The future of digital credentials: what do we want, how do we want it?
An open letter is seeking help from the community and market to find ways to ensure compatibility between two emerging standards for digital driving license’s, and potentially for credentials more generally, and that they do what implementers want them to do. The standards emerging are the W3C VC (verifiable credentials) Data Model and the ISO 18013-5 mDL (mobile driving license).
This is much about groups getting on with each other as technical standards. The goal is to establish an official liaison between the groups. If negotiations fail, there is the risk of proprietary systems capturing the space.
Open letter for open discussion, open standards
Lucy Yang and Kaliya “Identity Woman” Young have published the letter on Medium via the Identity Woman in Business account, addressing it to both standards communities as well as the broader interest group as they have found the two approaches to be lacking and to not be equivalent: “We need to define their equivalence so we can work out how they can be or need to be aligned.”
Those who may be able to contribute are asked to fill in this form.
The authors state the W3C approach is broader, developed for digital credentials more generally, while the ISO mDL is much more specific in being for a digital driving license. Each with their pros and cons. Yang and Young are seeking help in “finding common ground and alignment so that the two standards can be compatible to the fullest extent for the market to understand their respective unique values, for implementers to build on them with ease, and for users to manage credentials based on them with a good experience.”
This is not the beginning of this attempt to improve understanding (especially to learn more about the ISO side) and find common ground. There have already been community input sessions, interviews and community feedback session at the Internet Identity Worksho.
Could do better: market-driven definition of equivalence
Technical or standards-based collaboration is not deemed the crucial issue. The authors seek to understand what the market, and implementers in particular, expect of from the standards. Typically clarity and ease of use, with government generally requiring maturity while the private sector may appreciate innovation.
“If we expect the market to adopt a standards-based approach to digital credentials,” write Yang and Young, “We better provide standards that can guide the development of end-to-end solutions with the ability to be implemented with reasonable technical efforts by the majority of developers.”
The problem here is that they feel neither the W3C nor ISO approach alone provides entirety or clarity, requiring complementary standards. This requires examination of alignment between the standards.
Show respect for alignment, not one-size-fits-all
The authors doubt that any one standard will emerge for digital credentials. This means alignment between standards is a more important goal. Beyond this interoperability itself is the task of convincing the market and implementers that such efforts are underway.
Their efforts to date have found that the tension between the standards goes beyond the digital credentials community and the market seems to have the impression that the standards are “pitted against each other,” an unhelpful interpretation which could impede the whole sector.
The writers want more “political will” between the communities, dialogue, even “diplomatic relations” because “The differences are so fundamental that it seems neither possible, relevant nor worthwhile to consider any type of formal interactions.”
They encourage respects and state that they do not expect either group to significantly change its model for alignment. Rather, find ways to work together than may be replayed for many other credentials.
If not for each other, then against the proprietary
The bigger risk is that the image of a flailing standards community may simply allow implementers to launch proprietary solutions. “They are seen to be an easier decision: worsening everyone’s future prospects except the proprietary providers’.”
As verifiable credentials move into the mainstream, the community needs cohesion and the authors hope to broker it with more community help.