Live from the Computer History Museum (IIW 36)

August 05, 2023 00:45:49
Live from the Computer History Museum (IIW 36)
The Rubric
Live from the Computer History Museum (IIW 36)

Aug 05 2023 | 00:45:49

/

Show Notes

Today on the show we talk with the co-founders and co-organizers of the Internet Identity Workshop: Doc Searls, Phil Windley, and Kaliya Young, about DIDs and DID methods from IIW 36, the Internet Identity Workshop in Mountain View, CA, held at the Computer History Museum. Episode IIW 36 was recorded live during a session at the event.    References Computer History Museum https://computerhistory.org/   DID Directory https://diddirectory.com/  Doc Searls https://www.searls.com/  EdX – Getting Started with SSI https://www.edx.org/course/getting-started-with-self-sovereign-identity  Identity Woman https://identitywoman.net/  Internet Identity Workshop https://internetidentityworkshop.com/  Legendary Requirements http://legreq.com/ Picos https://www.windley.com/archives/2021/07/ten_reasons_to_use_picos_for_your_next_decentralized_programming_project.shtml  Reality 2.0 https://www.reality2cast.com/  Rebooting the Web of Trust  https://www.weboftrust.info/  Technometria https://www.windley.com/  W3C...
View Full Transcript

Episode Transcript

Speaker 0 00:00:00 <silence> Speaker 1 00:00:07 Welcome to the Rubric. I'm your host, Joe Andrew. Speaker 2 00:00:10 And I'm Erica Connell. Today on the show we talk with Doc searls, Phil Windley and Khalia Young about DIDs, and did methods from I I W 36, the Internet Identity Workshop in Mountain View, California held at the Computer History Museum. We are recording in front of a live studio audience, thanks for joining us. Speaker 3 00:00:33 My favorite DID Method is the one we don't have yet that I have to use. Speaker 2 00:00:38 Phil Windley is a senior software development manager at a w s Identity. He's also the co-founder and organizer of the Internet Identity Workshop. He was previously an enterprise architect and principal engineer in the Office of Information Technology at Brigham Young University. He was the founding chair of the Sovereign Foundation, serving from 2016 to 2020. Writes the popular Techno Matria blog and is the author of the books Learning Digital Identity, published by O'Reilly, the Live web, published by course Technology and Digital Identity published by O'Reilly. Bill has been a computer science professor at B Y U and the University of Idaho, founder and c t o of several internet technology companies, and served as c I O for the state of Utah. He holds a PhD in computer Science from University of California. Davis Doc Searles is a veteran journalist and co-founder and co-organizer of the Internet identity Workshop. He is currently based in Bloomington, Indiana, where he and his wife Joyce, are visiting scholars with the Ostro Workshop at Indiana University. Khalia Young, known as the Identity Woman, co-founded the Internet Identity Workshop with Doc and Phil in 2005. She's the founding partner at Identity Woman in Business, a global consultancy focused on enabling organizations of all sizes and types to succeed in building on and transitioning to the emerging decentralized identity standards. Speaker 1 00:02:12 I wanna start out with a question for all of our guests, and this is sort of a self-introduction if you will. You three have been involved in user-centric identity for over a decade. So how do you see DIDs advancing the state of the art? Speaker 4 00:02:28 I'll go first. Um, DIDs I, I think, are a interesting from a couple of perspectives. Um, in the past, we have largely had identifiers for people which were reusable. Um, not all, but most identifiers that we think of using online are things like email addresses. And if I, my email address happens to be on a domain name that I own, if I stop paying rent on that domain name, somebody else could buy it, and then they could have that exact same email address. And of course, uh, that, that reusability is, it has security implications, right? Um, the, the other thing that I think is interesting is that DIDs our, um, cryptographic, right, unlike most of the identifiers we've used in the past, like email addresses, DIDs have a underlying cryptographic layer. They can be linked to, uh, public keys and endpoints to the DID doc and, and that sort of, um, that idea I think is important. Um, and then the, the third thing, which I think sets DIDs apart is that they, uh, can be, I mean, depending on the DID method, uh, under the, uh, controller's control, right? That's kind's a little bit of weird, weird way to say it, but, uh, that they're controlled by the person or, or who they identify. Um, and, and that's also I think, a very different kind of, um, property that we haven't seen in the past. Speaker 5 00:04:07 So when I talk about DIDs, I describe them as essential underlying infrastructure to get us out of the centralized registries at a global level. So the phone number system, the d n s system, there are these giant name spaces managed globally or private name namespace, where our identifiers are under someone else's control. Like my Twitter handle is under Twitter's control, and my Gmail address is under Gmail's control. So if the only two options are private name spaces and centralized or, or globally managed registries, what else do we have? Now we have DIDs that are this path out of those two paradigms of identifiers that we've lived with for a really long time. Speaker 3 00:05:02 So to me, a did is, uh, pass part civil of the verb to do <laugh>. Um, and, um, it, it's one of these things we do in tech where we'll take something that is an ordinary word somewhere else and then use it in a technical way. We did that with graph, you know, like your social graph and 99 still 99 point x percent of the world doesn't know what a social graph is, but the techies do. This is gonna be a really hard problem to solve the whole identity thing. Uh, uh, Joe, you said that, uh, we've been at it for over a decade. I think all of us have been at it since the last millennium. And you too, <laugh> actually. So, um, this is a hard problem to solve, and, uh, DS are part of a, uh, a conceptual framework that we've been calling s s I for self-sovereign identity. Speaker 3 00:05:49 And I think it's just worth even other sub controversy around that, especially around, around the word sovereign, which by the way, has lots of meanings in, in politics and other things. But, um, Devin Reto, who, like, I think he came once or twice to this conference, um, long ago, gave us this really interesting distinction that I is still with us. Which one is that there's a difference between administrative identity and self-sovereign identity and administrative identity is the D M V gives you a driver's license, your school gives you a school ID and IDs come from administrative entities, and we are known separately to all those different, um, all those different entities. And our, our id, our identities are all, are the collection of rectangles we carry in our pockets and the identifiers we remember when we go to a website and it's all inside of an administrative framework. Speaker 3 00:06:43 And the other kind of identity is the one that we walk around with in the ordinary physical world where, um, I am David or Dave to my family, uh, and to my wife, um, uh, who after she met me said, what, what's your real name? You know, but, and I told her, she said, I'm gonna call you that. Um, but most of the world calls me Doc, and it was an accident that I got that as a nickname. I'm not a doctor of anything. Um, I'm like one of the musicians or ball players or something. But we, we go through the world selectively disclosing really along with Kim Cameron's seven laws, you know, minimum disclosure for constrained use, um, uh, consent from by others, um, uh, you know, direction to whoever needs to know. And there's a, everybody's informed in a more or less need to know basis in the everyday world. Speaker 3 00:07:32 But the digital world is very, very different. The digital world is explicit. The everyday world is very tacit. I kind of a tacit understanding of what people call themselves, and it kind of allowed them to call themselves whatever they want. And I have a memory of some of that. I don't remember all of it. And we, you know, all of us are wearing name tags. There's Jeff o you know, so, I mean, I'm trying to think. It's, it's Orle, which is German for organ. I know that. So, um, uh, he's an, he's an orle donor for everybody of, of, of wisdom. Um, the, it, it, the vernacular of the everyday world doesn't matter very well to the digital one, but what DIDs do for not just us, but the things that we have, um, give us a bridge to, for, to me anyway, to go from the vernacular world of that we live in, in the physical plane to the digital world, where we're starting to take control for the good of the companies of the world too. They don't need to remember everything about us. That's inconvenient. Speaker 1 00:08:30 So DIDs are part of a larger ecosystem of technologies and policies that are trying to realize this notion of either self-sovereign identity or user-centric identity or decentralized identity. We have all these different terms that have different nuances, but they don't sell the problem by themselves. And I'm curious how you guys see the larger picture of how DIDs interrelate with other technologies to actually change the services, uh, that we use in our lives. Speaker 3 00:08:55 I, I am very supportive of everybody who's trying to help solve this. I have at least nine wallets on my phone. I don't use any of them yet. Um, I'm waiting for the invention that mothers the necessity of DIDs everywhere. Somebody will come through with that. I don't know who, but somebody will. I have faith in that. Speaker 4 00:09:14 I think what's interesting about Ds, like you say, is they don't really solve the identity problem in total. They are a foundational layer, which provides something that you can build on top of. So DIDs, um, like I mentioned earlier, have a cryptographic basis. And what that means is that every did has at least one, uh, public private key pair associated with it. Um, tangentially, one of the beauties of DIDs is that they are an indirection to the public key so that the public key can be rotated for various purposes. But, um, because they have a cryptographic basis, they allow, uh, people to use public key cryptography for secure communication with, um, without having to manage all of the keys. And they, they solve a lot of the problems that people have had with using public keys, uh, just for everyday use, uh, in the past. Speaker 4 00:10:20 What that means is that they give us a, uh, communications overlay network on top of the internet that has security built in for peer-to-peer communications. Now, what can you do with that? Well, it is true that if we exchange ds, and now I get a message from you, I know it came from Joe or from Doc or whoever, right? But that's not everything we need from identity. So it provides that secure messaging foundation that gives us authenticity, uh, gives us confidentiality that then we can build other things on top of that, solve different identity problems. Speaker 5 00:11:01 I think for everyday people, you know this question of like, where will we see this infrastructure and, and touch it? And for myself, I, I'm Canadian, I've lived in the United States my whole adult life, but I have a green card. And the folks in U S C I S are preparing to launch digital versions of green cards using this technology, um, issuing, issuing, using as the identifier field A did that you bring yourself and then they'll issue you the green card with the verifiable credential format, which is one of the things that goes along with ds. And it's really cool because right now the way we do identity verification on the internet is through the analog hole <laugh>, right? Like, hold up your card to the camera. 'cause there is currently no digitally native format of signed attestations from authoritative sources that issue things like driver's licenses and passports and birth certificates. Although, um, in California last year, we just passed a law SB 7 86, that gives counties the, the ability if they want to, to issue vital records documents in the verifiable credential format. And they did this in part first super practical reason during the pandemic. Several counties ran out of the special paper they are required to print these documents on, and there was no alternative in the law. Speaker 5 00:12:41 So I think, you know, I don't know if those are everyday life things, but certainly and enabling, um, documents to be issued in digitally native formats. Really good. Speaker 2 00:12:56 What do you think is the biggest impact that DIDs will have on individual lives? Speaker 4 00:13:03 I'm not sure that DIDs are going to necessarily be visible to people, right? So when we talk about impact, they don't necessarily have to be visible to have impact. But, you know, I think sometimes we think of, well, you know, when will people start using dss? When will we see dss? I mean, most people are never even gonna know they have dss, right? They're, what they're gonna have is they're of an application and they're gonna say, oh, I wanna connect with Erica and you're gonna connect and create this relationship underneath it all. There's gonna be DSS and public private key pairs and all sorts of stuff that's happening. Most people won't be aware of any of that in the same, I mean, right now we're woefully aware of all of the identity stuff we have to do, like, oh, type in your username and password and, you know, oh, get an S m Ss, and we're, we, we just are always aware of it. I think, I think they're gonna be underneath the covers. But, you know, the impact, I think of a secure overlay network that allows this kind of, um, authentic relationship that provides confidentiality on a peer-to-peer basis can't be overstated. That it, it could change literally almost everything we do online because it provides us with a new way of connecting and interacting with people that has not been possible before. Speaker 3 00:14:24 I think everybody and everything that can be known will have a did. And uh, and like Phil said, we won't know whether that's a did, we won't call that a did just assume that's what's going on, that, um, and that others will be informed on a need to know basis. That's sort of the, to me, the main thing is that, uh, we'll move more and more of knowing and identifying things outside of centrally controlled systems. Uh, and that's, that's probably gonna be a gradual and, and not obvious thing, but there'll be things that will disappear, you know, like some two-factor authentications, for example. And, um, having to know logins and passwords for everything. If, if logins and passwords go away alone, and if that happens suddenly that will be gigantic and everybody will love it. Um, but then there will be a lot of people who will legitimately considering the fact that we've been spied on more or less for the last 15, 20 years, will start suspecting that. But if it works the way it's supposed to, um, somebody will do the PR on it that says, wait, no, no, no, really, this is better. This is a better way. You know, but I dunno if it'll happen all at once. I mean, to me, an open question is when when is it that Google, apple and Microsoft step in and make this thing work, or if they ever will? Speaker 5 00:15:43 Well, the good news is two of those three companies have people here today, uh, genuinely working really hard to see how they can make it work. So that's good. Speaker 1 00:15:56 So are there any examples of, did use either planned or potential that you're particularly excited about projects you're rooting for? Speaker 4 00:16:06 So there are two different ways that DIDs get used. Speaker 4 00:16:11 Some DIDs are public DIDs recorded in what's, uh, called a verifiable data registry to not be. I, I think that term gets us away from being very specific about the underlying technology and just talks about the goals that we want from it. Uh, and those are normally used to identify a company or something else that is public, a public thing or a public place might be that kind of public did. And those really are how we've thought of identifiers as identifiers that are, are, uh, naming something, right, not something specific. The other way DIDs get used is in what's called a peer did method. And, uh, peer DIDs don't name things so much as, or, or people or entities so much as they name relationships, right? So if, if Joe and I exchange peer DIDs, what we've really done is we've given the relationship I have with Joe a name, and that is the did that I give to Joe, right? Speaker 4 00:17:11 That's, that's naming that relationship. I think that is really the, the use case that I'm most excited about is the idea that we can form, uh, or use, its to form these, uh, peer-to-peer relationships with other people online. Um, because we have not had, we've not been able to do that before, right? In, in the past, you know, doc mentioned administrative, you know, centralized systems. E every relationship we've had online has been with someone's server somewhere, and we've been inside their server, but not really able to have our own, um, uh, our own systems and, and technology for creating relationships ourselves. Uh, and, and I think that is the part of this that I'm most excited about because peer DIDs allow us, uh, well, and the, and the agents and wallets that support them allow us for, uh, many, most people for the first time to be digitally embodied and have a presence online that does not depend on the graces of some large company running a server for us. Speaker 1 00:18:27 So it's about achieving a digital citizenship, if you will, as peers of the realm. Speaker 4 00:18:32 Yeah, I think that's a good way to think about it. Speaker 5 00:18:37 So there's this, the, the challenge folks have today talking about projects is lots of the projects aren't public yet. So I'm really excited about some projects. <laugh>, I can't tell you <laugh>, um, but one that just, um, uh, uh, uh, something that got announced in the last few weeks, it's really exciting, is New South Wales in Australia, which is their largest state, um, of 8 million people, I think, um, just selected matter as a vendor, um, to roll out their, I think it's like their driver's license and other types of systems. So that's very cool, um, to see, you know, a reasonably sized rollout and to have one other company that's been working really hard on, um, bringing this technology to life, um, see success in the market like that. I think another example that's pretty inspiring is the country of Bhutan is, um, doing, um, citizen registration much in the same way they did in India. Speaker 5 00:19:48 So everybody's getting their photo taken and their biometrics, but that is the basis of a foundational identity document they're issuing into an ss ss i wallet and they're getting all government services to adopt ss, ss i as the way citizens interact with them. And it's a small country, but it's also a really remote country. And they're really focusing on how to make it super accessible to everyone, including getting it to work on the lowest and, um, smartphones that now cost $30. And they're like, maybe we should give the phone one phone to every household. So every household has at least one digital wallet tool because we really wanna make this universally accessible. So we'll see. There's lots of great developments and, and I am every week surprised, um, I publish a newsletter about all the goings on in the industry, and there's always something new each week. Speaker 1 00:20:54 Is Bhutan also where the air to the throne has a d I d Was that the story I got? Speaker 5 00:20:58 Yeah. So he was the first citizen enrolled into their, their, the system that they're rolling out to register all citizens. Yep. Speaker 1 00:21:09 So they're serious about it. They're Speaker 5 00:21:11 Serious about it. Speaker 1 00:21:12 When you give it to your children, you know, you have to trust it. <laugh> <laugh>. Speaker 2 00:21:16 That's right. Do you have any concerns about how DIDs or coming to market, Speaker 3 00:21:23 I'll throw something in here. I, um, I saw one presentation yesterday, I think it was by block, um, of an open source approach to making wallets, and they're working on protocols and a bunch of other stuff. And to me, it's, there has to be a substrate of, of protocols and standards and, uh, and code that make it easy to build stuff, make it easy enough to build stuff that there's lots of stuff coming to market and the good stuff works and wins. Um, and I dunno, I I don't have any progress report on that. Uh, Phil and Khalia will know more about that than I do, but I'm very hopeful about it. Speaker 4 00:22:03 I, I think that my primary concern with D specifically, um, is a little tangential, but you can't use dss. Well, you can, I guess you could do all the cryptography by hand and write 'em down on pieces of paper, but for the most part, you can't use DSS without some sort of software agent. Uh, what's nominally called a wallet? Uh, one of the things that I, um, I'm a little concerned about is, uh, an explosion of wallets where every vendor wants to build their own wallet in their own app. Um, and, you know, there's one part of that, which is okay, but if they're all interoperable and conforming to the did spec, isn't that okay? And it is, I mean, that's good, right? 'cause now I can use one wallet or another wallet, but I think that when we start, uh, getting vendor specific wallets that are only good for the DIDs I want to use with a specific vendor or, uh, in particular for the verifiable credentials that might be based on those DIDs, now we, we, you know, make people just essentially push all of their, uh, information across multiple apps. They don't ever get this feeling that they're in control, that they have a place where they use their identity to communicate and interact with others, prove things to them because it's just spread out in a hundred different places. Speaker 3 00:23:34 If, if you think about the things that actually matter to people, um, their finances, their health, their property, um, their contacts, their calendars, um, this is the personal data that really matters. It's not our social stuff that's kind of scattering around the world. It's not our, the happenstance of interaction with various commercial entities. And I don't see anybody yet working on, on making that sensible to people where they have a dashboard that controls what's going on in their lives. I'd love to see AI work there. I'd love to see, you know, look back over 30 years of correspondence or whatever it is, and, and see if you could find this or find that or, or, or make some sense out of it. Um, all of us have a lot of stuff, uh, a lot of property. And the, I think a problem for business is, is one that George Carlin talked about in his a place for my stuff, which is, have you ever noticed that all of your shit is stuff and everybody else's stuff is shit <laugh>. Speaker 3 00:24:42 I think most people think, most companies think that people's stuff is shit once it's sold. And so there's nobody, there's no real way that we have, most of us have to actually have some control over our property. What is that? Where is it? What have I got? What did I buy? What are the guarantees on that? You know, when does this wear out? Every company has a different way of like offering you a guarantee or something like that, but you have no, no way of your own to make full sense of the things that are in your life. And humans are grabby creatures. We possess a lot of stuff, way more than we can use where there wouldn't be storage, uh, a business in storage, for example. Um, but getting control of that stuff, I think is really important to us. And if I were starting a company doing dss, I would go there, I would go there, here, here's a way to make sense of everything you want. Speaker 3 00:25:30 Throw a QR code and everything, scan it, whatever else it is. Um, you know, maybe work with the qr, the, the, the, the barcode people who are here at the show, I believe, um, who are thinking about this. How do we, how do we, how do we know our, our stuff in our lives? And, and focusing on what Google and Facebook and Apple and others may know about us, I think is really a red herring. I think what matters, if you look at what we're caring about all the time, it's, it's people, places, times and, and lots of what, and those things can all have DIDs too, I think. So, Speaker 5 00:26:09 Um, yeah, I'm concerned about sort of some of the underlying future road bumps on the technical roadmap, let's call them in the sense that now that we're seeing some success, that certain actors may show up in our technical specifications, journeys, and, um, inject ways of doing things that they feel more comfortable with. Because radically decentralized DIDs with a, you know, in the sense there are, there's a lot of did methods that's on purpose. There's choice in how they are defined differently for different spaces, and there's the potential that this next round of standardization could narrow that choice landscape and, um, potentially not go in a good direction because of that. Speaker 1 00:27:15 So I think we're gonna see something that I might call the wallet wars, which are gonna look a lot like the browser wars, but they're gonna give us access to everything in our digitally connected lives. So getting into our home using our home security systems, our i o t driving our car, right? It's not just what we do online, which the browser wars were about, but it's really accessing everything that has a digital key. Hopefully we'll move over to this, but now everyone wants to control the wallets. Um, and we've been through this before, not just with browsers, but with other standards things. And I, I know, doc, you have strong opinions about, um, vendor lock-in and vendor sports on your podcast and things like that. So, um, how can we navigate this inevitable, uh, competition while at the same time we're trying to figure out how to collaborate and move forward, something that we all can use Speaker 5 00:28:08 Come, come to I a w come to Speaker 3 00:28:11 I a w <laugh>. We've been not working this thing out for a long time. Um, I, I look forward to that. I look forward to actual wallet wars where people will choose a wallet of one kind or other. Apple and Google already have a wallet. They call it a wallet. Apple. I, I, I only found out that Apple had a wallet, you know, like, like two months ago. And, and I tried to put several things on it, and it's really hard, you know, I've got Sam's Club on there, but Sam's Club has an app, and I could use that app at their, at their gas station and not Apple's app. Speaker 5 00:28:43 Well, Apple's strongly gatekeeping what is allowed in their wallet. Yeah, sure. And you have to pay a toll to them if you wanna get it. Speaker 3 00:28:50 Yeah. So, so that's another thing that's keeping it out. So, so, well, let's say Google doesn't do any gatekeeping at all in every state. There is, I mean, I think there's like two states where you could put your driver's license in an Apple wallet, at least the last time I looked. Three. Okay, that's going up. <laugh>, uh, you know, that leaves 47 others, right? So, well, Speaker 5 00:29:09 I mean, the other thing that they're doing is if you have your driver's license in your Apple Wallet, the only way it can be read digitally by a verifier is if they go and get a developer key from Apple. Speaker 3 00:29:21 Yeah. So that, that royalty sucks, and it's, that is not gonna work in the market. Okay? And if, if, if wallet's gonna work in the long run where you've got a, you, you possess a way to have a portfolio of identifiers, right? Or, or, or DIDs, you have a portfolio of DIDs that you could selectively disclose. That's what the wallet and the mechanisms around it should allow. Um, Steve Jobs wasn't there at the time, but I remember when browsers were coming along, apple decided to knock off a o l, which is really, really stupid. And it sounds to me like what they're trying to do with wallets right now is pretty stupid. Um, but somebody's gonna do something better, you know, and then it'll hit the market and, you know, it'll go somewhere, or it won't, you know, we're, it's not gonna happen until it proves to happen. Speaker 1 00:30:08 One of the things that surprised me, uh, maybe six months ago when I learned about it, but it was already 12, 18 months old news, is that Microsoft Authenticator can handle verifiable credentials. So many of us listening to this podcast have a verifiable credential capable wallet on your phone if you're using Microsoft Authenticator. So, you know, they bundled this in and their wallet is, is coming in sort of through a back door in that way. Um, and I wish 'em luck because they're competing with Google Apple who own the platforms that our, our phones. Um, I just wanted to share that. Speaker 2 00:30:40 What do you think it'll take to get adoption? I mean, wide adoption things are the beginning, right? Speaker 3 00:30:47 Put simply what we need is a, an invention that mothers necessity where people have to take one look at it and say, I gotta have that. I have to have that. And that has to be like on the front page of my phone. It's, it's there with the other stuff that I put there, you know? And, uh, if it's an app, maybe it's not an app, as Phil said upfront, um, it may manifest in some other way. Uh, and yeah, um, that, that just quickly, when Walt Whitman said he liked animals because they were, in his words, not demented with the mania of owning things. And that's a, that's a mania that companies like Apple dare have that CLIA just talked about with what they're trying to do. If one company tries to control this whole thing, it's not gonna work. And it, it may be a deal killer. It may be it'll never happen because everybody's experience with it is awful. Speaker 5 00:31:42 My colleague Lucy and I, um, have a consultancy, and one of the things we are talking about with our clients a lot is ecosystem building. So because it requires, it's a three-sided market, we thought two-sided markets are hard. This requires three actors to adopt new things, to get it to work is really understanding the relationship between your company or organization and other companies and organizations. And can you get some of the companies and organizations that people already are interacting with to adopt this technology and sort of provide value through an ecosystem. Because you don't get value from having one fax machine. You don't get value from having one issue of verifiable credential. You get value from a whole bunch of other people accepting verifiable presentations of those verifiable credentials from holders who have them in their wallets, right? So it's really, we need to build small ecosystems where value is created immediately upon use within that context. And then hopefully that will happen in hundreds of places, and eventually those ecosystems will start touching each other. And because we're using common standards, um, then things can interoperate, um, in, in the near future. So we'll see. But it's really that ecosystem value is gonna be key to driving adoption in this phase of, of the market. Speaker 1 00:33:19 Hilda, do you have any thoughts about the adoption question? Speaker 4 00:33:21 Um, I, I think that the adoption of DIDs is probably, I, I don't think DIDs necessarily have this adoption curve that, you know, follow some invention or something like that just because they are just this underlying technology. I think it's other things like, uh, you know, verifiable credentials or messaging or, you know, somebody building a, you know, group chat platform on top of DSS or something like that, that's actually gonna drive it. Um, you know, it's, it's the things that people want to do with them and, and it's kinda like saying what's gonna drive adoption of public key cryptography? Well, I mean, no one thing, it's just is useful for lots of different things. And so developers will build it into things. So I, I don't, I, I guess it's a long-winded way of saying I'm not really sure, but I think, you know, it's, it's this underlying thing that's gonna be built into lots of different things. Not any one kind of, you know, people aren't gonna go out and say, oh, I need DIDs. They're, they're not even know, have they have DIDs? Speaker 1 00:34:23 There is a lot of complexity in this technology, not just how DIDs work, but how they interface with verifiable credentials or object capabilities. It's a really steep learning curve. So do you have any advice for people who are just getting into this? Like where do people start? Speaker 3 00:34:39 Uh, I would talk to Kalia <laugh>, I, because I'd say I, to talk to somebody who knows more than you do, you know, and as far as I know, Kalia knows more than anybody about who's doing what, and there's an awful lot of it out there. Speaker 5 00:34:53 So one of the resources that I created with, um, my colleague Lucy, was for Linux Foundation training. So we have a course called Getting Started with ss, ss i, that's on edX. I think it's about 10 hours of content. And we actually spend the first part, first half of the course really framing and understanding just identity generally, and then get into the technologies in, around ss ss I, in part because s s i as an innovation makes no sense if you didn't understand how things worked in the before World <laugh>. Um, so that's one, one resource. Another is the newsletter that I publish. And, um, the, the person I published with that with Info Miner, he and I got a grant from Filecoin Foundation and Unfinished to basically take two years of our newsletter and pull it into a Wiki. Um, and he's put it all everything into a giant spreadsheet that's making Jekyll pages with tags. Like it's pretty incredible. So that's still in development, but it's a tool to kind of hopefully support more, uh, knowledge finding for the things you wanna connect with in the community. Speaker 1 00:36:09 So DIDs are still undergoing development. We've just had a 1.0 published, and there's definitely interest in not only standardizing other aspects of DIDs, like did Resolution, but also how do we iterate the did Core spec. Um, do you have any questions about how DIDs work or how they're evolving that we might be able to expound on for our audience? Speaker 4 00:36:29 Um, I think you, you bring up did resolution, and I think that's a really important idea that we, we ought to be spending more time talking about just because that's the what you, what you wanna do with them, right? You get a did, it's just this kind of long string of meaningless digits. You wanna resolve it and get the did doc that's associated with it. Uh, and so I, I think standardizing that is a really good open question we ought to be spending more time on. Speaker 1 00:37:00 Okay. So one question we'd like to ask all of our guests, what is your favorite did Method Speaker 6 00:37:08 <laugh>? Speaker 4 00:37:11 So my favorite did Method is, uh, peer DIDs, right? Um, because I really think that it's that, like I've said, that peer-to-peer interaction, being able to name a relationship with someone and then use that relationship for authentic and confidential communication is really, uh, a core idea. But if we, if we disallow peer DIDs, um, and, and do something public, um, favorite is maybe not my, um, the word I would use, but one that I think is really interesting is did Web, um, now did web is, um, uh, one on one hand it's kind of anathema to the whole idea of decentralized identifiers because it's using the d n s system, which is, um, distributed, but still has this kind of hierarchical flavor to it that gives it some, some really interesting flaws. Um, and, you know, we rent domain names so they're not permanent. So, so I think all of those things kind of make did web kind of, you know, um, sketchy in some ways, but I think it's really interesting because it's just so easy to do, right? Anybody that has a domain name can pop something in the doc well-known directory that represents the did doc for that did. And you know, now now you're, you're up and running. So, uh, like I said, I wouldn't necessarily say it's my favorite, but I think it's a really interesting kind of way to bootstrap into DIDs. Speaker 5 00:38:53 So you, you stole my favorite, Speaker 4 00:38:55 Sorry, <laugh>. Sorry. We can share it. You can, yeah. Speaker 5 00:38:58 You can have the same Speaker 4 00:38:59 Favorite saving enough Speaker 5 00:38:59 For both of us. I know. Um, and well, I'll also add that I think the reason, I don't know if it's like my favorite, but I think it's a really important innovation to support the challenge. We're one of the challenges we've been talking about today, which is adoption, which is large entities that trust their own D N Ss, and most of us trust them. Like the US government are like, we'll just use that did web thing. We don't wanna figure out which blockchain we jam keys into. Just trust us that the.gov sitting there is really us <laugh>. And I think if we wanna get adoption, we have to really think about these like the, the, the path to get to a future that not everybody's gonna do parkour up to the top sta <laugh>, right? Like, what's the, the next best thing like the, the, the stepping stones to get there. And that's, that's a really key piece of adoption too. So that's why did web, Speaker 4 00:40:06 You know, that actually brings up, you, you talked about open questions or interesting questions earlier. Um, and, and one thing that maybe somebody's figured it out and I just haven't heard their session at i i w yet, but, um, is not rotation of the underlying keys for a did, but rotating the did itself, right? So let's say I start out in did what, because I'm the government, and heck, I mean, you know, utah.gov is a pretty, I mean, it's unlikely someone else besides the state of Utah is gonna end up with utah.gov because of the way it is governed. Um, and so that is it a pretty secure place for them to put and start, but they may get to the point where they say, yeah, but you know, we really need DIDs somewhere else in a verifiable data registry because we wanna store revocation registries, or we want to store something else in this V D R as well. How do we transition that, right? How are they gonna say, oh, well yeah, just kidding this, you know, utah.gov did Web method that we published was great, but now we're moving on to something else. Uh, maybe how do, how do they transition to that? I think that's an interesting question. Speaker 3 00:41:23 I great. They're great. I, I, I, I, I forget what even the question was at this point. What was <laugh> your favorite? My favorite had a favorite, didn't it? Okay. My favorite did Method is the one we don't have yet that I have to, to use Speaker 2 00:41:34 <laugh>. Speaker 3 00:41:35 That's it. Speaker 2 00:41:36 Yeah. Speaker 7 00:41:38 All right. Speaker 2 00:41:39 Our last segment that we'll turn to is our shameless plug segment. And this is just an opportunity if you have any shameless plugs, whether it's related to a project or your business or, uh, in, in Kim Duffy's case where you'd like to adopt your pugs. She thought we said shameless pug segment. So she gave us the <laugh>. Um, anything that you wanna shout out that's important that you'd like to speak out about? Now you have a moment. Speaker 3 00:42:06 I, it, to me it's just, I w I mean this is a, uh, I, I think it's the most important and leveraged conference in the world and, um, and that, you know, and that's just not just because we're, we are here and, uh, and it's because it has real results and it's a hell of a nice conference to be at and it's pretty cheap as conferences go. So, Speaker 5 00:42:29 So I'll, I'll point folks to my, um, U r l identity woman.net. I've got links to the course. I mentioned my book, the newsletter, um, any i i w and related events that I'm hosting. So that's always a good place to go find out more about where, what I'm up to and, and, and connect to resources that I have. Speaker 4 00:42:55 So my shameless plug is for a, um, actor model programming system I've been using for years called picos. And the reason it is relevant here is because I just, uh, ran a, uh, student capstone at Brigham Young University this last year where I had three developers, uh, build the peer did Method into picos so that picos can communicate with each other using, uh, DICOM as opposed to just raw H T T P. Uh, and, and that's interesting because it points to a good property of DIDs, right? Right Now, uh, if you want to address a pico, which is a little computational object on the internet, you have to use a domain name, which means that that PICO is now tied to that domain name and it's really hard to tell people and moving it somewhere else. I'd love for picos to be movable between Pico engines. DIDs, allow that to happen because now if I've got your did, I just resolved the Did Dock again, and now I get your new location. So yeah, that's my shameless plug. Speaker 1 00:43:55 Great. My shameless plug is for did directory.com. So that's a service that legendary requirements put together. It's really a wrapper around the W three C registry of DID Methods. So we think it's the easiest way to learn about DIDs and did methods. You can go to did directory.com/web to get the web did method information. So you can also just go to did directory.com and find the current number of registered did Methods in case you'd like to know that we're over 160 methods right now. Speaker 2 00:44:25 And I'll take a moment to, uh, shamelessly plug, um, rebooting the web of Trust, which will be convening in September 18th to the 22nd. And, uh, that'll be in Cologne Hearth, uh, Germany in the fall. We're looking forward to that. You can find tickets on Eventbrite at r watt twelve.eventbrite.com, and that will bring us to the end of our show today. Speaker 1 00:44:50 Kalia, thank you for joining us on the show today. Phil, thank you, doc. Thank you. Thank you. It's been great. Thanks a lot guys. Thanks also to our studio audience, and thanks to our staff, Erica Connell, and I'm your host, Joe Andrew. Speaker 2 00:45:04 Wherever you find the Rubric podcast, please take a moment to subscribe to our feed so you'll be notified when our next episode is released. We look forward to you joining us next time. Speaker 8 00:45:15 The information, opinions, and recommendations presented in this podcast are for general information only, and any reliance on the information provided in this podcast is done at your own risk. The views, thoughts, and opinions expressed by the speakers in this podcast belong solely to the speakers and not necessarily to the speakers employer organization, committee, or other group or individual. Speaker 9 00:45:39 I don't know why I never saw this before, but you guys are totally the two old Muppets in the balcony right now. <laugh> Speaker 10 00:45:46 <laugh>. That's Speaker 1 00:45:47 That's true.

Other Episodes

Episode 0

March 01, 2022 00:55:56
Episode Cover

Into the Ether (did:ethr)

did:ethr brings decentralized identifiers to Ethereum, the world’s second largest cryptocurrency network. Early contributors to the DID conversation, the folks behind did:ethr helped establish...

Listen

Episode 0

April 25, 2021 00:34:03
Episode Cover

Introducing The Rubric

This Introduction to The Rubric Podcast introduces the hosts and briefly explains DIDs and The DID Method Rubric. If you are curious about decentralized...

Listen

Episode 0

October 05, 2021 00:41:14
Episode Cover

Unlocking did:key (Part 1)

[Part 1 of 2] We talk with Orie Steele of Transmute, an editor of the did:key spec and Mike Varley of SecureKey, who has...

Listen