Convenience-paranoia tradeoff

From LID Wiki

Any security technology, including a User-centric Digital Identity technology such as LID, faces conflicting requirements. On one hand, the technology should be as secure as possible with respect to as many different kinds of potential attacks as possible. On the other hand, it must be convenient for the user, otherwise it would not be adopted by many users.

Microsoft Passport, for example, was convenient. However, many prospective users rejected the system because of their concern that they would have to trust a single actor (Microsoft) who they were not prepared to trust. The Passport technology could not be used in a manner that would not require trusting Microsoft, so Passport was limited to a particular point in the spectrum between convenience and paranoia heavily slanted towards convenience.

In LID, we consciously decided to support an entire range of convenience and paranoia tradeoffs through the following LID features:

• LID is a family of protocols, not a single implementation. Whoever does not trust a particular software implementation by a particular vendor is welcome to choose another, or develop their own.
• LID uses a fully decentralized architecture. Because of that, LID works just as well if every LID user runs different LID software on a different server than if all of them run on a single organization's servers.
• Users who value convenience over paranoia can choose a hosted LID implementation by a vendor who they trust.
• Users who do not wish to trust an LID hosting provider, but are willing to go through additional work on their part can obtain a LID implementation they trust (or develop one of their own) and run it on their own server, on any operating system or technology stack they choose.

Therefore, we think that LID delivers the best of both worlds: any user can pick any point in the tradeoff between convenience and paranoia that they are most comfortable with. This flexibility is a quite unique feature of LID compared to other systems.