← @ChristopherA Twitter archive

Christopher Allen

@ChristopherA

…"we would like to explore the idea of establish levels of assurance, which will no longer be tied to single issuance processes, but also to a multi-source verification processes."

8/29/2019, 11:57:16 AM

Favs: 1

Retweets: 0

Christopher Allen

@ChristopherA

…"As verifiers are almost always also issuers, there is a common interest in keeping costs of such systems down, driving the development of open standards to cater to interoperability rather than differentiating on individual levels of assurance"

8/29/2019, 11:57:24 AM

Favs: 1

Retweets: 0

Christopher Allen

@ChristopherA

…"start the conversation around how could a distributed reputation system of issuers might prove as useful as their counterparts for centralized systems (ebay, amazon, etc..) and whether and how they can best be used when establishing levels of assurances"

8/29/2019, 11:58:07 AM

Favs: 0

Retweets: 0

Christopher Allen

@ChristopherA

…"to establishing a high level of assurance of verifiable credentials, the reputational distributed system needs to be reliable & robust against liar issuers but as well incorporate in the protocol the capability to ask for extra credentials if…(assurance level not) reached."

8/29/2019, 12:00:09 PM

Favs: 1

Retweets: 0

Christopher Allen

@ChristopherA

…"This network effect fundamentally shifts the power balance from centralized issuers, or federated identity managers, towards individual ID holders. The trade-off here is 1) the ease of compliance and 2) automation of services across contexts in an ever expanding ecosystem."

8/29/2019, 12:00:28 PM

Favs: 1

Retweets: 1

Christopher Allen

@ChristopherA

…"Putting the ID holder at the center of an identity system comes with great opportunity, but also introduces new risks and barriers to adoption. Many of these are non-technical and such, should be explored in multi-disciplanary way."

8/29/2019, 12:00:52 PM

Favs: 1

Retweets: 0

Christopher Allen

@ChristopherA

…"How to prevent the unwanted sharing of credentials in a case where there is a power difference between a service provider and a citizen that would like to have access to a service? Is there such a thing as freely given, informed consent?"

8/29/2019, 12:01:07 PM

Favs: 1

Retweets: 0

Christopher Allen

@ChristopherA

…"Customer assessment forms a large component of the mortgage application process…The phases of information gathering and decision making are best not viewed as separate but as feeding one another in a cycle, until a final decision can be made with enough confidence"

8/29/2019, 12:57:55 PM

Favs: 1

Retweets: 0

Christopher Allen

@ChristopherA

…"Our motivation is the desire to improve current mortgage decisioning and ultimately the whole property transaction process resulting in property purchase/sale."

8/29/2019, 12:58:13 PM

Favs: 1

Retweets: 0

Christopher Allen

@ChristopherA

…"Areas we would like to see improvements in mortgage decisioning are as follows: speed & ease of use…transparency…minimal intermediaries…accuracy…collaboration"

8/29/2019, 12:59:00 PM

Favs: 2

Retweets: 0

Christopher Allen

@ChristopherA

…""From a decision requirement we can derive a decision strategy that describes how we can reach a decision outcome that satisfies the requirement. A decision strategy consists of information requirements and decision logic."

8/29/2019, 12:59:39 PM

Favs: 1

Retweets: 0

Christopher Allen

@ChristopherA

…"Multiple decision strategies can exist for the same decision requirement where some will be better than others in different circumstances."

8/29/2019, 12:59:57 PM

Favs: 1

Retweets: 0

Christopher Allen

@ChristopherA

…This paper goes on to detail decision making using Verifiable Credentials as well as support decision transparency. This use case is well thought out and I look forward to seeing how it evolves.

8/29/2019, 1:01:26 PM

Favs: 1

Retweets: 0

Christopher Allen

@ChristopherA

…The paper begins with a brief overview of what a ZKP-based credential is, then shares several different techniques to allow for adjustment of anonymity, vulnerability, and transferability.

8/29/2019, 1:08:14 PM

Favs: 2

Retweets: 0

Christopher Allen

@ChristopherA

…Techniques are "Richly contextualized presentation requests…Prevent Link Secret Reuse…Require Link Secret Continuity…Commit a DID to a Link Secret…Biometrics(strong disclosure, weak disclosure, permuted disclosure)…Provisional Anonymity…LinkSecret Bond…Financial Escrow"

8/29/2019, 1:08:33 PM

Favs: 1

Retweets: 0

Christopher Allen

@ChristopherA

…"ZKP-based approaches to credentials are undoubtedly imperfect, because they are young. However, there is no evidence, either anecdotal or rigorous, to suppose that ZKPs are inherently, uniquely vulnerable to trust problems. (there is a) long & rich history of clever solutions.

8/29/2019, 1:09:52 PM

Favs: 2

Retweets: 0

Christopher Allen

@ChristopherA

…"The best way to serve community interests with respect to ZKPs and credentials is not to fear them. It’s to embrace them, and get on with the business of making them better and using them well."

8/29/2019, 1:10:09 PM

Favs: 2

Retweets: 0

Christopher Allen

@ChristopherA

…There are other projects that are working on various approaches for encrypting data at rest "It is one of the goals of the Secure Data Hubs specification to find commonalities between these projects (and others) and attempt to standardize them."

8/29/2019, 1:11:59 PM

Favs: 2

Retweets: 0

Christopher Allen

@ChristopherA

…"The simplest and most straightforward (and correct) solution is to decouple the application from storage…One could argue that Operating Systems vendors were the first to get this right in the 1970s, 1980s, and 1990s. File systems of that era separated the storage between…"

8/29/2019, 1:12:23 PM

Favs: 1

Retweets: 0

Christopher Allen

@ChristopherA

…"… the application and the file system, enabling interoperability at a data file layer…only when global networked computing expanded that…shifted to siloed data away from the customer's reach, largely due to the business models that drove the expansion of the Internet"

8/29/2019, 1:13:17 PM

Favs: 2

Retweets: 0

Christopher Allen

@ChristopherA

…"SolidVC (is a) a decentralized implementation of the Verifiable Credentials specification that leverages various ontologies, protocols, and specifications of the Web to deliver a robust and extensible credentialing system."

8/29/2019, 1:13:55 PM

Favs: 1

Retweets: 0

Christopher Allen

@ChristopherA

…"SolidVC consists of a number of well-defined protocols for handling credentials. In this section, I will outline these protocols in detail. Setup…Request…Issuance…Sharing…Verification…Revocation…"

8/29/2019, 1:14:11 PM

Favs: 1

Retweets: 0

Christopher Allen

@ChristopherA

…"There are a number of improvements that I envision for SolidVC…One-to-many SolidVC-Solid account mapping, Extended RDF, serialization support, Issuer Discovery, Credential persistence, Credential expiry support, Command line interface, Overall extensibility"

8/29/2019, 1:14:31 PM

Favs: 1

Retweets: 0

Christopher Allen

@ChristopherA

…I'm glad that the W3C Solid community has representation at #RWOT9. It has the backing Berners-Lee, the creator of the WWW, and some really good web-based foundations that the more blockchain-oriented approaches lack.

8/29/2019, 1:17:09 PM

Favs: 2

Retweets: 0

Christopher Allen

@ChristopherA

That's all for today. Another 20 or so advance readings remain to summarize before #RWOT9 begins in Prague on Tuesday.

8/29/2019, 1:18:01 PM

Favs: 1

Retweets: 0