From 1f28bc88c64537302d3d5550ee34820b155e1dda Mon Sep 17 00:00:00 2001 From: Coralie Mercier Date: Tue, 6 Aug 2024 12:18:51 +0200 Subject: [PATCH] Tone down statement "W3C is handling this issue with a Threat Model." implies endorsement by W3C members. But the link brings the reader to a use case within the document, which attempts to summarize an introduction to "Trust over IP" from 2021 by the "trust over IP foundation" which is a 35-page PDF hosted elsewhere. This is misleading and risky to make such a claim and to rely on a document whose status is unclear at a cursory glance. --- index.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.html b/index.html index d625db0..8212da1 100644 --- a/index.html +++ b/index.html @@ -626,7 +626,7 @@

Privacy loss (surveillance): if this technology is not designed and implemented properly, it can lead to surveillance by state and non-state actors such as government and private technology providers. For example, centralized or federated models are more prone to these threats, while decentralized models are less so, but it depends on how they are implemented. Therefore, it is necessary to provide privacy-preserving technologies and implement them properly.

-

Note: W3C is handling this issue with a Threat Model.

+

Note: W3C might consider handling this issue with a Threat Model.

2.3. Digital identity management models

With these assumptions, before proceeding, it is important to understand how digital identities are managed and how they have evolved over the years.

Let us start with the example of a person’s identity, and break it down. We had: