Update self-sovereign-identity-primer.md

[nsmolenski]

Hello WoT Group,

I have reviewed and revised the Primer on Self-Sovereign Identity.

Natalie

[jandrieu]

There's much to appreciate in this revision, but it ignores the functional foundation that Chris, I, and others, are hoping to build upon. Defining self-sovereign identity as a container is explicitly counter to the functional perspective, undermining, in this article, the subsequent framing based on that.

If we are to build upon the functional definition of identity,

Identity is how we keep track of people and things, and in turn how they keep track of us

then self-sovereign identity emerges from negotiated boundaries of control over that tracking. This debate, this fight, is what establishing self-sovereign identity is about.

@matthewjosef @ChristopherA

[nsmolenski]

Hey Joe,

I was under the impression that it actually dovetailed with your definition quite nicely. The container is just the thing being tracked. Maybe I’m misunderstanding what you’re saying?

Natalie

On Sun, Oct 22, 2017 at 10:09 PM Joe Andrieu notifications@github.com wrote:

There's much to appreciate in this revision, but it ignores the functional foundation that Chris, I, and others, are hoping to build upon. Defining self-sovereign identity as a container is explicitly counter to the functional perspective, undermining, in this article, the subsequent framing based on that.

If we are to build upon the functional definition of identity,

Identity is how we keep track of people and things, and in turn how they keep track of us

then self-sovereign identity emerges from negotiated boundaries of control over that tracking. This debate, this fight, is what establishing self-sovereign identity is about.

@matthewjosef https://github.com/matthewjosef @ChristopherA https://github.com/christophera

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust-fall2017/pull/96#issuecomment-338505333, or mute the thread https://github.com/notifications/unsubscribe-auth/AUFwT0wJsskY-wk7jubSts2sPgH50Pinks5su6EFgaJpZM4QA9bk .

--

Natalie Smolenski Learning Machine www.learningmachine.com http://www.learningmachine.com/ +1 (972) 365-2750 Skype: nataliesmolenski

[jandrieu]

I would say the container is a common artifact used to track people across contexts, but it isn't the identity. Even with self-sovereign "identity containers", observers will continue to maintain their notion of our identity within the systems they can perceive. Whether its an internal unique key in a database and log files of my http requests or the ephemeral gist of experiential contact in the mind of another person, the identity is fundamentally in the minds-eye of the observer, independent of the artifacts used to track it. The goal of the tracking is not the container, but the subject.

The question of self-sovereign identity must include not just some sort of "identity container", but also negotiations over how people are tracked, how attributes are derived, how attributes are used, and how attributes are controlled. Framing self-sovereign identity in the core definition as a "container" suggests that managing the container addresses all the current challenges with the surveillance systems baked into our digital world. This connects to my longer rant on PII, which I'll spare you except to say that as a framing, PII evokes the wrong mental models in both engineers and regulators. I think containers do the same wrong.

Functionally, all identity systems are tracking systems, for which individuals deserve some control if we are to live in a free society. DIDs enable self-sovereign control over a root identifier. VCs offer the promise of authoritative attributes without ongoing dependence on those authorities, giving individuals control over the creation and sharing of identity information and the ability to participate as peer authorities.

What the self-sovereign conversation--as a whole, not just in this primer--is missing at this point is a solid framing for engaging the boundaries of the rest of the attribute-driven information tracking and sharing system. I contend that the problem with information sharing is... that you are sharing information. That, in fact, the most self-sovereign architecture minimizes sharing of attributes, not just gives users control over who gets what data.

It's key that our definition of self-sovereign identity advances the conversation towards addressing these more distributed, intertextual challenges. "Containers" feels like a framing that undermines that progression.