Closed mwherman2000 closed 5 days ago
Here's a second additional email from Manu to the CCG mailing list...
-----Original Message----- From: Michael Herman (Trusted Digital Web) Sent: Monday, November 25, 2024 9:36 AM To: 'Manu Sporny' msporny@digitalbazaar.com; Markus Sabadello markus@danubetech.com; Kim Hamilton Duffy kim@identity.foundation Cc: W3C Credentials CG (Public List) public-credentials@w3.org Subject: RE: DID Methods Working Group Series is underway
Ditto Manu. IMO I believe you're way out of line for posting this unratified interpretation.
Best guards, Michael Herman Web 7.0 Foundation
-----Original Message----- From: Manu Sporny [msporny@digitalbazaar.com](mailto:msporny@digitalbazaar.com) Sent: Monday, November 25, 2024 8:10 AM To: W3C Credentials CG (Public List) [public-credentials@w3.org](mailto:public-credentials@w3.org) Subject: Re: DID Methods Working Group Series is underway
On Fri, Nov 22, 2024 at 3:01 PM Kim Hamilton [kimdhamilton@gmail.com](mailto:kimdhamilton@gmail.com) wrote:
Last Wednesday, we had our first recurring meeting of the DID Methods Working Group, facilitated by DIF and co-sponsored by ToIP, W3C CCG, W3C DID WG, and INATBA.
Meeting summary (via AI) below:
The meeting centered on the standardization of Decentralized Identifier (DID) Methods, a crucial aspect of the broader decentralized identity ecosystem. Participants discussed challenges in achieving interoperability among various DID Methods, ensuring security and scalability, and addressing the diverse needs of stakeholders across industries. A need for DID Methods to be standardized was a core focus. Topics included refining existing specifications, promoting best practices and features, and aligning efforts with existing specifications for decentralized identity systems.
The group's mission is to establish a standardized framework for DID Methods and identify a few that need standardization, ensuring compatibility and reliability across platforms. By focusing on cross-community collaboration and standardization, the participants aim to create a flexible and inclusive system that supports innovation while maintaining a commitment to core principles of decentralization, privacy, and user control.
Key takeaways included a shared dedication to overcoming fragmentation in the DID ecosystem, fostering interoperability through standardization of specific features and specifications, and ensuring the technical and ethical robustness of proposed standards so that they might be used by global society. The group stressed the importance of community engagement and real-world testing to inform the ongoing development of these specifications toward standardization at global standards setting organizations.
-- manu
-- Manu Sporny - https://www.linkedin.com/in/manusporny/ Founder/CEO - Digital Bazaar, Inc. https://www.digitalbazaar.com/
None of what you've said below has been ratified by the WG membership.
I didn't say it had been... we're just starting; expecting anything to be ratified after the first meeting is not an expectation anyone should have at this point. My emails were my interpretation based on what was discussed in the first meeting to help people that were not there understand what happened during the first meeting. I attempted to summarize the meeting as I saw it. Others can provide their own interpretations.
All that has been requested asked for (by Kim in the last meeting) is for the members to propose steps for moving forward
Yep, which is what I did.
In addition, I believe Markus's role as the co-chair is to report on progress. The rest of us (including you and I) are just members.
Members can provide their view of what they believe happens in a meeting and propose next steps that they believe to be helpful in establishing consensus. Gathering requirements from the community are among those things that help establish consensus. We have used ranked choice polls to make decisions over the past decade in this and other communities.
I'm deeply disappointed in seeing this email - to the point where it may be a code-of-conduct violation.
Threatening action such as this for actions performed in good faith, as well as the sorts of legal threats you've been engaged in for the past several weeks (threatening legal action over trademarks which you do not have) establish a pattern of behaviour that is troubling.
https://github.com/w3c/did-extensions/pull/581#issuecomment-2462828639
If you would like to file a code of conduct violation, please do.
From: Michael Herman (Trusted Digital Web) Sent: Monday, November 25, 2024 10:47 AM To: Manu Sporny msporny@digitalbazaar.com; W3C Credentials CG public-credentials@w3.org; Kim Hamilton Duffy kim@identity.foundation; Markus Sabadello markus@danubetech.com Cc: Will Abramson will@legreq.com; Daniel Burnett danielcburnett@gmail.com; Gabe.L.Cohen@gmail.com Subject: RE: Threat of Code of Conduct Violation (was Re: Goals and Requirements for DID Method Standardization?)
MWH>> See below.
-----Original Message----- From: Manu Sporny [msporny@digitalbazaar.com](mailto:msporny@digitalbazaar.com) Sent: Monday, November 25, 2024 10:03 AM To: W3C Credentials CG [public-credentials@w3.org](mailto:public-credentials@w3.org) Cc: Markus Sabadello [markus@danubetech.com](mailto:markus@danubetech.com); Kim Hamilton Duffy [kim@identity.foundation](mailto:kim@identity.foundation) Subject: Threat of Code of Conduct Violation (was Re: Goals and Requirements for DID Method Standardization?)
On Mon, Nov 25, 2024 at 11:29 AM Michael Herman (Trusted Digital Web) [mwherman@parallelspace.net](mailto:mwherman@parallelspace.net) wrote:
None of what you've said below has been ratified by the WG membership.
I didn't say it had been... we're just starting; expecting anything to be ratified after the first meeting is not an expectation anyone should have at this point. My emails were my interpretation based on what was discussed in the first meeting to help people that were not there understand what happened during the first meeting. I attempted to summarize the meeting as I saw it. Others can provide their own interpretations.
MWH>> You presented your " Requirements for DID Method Standardization" as a supposed baseline set of requirements. It is not. MWH>> You further emphasized this "baseline" point in the following paragraph where you asked people to add any missing requirements (to your baseline). This approach is inappropriate, overhanded, and needs to be neutered. MWH>> "I know I'm missing many more requirement ideas, so what are they? What do you feel we should include as requirements as we go through the selection process for which DID Methods (and their features) should be standardized?"
All that has been requested asked for (by Kim in the last meeting) is for the members to propose steps for moving forward
MWH>> In your typical style spanning years and years, you take someone's text and truncate/abbreviate/manupulate it for serve your own needs. Here's what my full statement said: MANU>> " All that has been requested asked for (by Kim in the last meeting) is for the members to propose steps for moving forward here (nothing more): https://github.com/decentralized-identity/did-methods/issues" MWH>> This is another CoC issue (#2?) MWH>> In addition, you most always delete the previous context of the thread making it difficult for anyone ready your emails to full understand and appreciate the full and complete context of the issue - tilting/twisting the discussion in your favour.
Yep, which is what I did.
In addition, I believe Markus's role as the co-chair is to report on progress. The rest of us (including you and I) are just members.
Members can provide their view of what they believe happens in a meeting and propose next steps that they believe to be helpful in establishing consensus. Gathering requirements from the community are among those things that help establish consensus. We have used ranked choice polls to make decisions over the past decade in this and other communities.
MWH>> Manu, for years and years you have exerted your heavy-handed influence over CCG and most of its WGs. It's been documented by myself and others over the years. Here's one example: https://hyperonomy.com/2019/04/09/clique-speak/
I'm deeply disappointed in seeing this email - to the point where it may be a code-of-conduct violation.
Threatening action such as this for actions performed in good faith, MWH>> Based on years of 1. similar experiences with you, 2. this specific context, 3. your behaviors demonstrated over the past couple weeks, and 4. this CoC claim, I question your "good faith" with full justification.
MANU>> ..as well as the sorts of legal threats you've been engaged in for the past several weeks (threatening legal action over trademarks which you do not have) establish a pattern of behavior that is troubling. MWH>> CCG members, what Manu has stated in the above sentence is an outright lie. MWH>> First, I am well within my rights to validly claim and contest copyright infringement with respect to "did:tdw" and "Trust DID Web". Reference: https://github.com/w3c/did-extensions/pull/581#issuecomment-2462828639 MWH>> To try to deny me that right or to try to intimidate, threaten, and/or retaliate is a 3rd CoC violation. MWH>> I have never threatened any legal action. Manu's claim is a lie. I have claimed trademark infringement. The specific wording I used was: MWH>> " I have a commercial objection to the approval of did:tdw. "tdw" overlaps significantly with the Trusted Digital Web, the parent project of the Web 7.0 Ultraweb." Reference: https://github.com/w3c/did-extensions/issues/586#issue-2641739874 MWH>> On the other hand, Manu it was yourself who became very heavy-handed, threatening, intimidating, and retaliatory in the DID WG meeting of (I believe) November 14th when in the open Zoom call you threatened me with the size of Digital Bizarre's "internal legal council" as well as the size "internal legal councils" of the W3C, other government/defense contractor partners, etc. Everyone on the call is a witness to this unacceptable behavior. This unacceptable behavior is included in CoC claim #3. MWH>> Further, the issue has been resolved reasonably amicably in the Steven’s last DIF WG call.
MWH>> To chastise someone for initiating a CoC claim is also a CoC violation. Reference item #23: https://www.w3.org/policies/code-of-conduct/ This is Coc claim #4.
If you would like to file a code of conduct violation, please do.
MWH>> I have and will further submit the above additional 3 claims.
Best regards, Michael Herman Web 7.0 Foundation
-- manu
-- Manu Sporny - https://www.linkedin.com/in/manusporny/ Founder/CEO - Digital Bazaar, Inc. https://www.digitalbazaar.com/
This seems grossly unwarranted.
There was examples/suggestions for next steps with an invitation to discuss on a public thread and instead of participating in the conversation you have filed a code of conduct complaint, this doesn't make any sense. Threatening to file 4 additional code of conduct complaints without the current one being resolved/addressed is just harassment.
I second the fact that you have implied legal action by linking to legal documents around trademark infringement and claiming it's in violation of these laws to register the now well know did method tdw
which has been in the work for a significant amount of time, gaining more recognition as the TDW acronym by search engines and community references. There are multiple tdw projects in dif's repository, all of them associated with this work item.
No one has acknowledged the "significant overlap" with the previously mentioned work item of yours, quite the opposite, it was rebuked by many parties involved, not just @msporny .
I was at the last TDW call and I can say that there was a compromise made as the group had no intention in further wasting time on this matter. You also signaled your intention to register tdw as a did method without having a specification, only providing confusion for the community and capitalizing on the work made by others, even if you were advised not to do so. The situation wasn't "resolved", the group simply decided to move on as there are more important matters to address than alleged trademark infringements.
It seems to me like you are actively trying to halt all progress made in this working group.
This seems grossly unwarranted.
MWH>> False
There was examples/suggestions for next steps with an invitation to discuss on a public thread and instead of participating in the conversation you have filed a code of conduct complaint, this doesn't make any sense. Threatening to file 4 additional code of conduct complaints without the current one being resolved/addressed is just harassment.
MWH>> Manu's behavior has been an ongoing issue - not limited to a single oversight.
I second the fact that you have implied legal action by linking to legal documents around trademark infringement and claiming it's in violation of these laws to register the now well know did method
tdw
which has been in the work for a significant amount of time, gaining more recognition as the TDW acronym by search engines and community references. There are multiple tdw projects in dif's repository, all of them associated with this work item.
MWH>> Not true. The link was first raised by @mccown here: https://github.com/w3c/did-extensions/issues/586#issuecomment-2465573298. I simply copied it from Issue 586 to https://github.com/w3c/did-extensions/pull/581#issuecomment-2465639756. It is worthy reading.
No one has acknowledged the "significant overlap" with the previously mentioned work item of yours, quite the opposite, it was rebuked by many parties involved, not just @msporny .
MWH>> Nobody has to or is expected to acknowledged the "significant overlap". It's relevant. No one in this working group, W3C or DIF or member organization has the authority to make this determination.
You also signaled your intention to register tdw as a did method without having a specification
MWH>> Not true
The situation wasn't "resolved", the group simply decided to move on as there are more important matters to address than alleged trademark infringements.
MWH>> That is and of itself is, in fact, resolution. @swcurran and I also made additional agreements at the end of the call to help ease the transition.
It seems to me like you are actively trying to halt all progress made in this working group.
MWH>> Not true. I think the WG has put a brilliant specification together. Given this, comments like the above can only be designed to intimidate, threaten, denigrate, and/or retaliate against someone is who has the right to protect their IP/copyrights/trademarks.
MWH>> Related, I have made significant efforts to reach out to @swcurran, @kimdhamilton and the #cochairs to both resolve this issue as well as present serious solutions to help prevent these situations in the future:
MWH>> In addition, I have been present, active, and a responsive, positive contributor in every related WG call and discussion since the overall issue was identified.
We're not a bunch of kids playing in a playground sandbox anymore. Our industry is maturing. This is serious business.
(Answering operational questions as ED of DIF) The events referred to in this complaint occurred at W3C -- not DIF. Closing as out of scope
There is some jurisdictional ambiguity wrt which CoC applies to the above issues. It's not clear to me.
Here are 2 of the potential Code of Conduct policies that may apply:
Hopefully, this doesn't double the number of CoC claims needed to address the above issues.
It's unreasonable to consider moving this thread or to re-duplicate it somewhere else.
I'll continue to reply and update it here.
From: Michael Herman (Trusted Digital Web) Sent: Monday, November 25, 2024 9:30 AM To: Manu Sporny msporny@digitalbazaar.com; Markus Sabadello markus@danubetech.com; Kim Hamilton Duffy kim@identity.foundation Cc: W3C Credentials CG public-credentials@w3.org Subject: RE: Goals and Requirements for DID Method Standardization?
Manu, I believe you're getting way ahead of the actual progress of the DID Method working group. None of what you've said below has been ratified by the WG membership. Everything is still a work in progress.
All that has been requested asked for (by Kim in the last meeting) is for the members to propose steps for moving forward here (nothing more): https://github.com/decentralized-identity/did-methods/issues
In addition, I believe Markus's role as the co-chair is to report on progress. The rest of us (including you and I) are just members.
I'm deeply disappointed in seeing this email - to the point where it may be a code-of-conduct violation.
@Markus Sabadello: Please add this issue as an agenda topic for this week's WG meeting. I've diarized this here: https://github.com/decentralized-identity/did-methods/issues/9
Best regards, Michael Herman Web 7.0 Foundation / TDW
-----Original Message----- From: Manu Sporny [msporny@digitalbazaar.com](mailto:msporny@digitalbazaar.com) Sent: Monday, November 25, 2024 8:35 AM To: W3C Credentials CG [public-credentials@w3.org](mailto:public-credentials@w3.org) Subject: Goals and Requirements for DID Method Standardization?
Hey folks,
The joint work on DID Method Standardization has begun. We had our first meeting[1][2] two weeks ago, with the next meeting to be held the week after this one. In the coming months, we will be gathering goals and requirements for DID Method standardization to determine which DID Methods we should try to standardize. We'll be looking to the broader decentralized identity communities to suggest what our selection requirements should be for the standardization work.
I'm going to try to provide a few examples (we'll probably do a ranked choice poll to rate the importance of each goal/requirement). Please add your own to this thread so we can include them in the community poll (which we'll probably run early Q1 2025).
Requirements for DID Method Standardization:
At least one ephemeral DID Method should be identified for standardization. These are useful for short-lived, secure communication. Examples include did:key and did:jwk.
At least one web-based DID Method should be identified for standardization. These are useful for issuers of verifiable credentials and other forms of attestations who know how to manage web domains but are not willing to depend on blockchains or DHTs for their root of trust (i.e., governments). Examples include did:web and did:tdw.
At least one "fully decentralized" DID Method should be identified for standardization. These are useful because they achieve what the other two classes of DID Method above don't achieve -- the vision for why we created DIDs in the first place. Examples include did:dht.
"Global government-approved crypto" is important to ensure governments can adopt the DID Method. Examples include ECDSA.
"Privacy-preserving crypto" is important, even if not government approved, to ensure the privacy of individuals. Examples include BBS.
A digitally signed cryptographic log of changes to the DID Document is a useful feature to standardize on its own (so that multiple DID Methods could utilize the feature).
A multi-factor binding to DNS is an important feature to standardize on its own (so that domain owners can provide an extra level of security on their DID Documents).
A specification with multiple implementers is always preferable to inventing something new unless the community is behind the concept that the "something new" is necessary.
I know I'm missing many more requirement ideas, so what are they? What do you feel we should include as requirements as we go through the selection process for which DID Methods (and their features) should be standardized?
-- manu
[1] https://lists.w3.org/Archives/Public/public-credentials/2024Nov/0026.html [2] https://lists.w3.org/Archives/Public/public-credentials/2024Nov/0035.html
-- Manu Sporny - https://www.linkedin.com/in/manusporny/ Founder/CEO - Digital Bazaar, Inc. https://www.digitalbazaar.com/