In our connected world security and proof (evidence constituted in Verifiable Credentials (VC, W3C)) is distributed over what an individual can attest, what my objects tell about me (that is why AI = inferences from that data, is so important), and my behavior: “apply shaving foam” is a number in coelition.org. It is clear that we can no longer isolate the notion of security as in securing devices or securing infrastructure. In this brief article which is the background to a number of workshops that the authors and the Journal will host together, we sketch what we believe to be the end of a paradigm of a government model that has outsourced capabilities to the market. It is in the process of privatizing its last public capability: identity management. This is causing tremendous stress in systems, services, organizational procedures, and individuals. We propose a holistic perspective, distributing security at two points: at the device level and a moral movement at a societal level.
As a time out to create room to discuss this broadly, we propose a particular model of SSI and disposable identities.