- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Sat, 14 Feb 2026 13:52:23 -0500
- To: NIKOLAOS FOTIOY <fotiou@aueb.gr>
- Cc: Filip Kolarik <filip26@gmail.com>, public-credentials <public-credentials@w3.org>
On Sat, Feb 14, 2026 at 12:51 PM NIKOLAOS FOTIOY <fotiou@aueb.gr> wrote: > (Expressing my own opinions) EU is trying to enforce security by design through legislation. Legislation is among the weakest forms of security because it can be changed within a year by the whims of human emotion. You need not look further than the United States to see how fragile legislative systems are, though I admit that Europe seems to have stronger controls (for now). Math is a stronger form of security, not susceptible to the whims of human emotion. That said, security is like an onion; it's layered. Legislation + math can be powerful if aligned... but you do need to plan for the legislative layer to rot from time to time, and know where the real security comes from (the math, not the legislation). > I do not think that the goal of the EU is to support big companies . Oh, of course not! I don't think anyone that's paying attention thinks the EU is trying to support big companies -- it's clear, even from across the ocean, that the EU has done the most to stand up to big corporations and try to ensure fair market competition! The issue is that the EU, in it's effort to strengthen security and privacy, is putting legislation in place that is going to harm market competition because the regulatory environment is going to be so difficult to enter that only deeply monied interests will be able to engage. I will be thrilled if I'm wrong here, but this is right out of the big tech tackle box and it looks like the EU is falling for it hook, line, and sinker. As an open source developer and vendor of these very technologies, there is no way we'd be able to exist in the European market without a deep infusion of cash, which would then make us beholden to the same powers that the EU is attempting to protect its citizens from. These large organizations are very clever and the EU is inadvertently helping them achieve some of their goals with an overzealous regulatory environment that doesn't actually achieve the security and privacy guarantees they think they're achieving. "Wallet Attestations" and "Verifier Trust Lists" being just two of the anti-patterns now enshrined in EU legislation. -- manu -- Manu Sporny - https://www.linkedin.com/in/manusporny/ Founder/CEO - Digital Bazaar, Inc. https://www.digitalbazaar.com/
Received on Saturday, 14 February 2026 18:53:05 UTC