of identification. Rather, they are defining trustworthy mechanisms that enable trust in the digital interactions we have, both in their authenticity (cryptography) and in their appropriateness (privacy). What we have learned from decentralized systems is that it is possible to build a framework of trustworthy data exchange that does not rely on a central entity controlling access or restricting clients. Rather than a topological protocol that defers to a central authority, like OAuth and any Phone Home system, Bitcoin showed how to manage state amongst adversarial collaborators through signed transactions. Apropos to this thread, bitcoin works not because someone has blessed some set of "approved wallets" but by embedding the protocol in cryptographic datagrams independent of the network. You can talk to ANY bitcoin node to get a transaction in, and, frankly, you can use any protocol that node supports. From there out its all datagram. (Yes, there is a gossip network, but it is essentially an unsecured, uncontrolled channel anyone can use and it has essentially no security guarantees.) In short, you don't trust the client, which would be a categorical cybersecurity error. You trust the math. -j -- Joe Andrieu President joe@legreq.com +1(805)705-8651 ------------------------------ Legendary Requirements https://legreq.com <http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> Virus-free.www.avg.com <http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
Received on Friday, 13 February 2026 16:46:56 UTC