summaryrefslogtreecommitdiff
path: root/transcripts/rebooting-web-of-trust/2019-prague/intro.mdwn
blob: d675f32e530292a7ea97b946af99ecec13c528d8 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
# Introduction

Why are we here? We are here to write papers, code, make UI/UX mock-ups. If you want to work on something and it doesn't fit into that category, then let us know. There might be other people that want to work on it too. We want you to find something you enjoy working on. If you feel you're not as productive as you would like to be, then let us know and we'll find something better for you to work on.

This is a new space, and we're not the greatest at writing things down. Even if we write things down, it's usually not up to date or easily indexable. Don't assume that you know the terms. Define your terms, if you're a community insider. The reason for these events is to get more people involved.

I want to call on Christopher Allen to give a little history about this work.

# History of Rebooting

About 5 years ago, I met with some old timers. These were people working on the original pre-internet stuff, some of which are represented here, like the Xanadu team and people working on early RSA encryption but not on the internet stack. I also met with some of the early pioneers of security like the CTO of PGP or the coauthor of the TLS standard and so on. An argument ensued as to, how do we solve the problems we didn't solve 20 years ago? A lot of people were very focused on incrementalism, like fixing the PGP problems or the TLS 1.3 problems. Or certificate transparency is going to solve all the problems of certificate authorities. My argument was no, we've hit the limits of our architecture and it's time to reboot.

At that time, I was entering into the blockchain field. I was doing digital currency off and on since 1988. I did Digicash and lots of early stuff. I went away from it, though, ebcause it didn't work and had other problems. Bitcoin proved to the world that there might be a solution here. The legacy security community was not really listening to this, and they were very skeptical of this, and in some cases for good reasons. But at least something was happening.

I brought together some leaders from the blockchain community and the security community and I wanted them to reboot the web of trust. At the first meeting, we had Vitalik Buterin and three of the lead Bitcoin Core developers. We had security folks from everywhere. We were short on diversity and things outside of the immediate blockchain community. We had some, but not enough.

Someone volunteered and said governments might be interested in this. Our next event, then, was at the United Nations. The refugee use case-- the person who submitted the topic paper at the first Rebooting wasn't able to make it, but her topic paper influenced the entire event. Almost all of the papers referred to the refugee use case in some fashion. We continued at the United Nations to define some requirements and figure out what problems we're going to solve. Identifiers turned out to be that problem. Verifiable credentials already existed, but it is helped by having DIDs and DID documents. We continued to iterate on that.

We're not at 4.5 years later. We've had over 50 high quality whitepapers submitted by you, on a wide variety of topics. A lot of interesting synergy. I hear there's people interested in secure storage. Key management and social key recovery and all of that aspect of things; there were 3 or 4 papers with very different approaches with how to do key management. A lot of other topics emerging. How do we integrate our thoughts in regards to law and property and the real world of what is identity, with our thinking about self-sovereign identity? There were a number of papers submitted on that.

I think one of the biggest important commonalities was the human-ness of everything. We're all people, and we're a lot more than our digital selves. This is the first principle of self-sovereign identity: we are more than our digital world. I appreciate you coming to this event, not just the coder or the UI person or the policy expert. Thank you very much for being here.

# rwot9

<https://github.com/WebOfTrustInfo/rwot9-prague/blob/master/topics-and-advance-readings/rwot-primer.md>

We want people to get into a collaborative mindset where we can think about creating new things. At the end of the day, we will self-divide into a few groups and then we will write an abstract about what our paper is going to be about. Over the next few days, we will write about what our paper is going to be about. Usually we have some good outlines, maybe some part of the text, and then we finish it up in the weeks or months that follow. My personal goal is to try and have papers done before the next Rebooting Web of Trust if possible. It's not an absolute requirement; I'm happy to work with you however long it takes you. I have 3 that I am actively working on from rwot8 and probably a few others I don't know about.

One of the things we wanted to do is do a call out to the papers that we finished from rwot8, which are 5 of them.

The first paper was "Evaluating social schemes for recovering control of an identifier". The second one was "how SSI will survive capitalism". Also the rwot8 DID specification refinement. We've done this a couple of times now where we get people together and we talk about the DID specification and how we can expand it and improve it. Also the "peer DID methods specification report". It doesn't actually use a blockchain or anything. Another one was a markdown-based javascript sandbox, using Jupyter. It's a python tool, actually. This was a javascript version of it that Joe really wanted to push out. There was another one about DID-auth.