11C/ Unified Front for SSI/DI Messaging

From IIW

Unified Front for SSI/DI messaging


Tuesday 11C

Convener: Juan Caballero, DIF et al

Notes-taker(s):

Tags for the session - technology discussed/ideas considered:

#messaging #communications #strategy #ssi #decentralizedIdentity


Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:


Introductions


Riley - messaging is a blocker for adoption (my session alter)


Preaching similar gospels :D

Unclear messaging opens doors to copycats

Naming session from IIW30

Rouven


Confusing each other about details and technical definitions (let’s kill blockchains! Blockchains are mandatory!)

Articulated tradeoffs


Matthew Hailstone - BYU, Indy and Aries background, edu-vc projects


Spec compliance, platforms, interop - how to zoom out for scoping


Tom Jones - User-centricity and UX


Dissent


Ally Medina - Blockchain Advocacy Coalition

VCs and public sector/policy - clearer definitions that aren’t controversial in the community ←→ standards-compliance

Portability and interop -- too fuzzy


Johannes Ernst - IIW regular and cloud liberator - UNHOLY MESS of what it is and what it isn’t - just add simplicity - 9/10 of the concepts needs to disappear for a clear common story to emerge


David Birch - Digital Identity is what I promote; if I don’t understand SSI, how will the general public


Karyl Fowler - Difference within the community could be simplified as well - tradeoffs and specializations within the field


Sankarshan - I’m going to put the “why I am here” on chat.

20 years ago I was handling “objections” from government departments at India around Free and Open Source Software showing how to evaluate and find the value and user experience. Now, I am doing the same circus around SSI and VC and the somewhat evolving UX does not help. The message needs to abstract what fascinates us and focus on what amazes the intended consumer


Agenda


What do the end-users need to know?

Tom: what’s the value prop?

Riley: Everything in your wallet except the credit card (phone for

Dave - functional definition, sure, but what’s the link between what SSI is and that? What’s diff between VCs and SSI?

Matthew:


Slide 3


Riley: Market-Terminology dialectic: KuppingerCole uses SSI, SEO/google, Gartner and Forrester-- markets are defined by brands and concepts that can be cut-and-dry

VCs and DIDs - not out there in the IAM market yet -- SSI is out there tho

Prisoner’s Dilemma of branding - no one incentivized to defect!

Matthew: Blockchain /DLT/DAG all just “blockchain” outside of specialist circles, the market landed on a dumb, limited set of terms

Open standards

Tom: Incumbent IAM - RAND > open standards :D

Bart: Maturity of standards and maturity of products

Bickering over VC cred formats - squandering goodwill?

Fork in the road: could become PGP or get adoption

Global final solutions

Matthew: Multiple roots of trust, multiple networks - implementation flexibility and standards-driven federation of trust platforms

Nuance is in roots of trust

Self-regulate on top of that basis

Balázs: yes BUT going beyond individual identity and self-representation, lots of other entities have identity needs that would benefit from the same toolkit

Self-issued government ID is… silly. Citizenship isn’t an opt-in identity system; how to federate L.E.S.S. and the other kinds is important

Tom in chat: names on birth certificates is voluntary!

Rouven: DID as anchor to which you can bind or unbind data points? Trust platform with multiple poles and power; ID is so much more than a govt ID #

Bart: Unbundling credentials - root of trust is already a legacy mental model, perhaps - in general political economy, unbundling seems to shift power from supply to demand (i.e. from issuance to verification/capture/consumption of data);

Bart: Every govt wants a DID Method and to own/operate the namespace and have lookup rights on the data; Verifier has more power now

Riley: KARYL WHERE YOU AT; some of us are talking about our ENTIRE [human] identities; others are talking about authZ/N (a classic function of IAM); others are talking about B2B credentials; messaging + id cards + b2b creds all in one word?

Tom in chat: GS1 is all messaging formats and identifiERS

Karyl: Our customers (metals manufacturers, for ex.) - we almost never say id and never say “blockchain”- we talk business cases, not use cases

Even coming here or working on standards is a code-switch

David: people (and govts) want to own DIDs - we all seem to share a vision of all people having 12 DIDs at least; govt cases are a “special” not a “general use” case… contextual privacy & separation of concerns?

Rouven: Tradeoffs, not argue for “best solution” or “general solution” - shift the focus from “dids” and infrastructure ownership, to “credential value” - forget whose DID it is, decide what creds you want to assign to it

Axis of trackability and decentralized Palantir

Kaliya: Keybase problem: aggregation and disaggregation - federating public identities (opt-in aggregation) while preserving disaggregation (private life and personal life)

Ally:

Bart: Solution focus - Sometimes we sound like two preteens fighting over their toys?

Bart: No one wants to manage their keys-- keep our eyes on the prize of making KMS usable and making data governable?

//Blockchain - huge disruption that opens up new solutions - what does VC enable?

People will not adopt SSI because privacy - our convenience needs to beat their convenience - what is the Uber-like or Google-like convenience this enables?

Kaliya Young - Everett Rogers - Diffusion of Innovation (1962) - theory about adoption of tech (written about seed experimentation among farmers) - //Geoff Moore’s Crossing the Chasm but more academic

5 stages: knowledge and awareness ; persuasion; decision confirmation ;

Bart: I preFer Nunes’ Sharkfin model

Kaliya: We need to get over 3-sided markets

Kaliya: Trialability, observability, Proof-of-conceptability :D

Kaliya: If adoption is our goal, we need to look at scientific analyses of adoption and innovation

relative advantage

Compatability

complexity/difficulty to learn

trialability/testability

potential for reinvention observed effects

Potential adopters evaluate an innovation on its relative advantage (the perceived efficiencies gained by the innovation relative to current tools or procedures), its compatibility with the pre-existing system, its complexity or difficulty to learn, its trialability or testability, its potential for reinvention (using the tool for initially unintended purposes), and its observed effects. These qualities interact and are judged as a whole. For example, an innovation might be extremely complex, reducing its likelihood to be adopted and diffused, but it might be very compatible with a large advantage relative to current tools. Even with this high learning curve, potential adopters might adopt the innovation anyway.

Bart: I feel like we’re solving for the old paradigm- individual versus platform barons = legacy problemset; let’s look instead at p2p mental models- why doesn’t the bank log into me? We are stuck in hierarchies and power assymetries instead of looking at what we can change

Karyl: I want to hear more about p2p and bidirectional usecases (outside of healthcare?) -

David Luchuk: Healthcare (Canadian context) - I go right to Bouma and Jordan’s govt svcs delivery - “directionality” of services - each service a node on a network with separation of concerns; DIACC: govt service as good mental model of agencies logging into citizens; reversing the directionality of “onboarding”

Bart: My example for Karyl - every service/bank/business that ever sent you an SMS or a letter with a PIN number in it goes away because they know how to find you, they onboard themselves to you…

Moi: Secure Channel

Bart: What you issue is the secure channel (not technically true but it’s true in business-case terms when talking to a sovereign) - i issue you a visa, and that opens a secure channel to you in an emergency abroad

Bart: “I just want it to work like WhatsApp” - multisource/threshold credential-based authentication - news governance model opens up right there

Bart: P2P governance - this is what people want

Margo: My house, my rules - if you don’t have a house, you don’t really have authority to impose rules. SS (in B2C) gives each holder an address for their house

Privacy and regulatory

In B2B this is easier to understand - they WANT discoverability (partic for M2M and API businesses :D)

Find a vector where the power dynamic can be

Retrieved from "https://iiw.idcommons.net/index.php?title=11C/_Unified_Front_for_SSI/DI_Messaging&oldid=23333"