I think it speaks extreme volumes that the "methods" of "did" and "com" were both proposed by no-name crypto organizations; "cosmos" seems to be proposed by one guy with a template website maybe unrelated to the relatively major Cosmos blockchain (they're fighting amongst themselves lol); "ens" was proposed by some organization with no website; "evan" was picked up by literally some guy named Evan.
Its not just that they're crypto related; its not even the major players in the crypto space. There are physical organizations you can point to in the crypto space, and if they hopped in and said "yeah this is cool" then that's something. 80% of these organizations have nothing to them. They look like they were formed overnight as this proposal was going through its development.
The only seemingly legitimate proposal in that list, not an obvious planting-my-flag-in-the-ground, is: Baidu proposes "ccp". Lol. Looks like Workday is there proposing "work" as well, that's... something.
I need to read up more on the spec, but that list alone is an extreme embarrassment for W3. Google & Mozilla bring up a fantastic point: What are these things actually going to be used for, not hypothetically, in reality, what is the use case? Its very clear that the Web2 players don't have a good answer for that, and even the successful Web3 players don't either. Is the best response W3 has actually a bunch of nobodies who see something that kind of resembles (but not really) a new DNS, and want to plant their flag in case it gets big?
When we were designing the EU DCC we explicitly choose not to go down the path of the then-nascent w3c verifiable credentials using DIDs. There was a hard lobby from the blockchain bullshitters but they couldn't explain things without a lot of hand waving and technobabble so :)
There's a reason why our spec (EU-DCC) is a global standard: we build on proven technology, we're explicit, and we're not open to allow anyone and their dog to become a "trust anchor". That trust is earned, there are standards you need to follow and keep following to earn that.
DIDs are a wild west and clearly a not-too-unsubtle attempt by the crypto bros to sneak a cash-cow into standards.
The spec reads like it's written by a group of hyperactive kids in a sugar rush.
Don't forget the Korean Ministry of the Interior, who are apparently using a two-line Markdown file as their website and a random Gmail address as their only method of contact.
For an identity verification standard, you'd think they'd demand the authors have more verifiable identities.
I understand that the list presented there is more-so early stage proposals; its not like they've been registered to manage that DID method.
That being said; it speaks some amount to the professionalism of the authors and supporters of this spec. The sane people ask: what are the real, tangible use-cases? There's no answer. Ok, well short of that: are there are least real, tangible organizations who will be building on top of this?
Not only is the answer weak, but the meeting notes from the DID-WG indicate a high level aversion to any known, named authority participating in a significant capacity [1]. They were rather concerned about Mastercard's proposed "id" DID method, for privacy/centralization reasons, maybe those are valid but...
> Markus Sabadello: … Even if we don’t apply it, since in the past we haven’t, even then I think this registration should not be accepted as-is, because it’s incomplete..
> Manu Sporny: Just about every DID Method is incomplete… not a good criteria..
It really comes off as a bunch of people who are mad at the centralization of big tech, want to change it, but lack focus & expertise on how to implement that change. And they managed to drag W3C/TBL down to their level.
If you have arguments against DIDs, then raise them here for rational discussion from all POVs, which is something HN is great at.
'"evan" was picked up by literally some guy named Evan' is not an argument. It's also not factual. The Evan DID method spec [1] was written by Sebastian Wolfram and Philip Kaiser. It is for the Evan Network, which is a blockchain attempting to provide a usable decentralized market infrastructure.
"that list alone is an extreme embarrassment for W3". First, a minor point. w3.org is the domain name, which has some minor cachet because it is a two letter domain. The organization is the World Wide Web Consortium, W3C. Second, hyperbole is present on HN at times, but should be avoided whenever possible because it raises the SNR for your comment, the thread, and HN overall. You could have phrased it without the hyperbole as "the status and standing of the objectors may be an impediment to future DID adoption". More accurate, and signal rather than noise. Of course, if you did any significant standards work you likely would know that objections like these are just as often motivated by market interests. I remember asking an OASIS long-time member about a rep on a standards committee I was on. The rep was from one big company whose name is a household word, and he seemed to do nothing but raise objections and build roadblocks. The long-time member told me he was known as that company's hatchet man. When they wanted to kill a spec before it got voted on they'd send him to join the TC and torpedo it from within. The work quality of the TC did not matter in what he raised, only his company's market drivers.
"I need to read up more on the spec". I would suggest you follow my approach: I do not criticize something I have not read end to end twice. The Evan statement above makes me think you didn't even read it once.
But here's my counter: when it comes to web standards like this, I am fully prepared and willing to delegate my opinion to Mozilla (and a lesser but still positive degree, Google). The W3 (ok you want to be pedantic; W3C; talk about SNR) additionally has a ton of other extremely mature member organizations; Apple, Amazon, Meta, Microsoft, Cloudflare, if even one of these organizations had their name anywhere on this spec I'd give it the time of day. I work at one of them; I've worked for two in the past; I know the people, they're extremely smart and well-intentioned.
I don't agree with your statement that its worth discounting the professionalism and expertise of some member organizations just because you had one third-hand experience in an entirely unrelated organization of some no-name member roadblocking a proposal because of... market interests. Market interests?! Of course that would be a concern! Proposals need to serve the members of the org. The members of the org are, mostly, for-profit organizations! I'm blown away at the dissonance it takes to complain about non-professional SNR, then immediately follow-up with hearsay and supposition.
But, ok, maybe not Web2 Big Tech. Maybe Web3 big tech? Where's the Ethereum Foundation? They're a W3C member org! Block/Square? They're getting very deep into crypto right now; also a member org; silent. Coinbase? Just an exchange, but a member. I mean, the list keeps going on.
I've read the spec. I would not claim to fully understand it, but like Mozilla, it feels abstract and very short on even high-level use-cases. I also think TBL's response signals that's by-design; and I think that's a weak response because ultimately if the organizations who do develop tangible use-cases fly-in-the-night four years from now, the spec will become an unnecessary vestige of the web, like so many before it, while the organizations who actually put in the work and deliver value to Real Humans ignore it (or worse, are forced to keep the dying-but-not-dead vestige on life support) (its not the W3C/TBL who pays the six figure engineer salaries that maintain this shit, its their member orgs, and not even the ones who proposed and approved this).
I also feel, weakly but still prescient, that while the W3C is relatively egalitarian, we can't ignore the politics. This was GOOGLE and MOZILLA who raised concerns (not to mention one anonymous org). TBL can object, and W3C can set the spec, but at the end of the day it will become a vestige even if the people involved with this spec do their best to make it happen, if Big Tech isn't on-board. I'm not, then, asserting that fighting big tech is never worthwhile; I'm just asserting that the W3C probably isn't the best abstraction layer to fight the fight.
So yes: I will criticize. And I'll hyperbolize: the fact that the W3C has hundreds of member organizations, from implementors to thinkers to for-profits and non-profits, and they're willing to overrule real concerns from multiple established and respected members in-favor-of a grocery list of flag-planters, half of which DON'T EVEN HAVE LEGITIMATE WEBSITES, is an embarrassment.
But, fortunately, probably, one that everyone will soon forget about.
Apple, Amazon, Meta, Microsoft, Cloudflare, if even one of these organizations had their name anywhere on this spec I'd give it the time of day. I work at one of them; I've worked for two in the past; I know the people, they're extremely smart and well-intentioned.
Fair; I just scanned the list and saw it was associated with a company named Evan GmbH; I didn't, and still don't, feel it was worthwhile to investigate further; but fine, they're a no-name crypto org with a template website promising to provide the technical and legal framework for the future of the decentralized market economy based on blockchain technology. I'm really excited about their promise that "Digital Identities turn goods into active and autonomous participants in business relationships." And Gartner named them a "Cool Business" in 2020, watch out for these guys I'm sure they'll still be around in four years.
Its not just that they're crypto related; its not even the major players in the crypto space. There are physical organizations you can point to in the crypto space, and if they hopped in and said "yeah this is cool" then that's something. 80% of these organizations have nothing to them. They look like they were formed overnight as this proposal was going through its development.
The only seemingly legitimate proposal in that list, not an obvious planting-my-flag-in-the-ground, is: Baidu proposes "ccp". Lol. Looks like Workday is there proposing "work" as well, that's... something.
I need to read up more on the spec, but that list alone is an extreme embarrassment for W3. Google & Mozilla bring up a fantastic point: What are these things actually going to be used for, not hypothetically, in reality, what is the use case? Its very clear that the Web2 players don't have a good answer for that, and even the successful Web3 players don't either. Is the best response W3 has actually a bunch of nobodies who see something that kind of resembles (but not really) a new DNS, and want to plant their flag in case it gets big?