- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Sat, 10 Dec 2016 15:14:26 -0500
- To: "Hodges, Jeff" <jeff.hodges@paypal.com>, "Nottingham, Mark" <mnotting@akamai.com>, Adrian Hope-Bailie <adrian@hopebailie.com>, "Varn, Richard J" <rvarn@ets.org>, David Ezell <David_E3@verifone.com>, Nate Otto <nate@badgealliance.org>, "Stone, Matthew K" <matt.stone@pearson.com>, Nathan George <nathan.george@evernym.com>, Kerri Lemoie <kerri@openworksgrp.com>, David Chadwick <d.w.chadwick@kent.ac.uk>, Jay Johnson <jay@qples.com>, Eric Korb <Eric.Korb@accreditrust.com>, Christopher Allen <ChristopherA@blockstream.com>, Phil Archer <phila@w3.org>, Gray Taylor <gtaylor@conexxus.org>, Bob Burke <bburke@kou.pn>, Linda Toth <ltoth@conexxus.org>, Drummond Reed <drummond@respectnetwork.com>
- Cc: Tantek Çelik <tantek@cs.stanford.edu>, "singer@apple.com" <singer@apple.com>, Chris Wilson <cwilso@google.com>, Michael Champion <michael.champion@microsoft.com>, "w3c-ac-forum@w3.org" <w3c-ac-forum@w3.org>, "public-webpayments-comments@w3.org" <public-webpayments-comments@w3.org>
On 12/09/2016 01:54 PM, Hodges, Jeff wrote: > IMV the proposed VC work is essentially yet another take on > federated identity management. Thanks for the input, Jeff. To be clear, Federated Identity Management is not a deliverable of the Verifiable Claims Working Group proposal. It is out of scope. So, to be opposed to the Verifiable Claims WG proposal based on a comparison to the shortcoming of FIM systems would be misguided. We are also aware of the studies that you linked to on the current problems with FIM. A potential *future work item* may be to re-use or extend some protocol around verifiable claims, so we have considered many of the points raised in those documents. To be specific, you are asserting that the Verifiable Claims work is yet another take on Federated Identity Management. That is painting with far too broad of a brush. For example, the basic FIM architecture can be found in one of the documents that you linked to: http://128.248.156.56/ojs/index.php/fm/article/view/4254/3340#p2 A proposed Verifiable Claims architecture can be found here: http://w3c.github.io/webpayments-ig/VCTF/architecture/#basic-architecture Note that the two architectures are quite different. This is by design and is a result of us reading and addressing a number of the concerns that the papers you linked to raised. The Verifiable Claims architecture provides the following benefits/economic incentives, some of which are are quite different from FIM architectures: http://w3c.github.io/webpayments-ig/VCTF/architecture/#benefits Rather than go into each bullet point, I'll leave it there. You linked to 35 pages of content in total and I'm not certain which one of the many points raised in those papers that you are most concerned about. If you can ask more specific questions about how we plan to address a particular shortcoming identified in that paper, I'd be happy to try and explain the current thinking around your specific concerns. To be clear, it is a design goal for the proposed Verifiable Claims work to be as architecture and protocol neutral as possible (much like a CSV file doesn't care about how it is transferred across the Web). As a result, discussion around FIM shortcomings may have very little to do with the Verifiable Claims WG proposal that is currently under consideration by the W3C Advisory Committee. -- manu -- Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny) Founder/CEO - Digital Bazaar, Inc. blog: Rebalancing How the Web is Built http://manu.sporny.org/2016/rebalancing/
Received on Saturday, 10 December 2016 20:15:09 UTC