Steve:	Just a little bit in terms of context, in the past, we've had Eve Maler on the show, we've had Dr. Ann Cavoukian on the show. At a high level, the idea about the Non-Conformist Innovation podcast is to really highlight the innovation that's occurring in our industry today that is helping to move business forward. That's the kind of innovation that we need to do because we want to, to help companies be more competitive in the marketplace and to do the right thing in an increasingly conscious capitalism marketplace.
Steve:	A couple of folks recommended to reach out to you to talk about what's happening in this distributed identity world, in this Web 3.0 world, if you will, and I did, and graciously you accepted. Phil, thanks for making the time to be on the show today.
Phil:	I'm happy to do it.
Steve:	So we've only ... The guests I mentioned before, they've briefly mentioned and talked about what's happening in the blockchain world and privacy concerns and privacy by design, and taking control over our data is really fueling the distributed identity trends, if you will. But, for this show, we get to spend the whole time talking about that, which I love.
Steve:	Before we get to that part, I'd like to kind of rewind a little bit and focus on you because I don't think that many or the majority of the listeners of our show would know who you are or your background. Can you start by talking a bit about your beginnings in the identity space? How did you get interested in identity, and how has identity evolved up until today?
Phil:	Sure. So my beginnings in identity came with an email from a friend of mind named Doug Kay, who had just written a book on web services, and he sent me an email, and he said, "The world needs a book on digital identity. I think you should write it." Which is weird because, at that point, I knew nothing about digital identity, or so I thought. I wasn't thinking about digital identity. It certainly wasn't even a field I saw as a thing that I could be involved in.
Phil:	But I thought, "Okay, that's interesting. I've always wanted to write a book." I had just finished with being CIO for the state of Utah for two years during the Winter Olympics in Salt Lake, so I thought, "Okay, I'll take a shot at this." I wrote a proposal, all of those kinds of things. Ended up writing a book called "Digital Identity" for O'Reilly Media. And this was 2004 that I was writing it. It came out in 2005. So, if you think about that time period, digital identity was all about enterprise identity. It was all about how you keep track of your employees and log in to email systems and that kind of thing. There was almost nothing in the book or even in my consciousness, I guess, based on my background, about identity for people who are visiting websites, etc. But that's how I got started is writing that book.
Phil:	About the same time, there was quite a bit of interest in this topic. Steve Gilmore held a podcast. I think it was like New Year's Eve of 2004, and it became known as the Identity Gang podcast. He had way too many people, it was like 30 people on this podcast, but it was all talk about ... Yeah, you're laughing because you know how difficult that would be, right? But it was all about this other side of identity, this idea of people having an identity online, and that got me thinking.
Phil:	A friend of mine, Doc Searls, who's very well-known in the Linux space, and I started talking. We said, "We ought to do a workshop on it, just get these same people together, these same 30 people plus some others who want to come, and just talk about this over the course of a couple of days. Have more time to talk through some of the issues.
Phil:	So we started planning this. We tried to have it in the spring of 2005. It didn't work. And Doc ran into a woman named Kaliya Hamlin at the time. She goes by Kaliya Young now. And Kaliya, they actually ran into each other at a baseball game of all places. He was talking to her about this idea of an identity workshop, and she said, "Oh, we should totally do that. I love digital identity." So the three of us launched Internet Identity Workshop.
Steve:	Aha.
Phil:	In the fall of 2005, so that's how IIW came to be. We've been doing that every six months since 2005, so we'll be holding our 29th meeting October 1 through the 3rd, just coming up in a month.
Phil:	So that was really my beginnings in identity. In Internet Identity Workshop, we focused on what we called user-centric identity at the time. That was the term that we had for it, and it was this idea of people having an identity online, be able to do something with it. And the technology of that period was open ID, and there's a whole story about how open ID came to be in Internet Identity Workshop. But the point is open ID was supposed to be how do people have an identity using a URL. That was what open ID was.
Steve:	Right, right.
Phil:	It didn't work out. There were various reasons why it didn't. There was another technology at the time called information cards, which was from Kim Cameron at Microsoft. A very, very different technology, but same idea, user-centric. And so both of those were very much in play at early Internet Identity Workshops.
Phil:	And since then, we have things like OS and open ID connect, which is very different than the original open ID as a protocol. But there's been a ... and UMA. You mentioned you had Eve on the show earlier.
Steve:	Yes.
Phil:	So user-managed access. FIDO, the idea of using cryptographic keys for two-factor authentication. All of these have been technologies that people have developed over the past 15 years in service of this idea that was called user-centric identity.
Steve:	That's great. And I was mentioning earlier to Helen before you joined the call that I do believe we've met and shook hands. I've attended IIW at least a couple of times when I was working at VMware in the Bay Area. But the thing that's interesting about IIW is that you call it "the un-conference." In a way, that's where I met Eve, and she's a little social butterfly and just a brilliant in this space as well, hence I had to have her on the show.
Steve:	But it was an incubator of sorts of this new vision. Even Eve's technology, user-managed access, was putting users in the center and user ... The first time I heard about giving user consent over their own attributes or over their own data was at IIW. So maybe you could spend a little bit ... you mentioned a couple of these protocols. How IIW was instrumental in incubating new ideas and then maybe how that, since 2015 until now, blockchain and that type of technology has been the big news headline grabber, right? And how it went from user-managed to then what it is that we have today with decentralized identity.
Phil:	Yeah, yeah. I'm glad you pointed out you've been to IIW because I remembered your name, and I was trying to figure out why. Why do I know Steve Tout? How do I know this from? So that's great that you were at VMware and coming to IIW.
Phil:	Like I mentioned earlier, IIW started with this idea of user-centric or user-managed identity, and the idea there was not a small one. It comes down to, without being too ... I don't know what word I'm looking for. But it comes down to the idea of, if we build a digital world where people are always in the administrative systems of someone else's identity system, they're always within the administrative control of someone else, that's very different than how identity works in the physical world, and we're likely to get a very different place. And as more and more of our life goes online, it's not clear to me we're going to like that place, that we're not going to lose crucial freedoms and abilities.
Phil:	That's important, the idea of individual freedom and autonomy. It also, I think, affects the kinds of economies and interactions that happen online. In short, I think it is nothing less than foundational that we get the identity of people right in the digital world in order for the digital world to develop in a way that we think it will, that we want it to.
Phil:	Ten years ago, this idea was kind of weird. Now, I think with the way people have seen social media and other systems develop, it's not as weird to people. You mentioned privacy by design, right?
Steve:	Yeah.
Phil:	The idea that somehow privacy ought to be built-in to systems. This was not a normal idea even 10 years ago. Now it's kind of becoming the thing that people go ...
Steve:	Huge driver, right?
Phil:	Yeah.
Steve:	And talks about privacy-enhancing technologies.
Phil:	Yes, yes.
Steve:	Freedom-preserving technologies, right? So, before the show, I've actually had a few weeks to prepare for this. I'm educating myself in this space, probably not as fast as I should, but I'm learning, and I came across a blog that you recently wrote. There was one statement there relative to this point. If I can, I would like to just read it.
Phil:	Sure.
Steve:	You say, "Each of these administrative systems," these are the network-centric, domain-centric systems that you're referring to, "is built for the convenience of the organization who controls it. Design choices for these systems are made to maximize the legibility of people to the organization for its purposes. The balance of power is severely skewed toward one party over the other. Consequently, people have few natural rights and little leverage online. Current online identity systems significantly reduce individual freedom and economy."
Steve:	And so, with that statement, I wanted to segue into your current role in the Sovrin organization. I've also listened to a couple of your podcasts on the state of identity. I don't necessarily want to get to technical about what is it, but I do want to have you unpack that statement there, just in terms of reducing individual freedom and economy, in terms of building the business case for this Web 3.0 world with decentralized identities and self-sovereign identities and so forth.
Phil:	Yeah. You know, I think it's important. Thank you for reading that statement. It's always nice to have things written down because I'm a lot more coherent when I have time to think through what I'm saying.
Steve:	You and me both.
Phil:	One of the things that I think is important to recognize is that these administrative systems, I say that they're built for the convenience of the people who built them. There's nothing wrong with that. That's just how business developed online, and of course they're going to solve the identity problem if nobody else is solving it for them. Their natural instinct is going to be to build an administrative identity system that's for their convenience, not for yours.
Phil:	There's a ... I have a word in there, "legibility." There's actually a great book called "Seeing Like a State," which is all about legibility and how bureaucracies are built to make not just people, but everything for us, anything that they're trying to administer legible, meaning that they can see it and they can manage it. That's really what's happening with administrative identity systems is they're just trying to build a system that makes us legible to them so that we can carry out business.
Phil:	Like I point out, we don't have any similar systems, right? People are hampered in that effort because all of the power devolves to the people who are building the identity systems. And so the point of a system like Sovrin is to create a digital identity system or a digital identity, I think of it as a meta-system, and I can talk more about that distinction in a minute, a digital identity meta-system that is open to all and gives everybody kind of a level playing field in the same way the internet did.
Phil:	And it is true that, if you're a business and have lots of money, you probably can do things that get your website more noticed and all kinds of other things. But the point is you can create a website. You can get a domain name. You can do all of these things online, which before the web existed, you couldn't do. Before the internet existed, you couldn't really do email. Corporations had internal email systems. I used many of them. I'm old enough to remember the days before internet email. But people didn't have that.
Phil:	So that's really what we're trying to do is build this meta-system that allows everybody to participate.
Steve:	And if you want a driver's license, you have to go take a number and sit down and wait until you're called and serve at the leisure of the DMV, right?
Phil:	Yeah. There's a whole different ... We could do a whole other podcast on bureaucracies and state legibility and other things, but ...
Steve:	We should actually. I would love that.
Phil:	Yeah. It's fascinating how that works. But yeah, and businesses have done the same thing. It's not just bureaucracy anymore. It's every large organization that you deal with is essentially putting you in their identity system, and you don't really have any way to interact with them, except on their terms.
Steve:	Right.
Phil:	Think about, if you use something like Login with Amazon or Facebook Connect or Login with Google or any of these other social login systems, if you use those extensively, think about what your life would be like if you lost that access, if they took your account away. And this happens, right? It doesn't happen frequently, but Amazon can take your account away at any point. Facebook can cancel your account at any point. They have no obligation to give you access, and yet you're putting all of your access essentially in their basket. There's no recourse. There's no adjudication process.
Phil:	And so this is the kind of system ... like I said, I don't think we can blame them. I don't think it's evil. I think it just is not the system we want, so let's build a different system.
Steve:	Right. In Web 2.0 world, there's the CIA [inaudible 00:16:41]. I think, when we look at what's happening with decentralized identities, certainly in immutable blockchain transactions and those sort of things, you can enforce and achieve the confidentiality integrity and availability.
Steve:	But I guess let's explore what is the real genius of decentralized identity? Is it encapsulating this idea of user control, taking back control over your own identity so you don't have to go spend two hours of your life in line because of some bureaucracy?
Phil:	So it's actually not that in the sense that there are still going to be administrative systems, and you're still going to have to interact with the DMV and with Amazon or whoever else you want to interact with. I think of self-sovereign identity as being about borders. It's about defining the areas within which I have control and outside of which I have to interact with others as peers. That idea of being a peer is as important as the idea of control. In fact, I think it's in some ways more important than control because what it implies is that there are equal rights on both sides.
Phil:	The basic way that decentralized or self-sovereign identity works is not that unfamiliar to people who use identity in the physical world. Think about it for a second: Other than when you get asked to present your driver's license, you almost never think about identity, right? It's not something that people wander around thinking, "Oh, gee, I have an identity. How do I present my identity?" It's not a topic that 99.999% of the population ever even wants to hear about. And yet it works beautifully. You recognize people. Because you recognize people, you can remember them, and because your remember them, you can respond to them, and you have a relationship.
Phil:	That's exactly the same kind of thing that we need in the digital world. You need a way to recognize, remember, and interact with others in relationships. And that's really ... It's kind of ironic that we call it self-sovereign identity. That's a nice word, but what we're really talking about is relationships and the kinds of interactions that those relationships can have depending on how much we trust the party at the other end.
Phil:	That idea of trust, I think, is important. I like to say that an identity meta-system gives rise to a universal trust framework, and that takes a little bit of unpacking. So, first of all, an identity meta-system implies that it's not a system but a system that you use to build other systems. So an identity meta-system isn't an identity system. It doesn't give you an identity. What it does is it allows others to create identity systems which are useful in whatever domain they're interested in.
Phil:	To give you an idea of what I mean by that, if you went to university, you have or could get a transcript from your university. That's an identity system. It essentially assigns a certain set of attributes from somebody who knows something about you to you in a way that others can trust. That's an identity system. And we don't normally think of a university transcript system as an identity system, but it is. A store receipt is an identity system. It assigns attributes to you and gives you a document that you can use to prove that you bought certain things on a certain date at a certain place using a certain payment instrument. That's an identity system.
Phil:	And so identity systems are all around us, and we don't think of them as such, but an identity meta-system allows all of those to be built on a common foundation so that they're interoperable. What I mean when I say that gives rise to a universal trust framework is, if you think about why does that receipt ... why is it trustworthy? Well, when you take it back to the store to get a return or because you need to get service or whatever, the store can recognize that it is theirs. They can, within the limits of the size of the transaction, they can verify that it's legitimate, and they know that you have it because you're presenting it to them. These are all very important ideas.
Phil:	In fact, it could work even outside of that system. It could be that I want you to prove to me that you bought something at another store in order for me to give you a discount. As long as I believe the other store issued that receipt to you, that all works. There's no central authority for this, right? There's no overarching system that's making this work.
Steve:	I really like that idea, especially because it aligns so well with ... It puts the nonconformist in innovation. I guess, in autocratic organizations with autocratic leaders, you kind of see power in this hierarchal form, and therein lies the one-sided view of power and control over users' data with the hierarchy design of peer-to-peer with distributed identities and self-sovereign identity and the framework that you're talking about, it's great. There isn't the centralized pot of data that attackers can go and steal and perpetuate their cyber-crime.
Phil:	Yeah.
Steve:	So increasingly, this notion of a decentralized model has far greater benefits to the individuals.
Steve:	Let's shift our focus from that to the market and the marketplace and the reception of this new technology, if you will.
Phil:	Sure.
Steve:	Instead of using the big analyst firm, there's a similar idea with Geoffrey Moore's "Crossing the Chasm," you can use the hype cycle if you want. But how far along are we with the adoption of this new technology. Have we crossed the chasm yet in terms of mass adoption, or do we still have a lot of work to do?
Phil:	I think there's still a lot of work to do, but we have made really good progress. I like to think of it as this is not 1994 from a web perspective. This is more like 1995, '96, meaning that it's not this totally weird, out-there idea with just a few people talking about it. There's a lot of people talking about it, a lot of organizations, a lot of well-heeled organizations working on this idea and how they can use it. But it hasn't reached the point of everybody just assumes that they have to do it, and they're going to go do it, which is how things were in like 1998, right?
Phil:	I had an internet company that I started in 1994 and sold in 1999, so I know how this goes, at least on the web, in terms of people just looking at it and how excited things were. But I think we're getting to a point where lots of organizations know about it at least and are wondering if they think they can do it. And there's a number of players in the ecosystem, either using it in some early trials and even production use cases, and a number of participants in the ecosystem who think they can build systems that others will buy to make this easier for them. So those are both really good developments in terms of seeing this catch on and take place.
Phil:	So we've seen several interesting production use cases. The earliest one was the governments of British Columbia and the province of Ontario have used Sovrin or are using Sovrin now for business credentials. They've issued millions of business credentials based on Sovrin. They have a whole plan for larger credentialing in terms of just businesses, others. If you think about governments, they're just credential factories, right? That's basically what they do.
Steve:	Yeah.
Phil:	And so that's a really interesting use case. I'm also very excited about just recently we had the first credit unions start to issue member-facing, customer-facing credentials. It's funny because credit unions were the reason I got into Sovrin. When I first heard about Sovrin and was kind of wondering whether it was going to take off, I went to a meeting with a bunch of credit unions. This was 2016, so it was quite early. And the credit unions were very interested in us, and I thought, "Okay, if the credit unions are interested in this, there's something here. Let me understand this."
Phil:	And it's all internal use cases. They have security concerns. They want to know who the person they're talking to on the other end of the line is really the customer, the member.
Steve:	Absolutely.
Phil:	They want to know, when you log in, that it's really you. And one of the things that self-sovereign identity systems are very good at is mutual authentication and being able to share trusted attributes. And so it's very exciting to me that we've got a credit union issuing member-facing credentials.
Phil:	There are a number of others that are in trial or various stages of rolling things out, but I'm also excited about the players that I'm seeing on the supply side of the ecosystem, supplying systems to companies that want to do this because, you think about it, a credit union issuing credentials to their memberships, they're probably not going to develop all of that software themselves. That would be quite unusual. So they need to have partners.
Phil:	And so Evernym is one of the first Sovrin commercial entities who's issuing or creating software for others to use, but there are others.
Steve:	Yeah.
Phil:	There's a company in Iowa called IdRamp. There's a large ecosystem in South Africa. We have a partner in Europe, InfoCert, the largest certificate issuer in Europe, who is developing a credential ecosystem play that they think they can take to market. These are the kinds of things that really start to roll it out because, of course ...
Steve:	Yeah.
Phil:	If it's just me on a podcast, it's one person making statements and people kind of have to go, "Okay, now what do I do?" But if you get commercial companies out there, they have to go out and advertise. They have to go out and meet with partners. They have sales programs. These things drive adoption unlike just me or a few other people talking or writing blog articles or whatever could ever do.
Steve:	Right. And perhaps the biggest company or news headline in recent weeks, everybody is talking about the Facebook Libra cryptocurrency, which I think is interesting, especially just because they have to have an identity layer to be able to implement any kind of new cryptocurrency system, so it could be interesting because they have so many users.
Steve:	But I think a story that didn't get as much press time but is probably a better indicator of where we're at, maybe you agree, is Trusted Key that got acquired by Workday. In you mind, what does that say about the current state of DID and SSI today?
Phil:	Yeah, Workday has been interested in this space for some time, and I think they're a really interesting player in this space because we like to call the companies that are out there pushing this idea "queen bees" in that they create a lot of activity around them. Workday is like a queen bee factory because they put credentials inside their software. Now every one of their 2,000 partners can easily get credentials. That's huge to have them just kind of roll that kind of thing out.
Phil:	So, yeah, I think the Trusted Keys acquisition is really interesting. Like I said, there's a number of these things that are starting to happen. That's why I said it feels kind of like 1995, 1996.
Steve:	And then adoption depends above all on usefulness, right? And Workday works with a lot of large companies for HR onboarding of their employees and potentially could streamline and give users better visibility at least or control of how their employers are using their information.
Phil:	That's right, that's right.
Steve:	So another interesting quote I got from your blog, and I think this will hit really on the main nerve of the nonconformist in innovation, you quoted Simon Morris, and you say, "The primary value proposition of decentralization is enabling the breaking of rules."
Steve:	I think, just shifting to look more a little bit at the legal and regulatory landscape, early examples of blockchain technologies, people think of Bitcoin and how that enabled the sale of human trafficking, drugs, data on the dark web, but this is a new world. And of late, even the Sovrin organization now has the governance framework. And so, looking at how that is feeding into organizations and help comply with the GDPR or the CCPA, where's that connection between how organizations embrace and adopt DID and SSIs and this governance framework to be more compliant with these big major regulatory bodies and frameworks?
Phil:	Yeah, it's a double-edged sword I think. The problem with regulation is, of course, that it kind of cements a certain place in time so that it's really hard to get past that. GDPR is a good example. It came kind of at the same time that self-sovereign identity was getting going, and it didn't anticipate it, and so there are certain places where you're trying to put a square peg in a round hole kind of thing. And yet the goals, I think, are completely aligned, that protecting data is the primary goal of GDPR, and of course we believe that self-sovereign is a good foundational technology for doing that.
Phil:	So I think the goals are aligned, but sometimes you get a little bit of mismatch. But I do think that it's a good thing that we have enough concern about this problem that governments are starting to pay attention. It's always tough to get the level of regulation right, but like I said, it's indicative that people recognize that there's a problem and it needs to be solved.
Steve:	At least to the point where people can trust it and businesses can trust it. If it's unregulated, like in the case of Bitcoin, and it can't be audited, which is more of a public blockchain versus a hybrid or a private one, I think there's an opportunity there to have some oversight so that it can be trusted by businesses and the users who are going to use that technology.
Phil:	Yeah, that's been an important thing for Sovrin from the start is that we wanted to be a system that businesses and organizations saw as something that they could trust and use and not be kind of on the wrong side of the line, whatever that line is. Businesses worry about that stuff. There's a reputational risk to innovation. And so we always wanted to be the kind of place where businesses were comfortable.
Phil:	It's a little ironic because we're talking about self-sovereign identity. We're talking about people, so why do we care about businesses? Well, we care about businesses because, if you get a self-sovereign identity, but there's no place that you can actually use it or anything you can do it, then you don't really have much. You really have to bring everybody into the ecosystem: businesses, people, governments. They all have to be part of this ecosystem in order for it to have an impact on individual freedom and autonomy.
Steve:	Right, yeah. So an increasing number of players in the space leveraging blockchain. Some folks worry that, with so many different networks, no standards exist to allow them to interact. Microsoft, IBM, Cisco, VMware, Evernym, RSA, JPMorgan, and MasterCard in the financial services space. Then there's the decentralized identity foundation in WC3 that are working on creating standards.
Steve:	So, relative to Sovrin's mission to become the missing identity layer for the internet, what is on your roadmap and in the future of Sovrin to help address interoperability concerns of DID and SSI and that will help accelerate adoption?
Phil:	So there's already a lot of things happening. First of all, there are two emerging standards, the one for decentralized identifiers and the one for verifiable credentials, which all of these systems or many of these systems, I don't know about all of them. It seems like, at one point, every week there was somebody announcing a blockchain-based identity system, most of which were not really very good.
Steve:	Yeah. It's 1995, remember? '96.
Phil:	That's right, it's 1995. But the ones that have any legs at all have those standards in common. That's important because that does imply a certain amount of interoperability. We're not completely there. There's still some important arguments I think or debates about how certain things should be done, what we should do in certain circumstances, for credential presentation, for example, is one place where there's still open debates about what the right thing is. And that's okay. It's early, and we have an opportunity to discuss these things. And that's okay. It's much better than just rushing to some solution and then finding out that it's not really going to work for a bunch of use cases.
Steve:	Right.
Phil:	So I think the interoperability discussions are happening. We talked about IIW earlier. Last IIW in April, there were half a dozen, maybe more, sessions on interop in the SSI space. So I think that's coming. Sovrin's position here is we're not a company, we're not an organization. We are an organization, but we're not a commercial organization. We're trying to build this meta-system, and we want everybody to play. So we're happy to work with the decentralized identity foundation. We're happy to work with uPort and others, Consensus, to come to an agreement on how this ought to all work and play our part. Our part is governance.
Steve:	Right.
Phil:	We have something unique to offer. So I'm very hopeful that we'll see a single identity meta-system that everybody participates in and is completely interoperable.
Steve:	Yeah. I know we're at the top of the hour. I just have two more questions that I'll pose, if you can take a couple of minutes.
Phil:	Sure.
Steve:	No question will get there in a decade, but who leads and how fast? And finally, what should business leaders in innovative organizations who haven't started thinking about DID and SSI and how that will impact them begin to think about in evaluation and adoption of this new technology?
Phil:	Yeah, let me take the second question first because I think it's a really interesting one. Most businesses, most organizations, most players who are not in the identity space use credentials of some kind. If your business uses credentials, especially if you are the creator of that credential or you're part of a consortium that manages how that credential gets used, start thinking about how you could build that on top of an identity meta-system, instead of some special system, some centralized organization.
Phil:	The reason why that's important is because, by building it on an identity meta-system, you're not only going to get your system in play, but you're also going to reap the network effects of all of the other organizations who are using that same identity meta-system for their credentials. Credentials can be used in tandem or in concert with each other, so there's huge network effects for putting your credentials into a credential-based identity meta-system like Sovrin.
Phil:	And so I think that's where people ought to be looking is do I use credentials, and if I do, how can I use it? Too often, when we think about identity, digital identity, the conversation's always about authentication. How do I use usernames and passwords to log people in? And then we stop. But every business has identity systems that go well beyond authentication.
Steve:	Yeah.
Phil:	And the place to find them is to look where you're using something that looks like a credential.
Steve:	Right.
Phil:	When I say "credential," I just mean a structured document that has some way of verifying that it's true and is used to transfer information back and forth. That's a credential.
Steve:	Yeah. So who's going to win? Within the next few years, probably 10 years from now, this will be pretty mainstream, I would guess. But some time between now and then, who do you think is going to emerge the winners? What does the timeline for that look like?
Phil:	So I think we're all going to be winners. In the same way that the internet happened, the internet wasn't about a single organization winning, even if you think about Netscape. They won for a while, they they went away, but everybody won because we got this wonderful system out of it. And I think that's what's going to happen here. What you're going to see is you're going to see in 10 years an identity meta-system I believe that will be based on DIDs. It will be based on verifiable credentials. It'll have interoperable credential exchange. It probably won't matter specifically where those records are rooted, meaning which blockchain, as long as that blockchain has certain governance around it, and you can ...
Phil:	Governance is important because the whole point of credentials is to trust them, and so there's a lot of governance issues involved in creating a system that works. Leave out winning, just thinking about a system that works.
Steve:	Yeah.
Phil:	We need to have a credentialing system that has trust at its core. So that's where I think we're going to be in 10 years. We're going to have something that feels very much like this. People are going to take it for granted, and we're just going to assume that we can carry around credentials with us.
Phil:	And again, when I say "credentials," you have to kind of squint a little bit because these aren't just driver's licenses and birth certificates. Even a receipt or a boarding pass is a credential. Imagine if those were all in some interoperable system, as opposed to some specific app on your phone. That's what we're going to get to, and we'll all win.
Steve:	I like that. Well, Phil, it's been great chatting with you about this. I think there's more that we could discuss, but even within the time we've talked, I just see innovation all over what's happening here, and it will be great to follow the developments of Sovrin. I think, without governance, 10 years from now could look probably just as bad, maybe even worse than we are today. I really think that's an important piece. I'm glad someone with your intellect and your knowledge and ability to foresee the problems and challenges that we have in the future is the chairman of that organization and driving that success.
Steve:	So, Phil, thanks again for taking the time, and I hope we can do this again soon.
Phil:	Thank you. I was happy to do it. It was a great conversation.