Decentralized Identity
-
@scottalanmiller said in Decentralized Identity:
@travisdh1 said in Decentralized Identity:
@Dashrender said in Decentralized Identity:
The first thing that comes to my mind is - why would anyone trust the ledger (as it's called in the OKTA video)? Not to mention there are 80+ ledgers today according to the OKTA video.
Since you make your own identity and publish it to the ledger - why should I believe that?
Public ledgers are the tech behind cryptocurrencies. As to how secure it is, it can be very secure if they're using standard public/private key authentication
They are, but that misses the key point. It's not an anonymous ledger, it's an owner, controlled centralized ledger. The data on it might be decentralized. but the ledger itself is not.
Right - again the videos point out that there are over 80+ companies currently making ledgers... that is anything but decentralized.
-
@scottalanmiller said in Decentralized Identity:
@Dashrender said in Decentralized Identity:
the idea of decentralized identity is just a myth? Can you think of any way to do this?
It's not a myth, but it can't be anonymous. For example, Meta and Google can trust each other and decentralize identity by getting identity from each other. No problem.
The thing that makes identity work is that an known identity is trusted and verifies other identities. My Google ID is useful, because everyone knows Google and trusts them (mostly) and so when Google says that I am me, people believe it. They verify me.
You can trust multiple providers. Facebook, Google, Apple, Microsoft are four key examples that people tend to trust. Also Twitter and others. If they create a system to work together, you get trusted and decentralized.
So decentralization is no problem. But also, is it useful?
I'm not sure how listing these four vendors is an example of decentralization (frankly I don't agree with the videos calling their examples decentralized either).
And is decentralized useful - no, it's really not. because the main thing that everyone is trying to get to is an easy use authentication solution that provides privacy.
But as you mention - this can't be done anonymously if you want it to have real value.There is value in an anonymous system for general things like: mangolassi, fishing website, netflix...
but useless for:
Medical, gov't interactions, banking... -
@Dashrender said in Decentralized Identity:
I'm not sure how listing these four vendors is an example of decentralization (frankly I don't agree with the videos calling their examples decentralized either).
If there is more than one vendor, it is decentralized. That's what decentralized means. That's all it means.
-
@scottalanmiller said in Decentralized Identity:
@Dashrender said in Decentralized Identity:
I'm not sure how listing these four vendors is an example of decentralization (frankly I don't agree with the videos calling their examples decentralized either).
If there is more than one vendor, it is decentralized. That's what decentralized means. That's all it means.
Well then - we already have decentralized identity - and everyone hates what we have today...
It's why so many people jumped on the - log in with Google - log in with Facebook - options.
And those situations exist why? because Google and Facebook make a mint knowing more about YOU - the product.
-
@Dashrender said in Decentralized Identity:
Well then - we already have decentralized identity - and everyone hates what we have today...
That's basically what "customers designing systems" typically looks like. Remember Spiceworks? Everyone always made crazy demands that normally they already had because they didn't understand what they were asking. And they didn't like the results that they demanded.
Decentralized identity is a pretty awful idea. Someone needs to explain to me why they see this as beneficial.
The US is actually mocked worldwide for attempting (and failing obviously and dramatically) at decentralized ID for citizens when all other countries have it centralized and working easily.
-
@Dashrender said in Decentralized Identity:
And those situations exist why? because Google and Facebook make a mint knowing more about YOU - the product.
But twitter, GitHub, Discord, Apple and others don't and exist too. It's an easy thing to provide.
-
@scottalanmiller said in Decentralized Identity:
@Dashrender said in Decentralized Identity:
Well then - we already have decentralized identity - and everyone hates what we have today...
That's basically what "customers designing systems" typically looks like. Remember Spiceworks? Everyone always made crazy demands that normally they already had because they didn't understand what they were asking. And they didn't like the results that they demanded.
Decentralized identity is a pretty awful idea. Someone needs to explain to me why they see this as beneficial.
The US is actually mocked worldwide for attempting (and failing obviously and dramatically) at decentralized ID for citizens when all other countries have it centralized and working easily.
Well - the US in general doesn't trust it's gov't - that's why they don't want a gov't controlled centralized ID.
Of course the gov't could make an ID that doesn't include any type of tracking (but come on - this is post Snowden - we know they'll never go for that) but the gov't won't do that.
China already has this (or mostly does) and they track the hell out of people.
-
@scottalanmiller said in Decentralized Identity:
@Dashrender said in Decentralized Identity:
And those situations exist why? because Google and Facebook make a mint knowing more about YOU - the product.
But twitter, GitHub, Discord, Apple and others don't and exist too. It's an easy thing to provide.
Do those platforms offer centralized authentication? And - is it open to anyone to use? i.e. could ML choose to use Apple's APIs to do authentication?
-
@Dashrender said in Decentralized Identity:
@scottalanmiller said in Decentralized Identity:
@Dashrender said in Decentralized Identity:
And those situations exist why? because Google and Facebook make a mint knowing more about YOU - the product.
But twitter, GitHub, Discord, Apple and others don't and exist too. It's an easy thing to provide.
Do those platforms offer centralized authentication? And - is it open to anyone to use? i.e. could ML choose to use Apple's APIs to do authentication?
Yes, very common. We have hooks for many (not apple I don't think) available but it's a pain to maintain as they are third party and is it really valuable?
Some sites that I use offer Apple for sure. I see it all the time.
-
@scottalanmiller said in Decentralized Identity:
@Dashrender said in Decentralized Identity:
@scottalanmiller said in Decentralized Identity:
@Dashrender said in Decentralized Identity:
And those situations exist why? because Google and Facebook make a mint knowing more about YOU - the product.
But twitter, GitHub, Discord, Apple and others don't and exist too. It's an easy thing to provide.
Do those platforms offer centralized authentication? And - is it open to anyone to use? i.e. could ML choose to use Apple's APIs to do authentication?
Yes, very common. We have hooks for many (not apple I don't think) available but it's a pain to maintain as they are third party and is it really valuable?
Some sites that I use offer Apple for sure. I see it all the time.
Is it valuable? I'd love the ability to use everything off my MS account - so yes, I think so.
But a websites need to support dozens or more "centralized" or as the stupid video puts it - decentralized - authentication providers would definitely be a PITA for them.
