About Podcast Episode
We started off this podcast conversation diving into topics like centralization and decentralization, which we hear so much in our world. I was inspired by a paper I had read earlier in the year called “Internet Centralization: What can standards do?” (I may have recommended this one a couple of times before!) This paper discusses areas of the internet that are decentralized and centralized, and states that the internet is a global public good because permission is not required to connect to it, deploy an application on it, or use it for a particular purpose.
“HTTP is therefore an example of platform centralization. While the protocol itself is not centralized, it facilitates the creation of consolidated services and applications like concentration. Platform centralization is difficult to prevent with protocol design.”
It was interesting to have a discussion with Daniel about the trade-offs that one needs to make in protocol design and in any software application design. It’s important to consider the impact that these trade-offs will have downstream.
Daniel had written a very timely blog post before our conversation called “Big Desks and Little People,” which I also recommend any listener of this podcast to read. Our conversation moved into that space to discuss how certain architectural models create trade-offs. The client-server architectural model, for example, can lead to some imbalances and skew power dynamics towards the server, which in many interactions in our daily life represents an organization we are interacting with.
The purpose of this podcast episode isn’t to sway people against using client-server architecture for digital identity implementations. Rather, we aim to have a discussion around the trade-offs we make when making these architectural decisions. It’s not that client-server architectures don’t work for certain use cases; they do. In fact, a lot of the things we do online today are based on this model and there’s a lot of good stuff. However, it’s important to also talk about the limitations that certain architectures have.
“Who defines the interface for the interaction?”
We talked about these limitations, some great things we can do, and some great things we can’t do, with the ultimate goal to further enhance and humanize our digital interactions. We want to establish equal power dynamic opportunities and allow people to authenticate organizations and other people, moving away from just the unidirectional server-to-client or organization-to-person authentication. By humanizing our digital interactions and incorporating this in the way we design protocols, we’ll be able to develop more personalized and flexible opportunities for people to build digital trust and have similar types of opportunities that a server has towards a client.
Some of the topics discussed between Daniel and I in this podcast conversation include:
- The Centralization vs. Decentralization Continuum and the role of client-server architectures – weighing different forms of centralization and their impact on other architectural goals.
- Protocol design and its relationship to consolidation – How do we determine trade-offs between centralization and decentralization in various components within a system?
- Balancing architectural goals – is it more of an art or a science when making these decisions – do trade-offs happen at protocol or application layers?
- Protocol design for digital identity, digital trust, and user categorization – Achieving self-sovereignty, control, and authenticity – Confidentiality and privacy.
- How do protocol choices affect power dynamics and trust relationships and interactions between different parties?
- How can we drive the right standards or protocols for more flexible interactions? Incentives for organizations to support standards that facilitate interactions between individuals – Balancing short-term sacrifices for long-term gains – The role of an ecosystem in driving change.
- Can all human-driven protocols be codified, and is ‘workflow’ flexibility more important than achieving authenticity, confidentiality, and privacy? The challenge of replicating human interactions in digital protocols – The importance of flexible workflows – Balancing security and privacy with the ability to express nuance and adaptability.
Daniel has been doing software engineering and architecture for about 30 years. He has formal education in linguistics, business, and cybersecurity. He contributed to SSI standards such as W3C’s DID core and VC specs, DIDComm 1 and 2, DIF’s peer DID spec, and numerous RFCs from Hyperledger Aries. He also helped launch Sovrin and Trust Over IP.
Daniel currently works as the CTO and CISO of Provenant, which is focused on authentic digital communication for organizations.