@OpenIDExchange Indeed we still need governance, at various nested levels. The world is full of "trust frameworks" (as every trust framework tutorial says at the very outset). The trick with digitising credentials is to minimise the introduction of new and novel governance. -/2
@OpenIDExchange So we should start with the way credentials are governed by their respective communities. The nursing profession for example credentials its members, with rules for what the credential means, how it's issued and relied upon. -/3
@OpenIDExchange Communities of patients are governed separately, with different rule sets for enrolling into insurance programs, admitting them to clinics or registering them for treatments like vaccinations. -/4
@OpenIDExchange 5. So when we digitise credentials in e.g. mobile phone wallets, we need a layer of technology management, with standards, APIs, data carriers, tools for transaction signing, distribution etc. This layer must not interfere with the core credential governance.
@OpenIDExchange 6. That's how e.g. the Apple Wallet works. It has lots of sophisticated and strictly standardised technologies into which credentials (credit cards, boarding passes, driver licences soon) are inserted, without changing the meaning or any of the rules of the credentials. -/7
@OpenIDExchange 7. And then there's the law, the ultimate governance layer. -/8
“If punishment is ... to shape future behaviors, then I think that is a justifiable way to dole it out” — @bgreene
But there’s no “if” about it, because the universe can only play out one way. @Forbes forbes.com/sites/dporterf…
This seems to point to something like the Anthropic Principle. If everything is strictly deterministic and the universe can only play out one way, then our social institutions weren’t designed. Yet they seem to function with sensible outcomes (which Brian even appeals to).
And there’s no room here for a “Blind Watchmaker” to explain this design, because a deterministic universe only has one shot at it.
1/9 "Trust" of course is talked of everywhere. In #IDPolicyForum, a speaker bounced around from cryptographic trust, hardware roots of trust, and an anecdote about trusting the conference organiser because they were introduced by a mutual friend.
2/9 The trouble with this discourse and widespread use of the label is that it over-states what cryptographic "trust" is all about. It inflates lay peoples’ expectations of what #digitalidentity technology delivers.
'What should Biden do in #DigitalIdentity?' panel, @RossNodurft carefully draws a distinction between [the prospect of a] "National ID" versus a "national approach to digital identity". Hear hear!! #IDPolicyForum
In Australia, any mention of national approaches to digital identity as national infrastructure sadly gets bogged down in the spectre of a dreaded National ID. #IDPolicyForum
MyPOV: One way to position a national *approach* without scaring people with a national ID is to remember how retail banking is standardised. All bank cards work in an identical fashion but each is different. There is no single bank account. #IDPolicyForum
Congress now overwhelmingly supports a national unique health identitifer (or at least overturning the ban on a health ID). Dealing with the opioid crisis is a driver. @RepBillFoster#IDpolicyforum
1. There's a always been this strong drive to make ID reusable, to reduce on-boarding friction, reduce accounts & passwords, save cost, even make money. -/2
[I'm dropping all @'s now to avoid annoying people]
3. I have dozens of cards and accounts all labeled "Steve Wilson" and it seems redundant. Can't I boil them down to one? No, they're really not the same identity. Each is a different relationship. -/4