Solid and Rebooting the Web of Trust

[aschrijver]

Just leaving this out here as a copy of my forum post (heard the forum is not really used by 'core team' members). I am no expert in this field, but just interested where Solid fits in..

---

You are probably familiar with RWOT initiative. In RWOT4 Paris and RWOT5 Boston there have been mentions of WebID and in RWOT9 Prague SolidVC by @kezike was presented.

I was wondering how Solid sees itself in relation to this initiative, especially since I read the following in the cancelled (corona) RWOT10 papers:

The Linked Data community has also developed a personal identity mechanism on top of HTTP for that purpose, combining it with some authentication mechanism based on certificates, called WebID.

However, the problems with HTTP based personal identification are known and were among the main issues leading to the DID work: decentralization, persistency, or authentication/verifiability. I.e., DID should become an alternative to HTTP based identifications on the Semantic Web, too; but that can only happen if the four principles of Linked Data, as quoted above, can be upgraded to the DID case as well. What exactly happens if one replaces the term “HTTP” with “DID” in these four statements?

(A side issue: WebID did not really “made it” as a personal ID even among people who are not driven away by the Semantic Web. Personally, I believe one of the reasons is the extreme unfriendliness of all setups, creations, management, etc., of certificates, which is at the heart of WebID. This should be a warning to all things DID: there should be very user-friendly tools around very quickly to allow for everyday users to use this; technology is not enough…)

PS. Though I really like the idea of self-sovereign identity I have misgivings about the role of blockchain in some (not all) of the solution being worked on.

PS2. Note that ActivityPub is also represented in various RWOT papers, and discussion here looks at how AP and Solid can be combined. And in this field too there is a shared problem to solve.

[dmitrizagidulin]

(Transfering this issue from authorization panel to external interop panel repo)

[dmitrizagidulin]

Hi @aschrijver! Thank you for the question. (I hope you don't mind, I transferred the issue to the External Interop panel repo, since it's the one that tends to deal with questions of "how does Solid relate to X outside project?").

As you've mentioned, the Solid community has a history of interaction with the Rebooting Web of Trust conference community, both in terms of mentions in the papers, and in attendance from the Solid community. In addition to the items you mentioned, our very own Solid Manager @Mitzi-Laszlo was present at the Rebooting 8 in Barcelona. And there is a crossover of members that participate both in the Solid spec and some of the standards groups from the Rebooting community, such as the W3C Credentials Community Group (in which Decentralized Identifiers and Verifiable Credentials were incubated) and the Secure Data Storage Working Group.

For example, I am one of the organizers of Rebooting Web of Trust, as well as an Editor of the core Solid spec.

So, how does Solid see itself in relation to the Rebooting Web of Trust community? I cannot speak for the Solid community as a whole, but I think it's fairly accurate to say - Solid sees itself as compatible and complementary to the issues that RWoT is working on. Many of the technologies that are core to the Rebooting community (DIDs, VCs, and so on) are making their way into the Solid ecosystem. For example, take a look at some of the related issues:

• Proposal: Support Decentralized Identifiers (DIDs) in addition to Web IDs
• Project: Support W3C Verifiable Credentials on Solid (and the issues linked from this one).

Does that answer your question?

[aschrijver]

Yes, completely, thank you very much!