Decentralized Identity
-
@dafyre said in Decentralized Identity:
I also think, though, that if you're providing an identity that comes from the ledger, you can trace it back to the origin and all of that. So even if there are two people claiming to be @travisdh1 ...
You create an account on say... Google, and the Impostor creates an account on Yahoo, the identities may contain similar information, but it would be possible (and should be easy!) to trace it back to the origin, and be able to eeasily tell the two identities apart.
Unless I don't understand - I think you're missing one of the key points of this "decentralized identity" - and that is that there is no track back.
There two situations to consider:
-
airport/flying - The state gov't issues you a state ID, which you store in your wallet. The state is completely unaware of your wallet ID.
you go to the airport, you submit your state ID AND your personal ID that you created to the airport. The airport confirms that the State ID is valid by cross checking it with the State ID webportal - but for you, all they can do is check your wallet ID against what YOU put into the ledger. But since there is no tie between what you put the ledger and anything else of validation - why would anyone trust this?
Really - what point/purpose does presenting your own personally created ID serve in this situation (which was presented by the OKTA video)? -
Login to email provider(or any generic website) - You send your personally created ID to the website, which they then assign as your credentials. this works fine because it's essentially no different than username/passwords of today. The email provider/website doesn't really care who you really are - only that you are participating in their platform and hopefully spending money with them. In fact this solution is significantly more privacy based since the only thing the website HAS to know about you is your public key. If you can pay in a private way (say Bitcoin), then there now becomes a link between this bitcoin wallet and your public key, but that's all
I see this potentially working when actual proof of who you are isn't required - but when it is - like Driver's license/passports/medical/gov't - then this system breaks down quickly or really makes no difference, because you NEED a centralized (or at least GREATLY trusted source) providing backup to who you say you are.
-
-
@scottalanmiller said in Decentralized Identity:
This is the problem with NFT art and photographs. You can prove that the NFT is untouched. But you can't prove that the owner of the art or photograph made the NFT. So it's moot.
I would assume this is a bit different - I'm assuming, don't know NFT's just seem dumb to me - that you can walk the NFT back to the beginning and see who or what address it was originally created by - that person is the "owner/creator" regardless of who made the art.
-
@Dashrender said in Decentralized Identity:
@scottalanmiller said in Decentralized Identity:
This is the problem with NFT art and photographs. You can prove that the NFT is untouched. But you can't prove that the owner of the art or photograph made the NFT. So it's moot.
I would assume this is a bit different - I'm assuming, don't know NFT's just seem dumb to me - that you can walk the NFT back to the beginning and see who or what address it was originally created by - that person is the "owner/creator" regardless of who made the art.
Sure, but the point is to prove who made the art, not who made the NFT. Knowing who made the NFT is useless.
-
@scottalanmiller said in Decentralized Identity:
@Dashrender said in Decentralized Identity:
@scottalanmiller said in Decentralized Identity:
This is the problem with NFT art and photographs. You can prove that the NFT is untouched. But you can't prove that the owner of the art or photograph made the NFT. So it's moot.
I would assume this is a bit different - I'm assuming, don't know NFT's just seem dumb to me - that you can walk the NFT back to the beginning and see who or what address it was originally created by - that person is the "owner/creator" regardless of who made the art.
Sure, but the point is to prove who made the art, not who made the NFT. Knowing who made the NFT is useless.
I thought - again don't really know about NFTs - that NFT was all about proving ownership of said art? To which I laugh and say - who the hell cares? it's digital art - you copy the file tada you have an identical copy except the NFT part - which 99.9% don't care one bit about.
-
@Dashrender said in Decentralized Identity:
I thought - again don't really know about NFTs - that NFT was all about proving ownership of said art?
No, not in any way. That's the scam portion. There's nothing tying an NFT to the art. You only get provenance of the NFT, not the art. NFTs are 100% a cypto scam when used in reference to provenance of physical objects. NFT as a concept is fine, but it has no utility in the art world as anyone can make the original NFT.
You and I could go make millions of NFTs right now for anything that we want. Even things that don't exist. This applies in both the physical and digital space.
-
@Dashrender said in Decentralized Identity:
To which I laugh and say - who the hell cares? it's digital art - you copy the file tada you have an identical copy except the NFT part - which 99.9% don't care one bit about.
NFTs are applied to physical art just the same. People who buy and sell NFTs are not trading art, at all. The art and the NFT are explicitly separate. There is no linkage between them. The NFT does not contain the art, the art does not contain the NFT. There's no security, no provenance, no nothing.
-
@scottalanmiller said in Decentralized Identity:
@Dashrender said in Decentralized Identity:
I thought - again don't really know about NFTs - that NFT was all about proving ownership of said art?
No, not in any way. That's the scam portion. There's nothing tying an NFT to the art. You only get provenance of the NFT, not the art. NFTs are 100% a cypto scam when used in reference to provenance of physical objects. NFT as a concept is fine, but it has no utility in the art world as anyone can make the original NFT.
You and I could go make millions of NFTs right now for anything that we want. Even things that don't exist. This applies in both the physical and digital space.
Aww - I was talking about digital art - but reading your posts reminds me crazy people have 'attached' NFTs to physical objects - yep definitely crazy!
-
@Dashrender said in Decentralized Identity:
@scottalanmiller said in Decentralized Identity:
@Dashrender said in Decentralized Identity:
I thought - again don't really know about NFTs - that NFT was all about proving ownership of said art?
No, not in any way. That's the scam portion. There's nothing tying an NFT to the art. You only get provenance of the NFT, not the art. NFTs are 100% a cypto scam when used in reference to provenance of physical objects. NFT as a concept is fine, but it has no utility in the art world as anyone can make the original NFT.
You and I could go make millions of NFTs right now for anything that we want. Even things that don't exist. This applies in both the physical and digital space.
Aww - I was talking about digital art - but reading your posts reminds me crazy people have 'attached' NFTs to physical objects - yep definitely crazy!
Even with digital art, the NFT is totally separate and it's insane.
-
@scottalanmiller said in Decentralized Identity:
@Dashrender said in Decentralized Identity:
@scottalanmiller said in Decentralized Identity:
@Dashrender said in Decentralized Identity:
I thought - again don't really know about NFTs - that NFT was all about proving ownership of said art?
No, not in any way. That's the scam portion. There's nothing tying an NFT to the art. You only get provenance of the NFT, not the art. NFTs are 100% a cypto scam when used in reference to provenance of physical objects. NFT as a concept is fine, but it has no utility in the art world as anyone can make the original NFT.
You and I could go make millions of NFTs right now for anything that we want. Even things that don't exist. This applies in both the physical and digital space.
Aww - I was talking about digital art - but reading your posts reminds me crazy people have 'attached' NFTs to physical objects - yep definitely crazy!
Even with digital art, the NFT is totally separate and it's insane.
why does it have to be separate? Can't you bake the NFT into the art itself somehow?
Don't get me wrong - even this post is a complete waste of our time talking about something so scammy!
-
@Dashrender said in Decentralized Identity:
why does it have to be separate? Can't you bake the NFT into the art itself somehow?
No
-
Art cannot contain its NFT because the result would be a different object than the one in the NFT. Chicken and egg.
NFT cannot contain art because NFTs are tiny text strings and can't contain anything, they are references, not holders.
So the theory is, art is made first. Then an NFT is "minted" that points to a copy (not the original, a COPY) of the art and says "the person who made this NFT owns this copy". The theory is that only the owner of that COPY can mint the NFT. But that's only a theory and there's no reason to suspect that there is true. And the theory is is that that copy is identical to the original, but there is no reason to believe that that is true. And the theory is that the owner of the copy also owns the rights of the original. Again, theory only.
There is step after step where the system deals with copies and unverified ownership. Then an NFT is minted that points to a storage location that may or may not hold a copy of something you may or may not own. Literally, that's it.
-
right - so back to the topic at hand.
the idea of decentralized identity is just a myth? Can you think of any way to do this?
First possible solution would be - web of trust.
i.e. you publish your ID to the ledger - and other people claim that that is in fact you.once you have a few (insert some number) people who confirm you as you - then others could see you have that given number of verifiers, and choose to accept that as proof of you being you.
-
@Dashrender said in Decentralized Identity:
the idea of decentralized identity is just a myth? Can you think of any way to do this?
It's not a myth, but it can't be anonymous. For example, Meta and Google can trust each other and decentralize identity by getting identity from each other. No problem.
The thing that makes identity work is that an known identity is trusted and verifies other identities. My Google ID is useful, because everyone knows Google and trusts them (mostly) and so when Google says that I am me, people believe it. They verify me.
You can trust multiple providers. Facebook, Google, Apple, Microsoft are four key examples that people tend to trust. Also Twitter and others. If they create a system to work together, you get trusted and decentralized.
So decentralization is no problem. But also, is it useful?
-
@Dashrender said in Decentralized Identity:
First possible solution would be - web of trust.
i.e. you publish your ID to the ledger - and other people claim that that is in fact you.
once you have a few (insert some number) people who confirm you as you - then others could see you have that given number of verifiers, and choose to accept that as proof of you being you.But why would people trust that system? That's not a security system, it's just a popularity system.
-
@Dashrender said in Decentralized Identity:
Since you make your own identity and publish it to the ledger - why should I believe that?
And why do you trust the ledger? I can go make a ledger AND publish my ID to it. I can also make an ID for you and publish it to it. You can't trust the ID OR the ledger, is the problem.
-
@travisdh1 said in Decentralized Identity:
@Dashrender said in Decentralized Identity:
The first thing that comes to my mind is - why would anyone trust the ledger (as it's called in the OKTA video)? Not to mention there are 80+ ledgers today according to the OKTA video.
Since you make your own identity and publish it to the ledger - why should I believe that?
Public ledgers are the tech behind cryptocurrencies. As to how secure it is, it can be very secure if they're using standard public/private key authentication
They are, but that misses the key point. It's not an anonymous ledger, it's an owner, controlled centralized ledger. The data on it might be decentralized. but the ledger itself is not.
-
@scottalanmiller said in Decentralized Identity:
@Dashrender said in Decentralized Identity:
the idea of decentralized identity is just a myth? Can you think of any way to do this?
It's not a myth, but it can't be anonymous. For example, Meta and Google can trust each other and decentralize identity by getting identity from each other. No problem.
The thing that makes identity work is that an known identity is trusted and verifies other identities. My Google ID is useful, because everyone knows Google and trusts them (mostly) and so when Google says that I am me, people believe it. They verify me.
You can trust multiple providers. Facebook, Google, Apple, Microsoft are four key examples that people tend to trust. Also Twitter and others. If they create a system to work together, you get trusted and decentralized.
So decentralization is no problem. But also, is it useful?
Well if you watch the videos that I posted at the top - I think a key tenant is that you control who sees what.
The problem with Google/Facebook/Apple/MS, etc - is when you use any of their platforms to authenticate - at bare minimum, those entities know you are using that platform - at worse, they know everything you do on that platform.
As put forth by the videos - the generic decentralization relies on 'the ledger' something that doesn't track anything you do - as it only holds your public key and presumably some type of ID - say a name or could just be a unique ID from that ledger.
Most things you do on the internet don't need confirmation from another source somewhere - i.e. they don't really care who you are. for example this website - mangolassi doesn't care who these people are posting here - not really. They do want the same person to be the one posting through a given set of credentials under the auspices of knowledge from that source. obvious exception - vendors posting where less less a single person and more just a company presence.
BUT - in the case of interactions with the police - or the TSA when traveling - you're identity through a ledger or FB/Google/Apple/MS are all useless as the police and TSA don't recognize those entities as valid for proof if ID - but they do through state issued ID.
-
@scottalanmiller said in Decentralized Identity:
@Dashrender said in Decentralized Identity:
Since you make your own identity and publish it to the ledger - why should I believe that?
And why do you trust the ledger? I can go make a ledger AND publish my ID to it. I can also make an ID for you and publish it to it. You can't trust the ID OR the ledger, is the problem.
This was exactly my point from the first post.
-
@scottalanmiller said in Decentralized Identity:
@travisdh1 said in Decentralized Identity:
@Dashrender said in Decentralized Identity:
The first thing that comes to my mind is - why would anyone trust the ledger (as it's called in the OKTA video)? Not to mention there are 80+ ledgers today according to the OKTA video.
Since you make your own identity and publish it to the ledger - why should I believe that?
Public ledgers are the tech behind cryptocurrencies. As to how secure it is, it can be very secure if they're using standard public/private key authentication
They are, but that misses the key point. It's not an anonymous ledger, it's an owner, controlled centralized ledger. The data on it might be decentralized. but the ledger itself is not.
Right - again the videos point out that there are over 80+ companies currently making ledgers... that is anything but decentralized.
-
@scottalanmiller said in Decentralized Identity:
@Dashrender said in Decentralized Identity:
the idea of decentralized identity is just a myth? Can you think of any way to do this?
It's not a myth, but it can't be anonymous. For example, Meta and Google can trust each other and decentralize identity by getting identity from each other. No problem.
The thing that makes identity work is that an known identity is trusted and verifies other identities. My Google ID is useful, because everyone knows Google and trusts them (mostly) and so when Google says that I am me, people believe it. They verify me.
You can trust multiple providers. Facebook, Google, Apple, Microsoft are four key examples that people tend to trust. Also Twitter and others. If they create a system to work together, you get trusted and decentralized.
So decentralization is no problem. But also, is it useful?
I'm not sure how listing these four vendors is an example of decentralization (frankly I don't agree with the videos calling their examples decentralized either).
And is decentralized useful - no, it's really not. because the main thing that everyone is trying to get to is an easy use authentication solution that provides privacy.
But as you mention - this can't be done anonymously if you want it to have real value.There is value in an anonymous system for general things like: mangolassi, fishing website, netflix...
but useless for:
Medical, gov't interactions, banking...