undefined | Better HN

0 pointsjiggawatts1y ago0 comments

If there's a central revocation list, then it's a centralised identity with a centralised authority.

That's the opposite if the "distributed" in DID, at least in the sense that the pro-Web-3.0 crypto fans are claiming.

0 comments

Again, you're conflating DID with VC improperly.

VC is an extension built on top of DID. It's not decentralized Verifiable Credentials, it's just Verifiable Credentials.

The entire article is about VC, and refers to VC as DID (which is also what you're wrongly doing).

It's like criticizing the collective web standard based on REST. REST is not the web.

Also, the part that makes VC decentralized is the alternative (OIDC authorization code flow). VC doesn't require the issuer for verification. (So basically the user has control over attestation of information about their identity, not some third party)

That means even though the Gov issued you an ID they can't track every time you have your credentials verified.. it works exactly like a physical ID. It's issued by the government, but the government isn't there every time you need to show ID. Some might consider that an invasion of privacy if they were.

j / k navigate · click thread line to collapse