Hi TAG! If I may, I'd like to assert that a few browser implementers are quite concerned about the effect that this specification might have in the industry. But speaking just for Microsoft, we have been working in the Distributed Identity space for a while, depend on existing DID tech that is widely deployed, but which is oddly put at risk in this specificaion (JWT/CWT). Our overarching concern, is that if this specification becomes a standard, it will be held up by governments and lawmakers as the new requirement for a DiD data model, but will be impossible to get interop in practice (because of the out-of-scope bits that @burnburn mentioned in the OP). In order to actually make this work interoperably, the impact of cannonicalization, signing, and transport protocols for the data model must be considered as well. I just wanted to make you aware of these concerns, and also that we've recently [opened a number of tactical issues agains this spec](https://github.com/w3c/vc-data-model/issues/created_by/nadalin) that the TAG might want to look at as well--primarily these focus on places where the spec assumes JSON-LD and doesn't leave room for JWT/CWT. (For example, see https://github.com/w3c/vc-data-model/issues/491) -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3ctag/design-reviews/issues/343#issuecomment-477212087
Received on Wednesday, 27 March 2019 15:34:14 UTC