Identosphere 181: Presentation Exchange v2.1 • Durable Content Credentials • WICG Digital Identities Project • TBD and DID:DHT
Weekly edition of the latest Self Sovereign Identity related news, development, upcoming events, and thoughtful commentary from the blog-o-sphere. Thanks for your continued support.
Kaliya and Infominer met in person for the first time this week and watched the eclipse together. The photos from the XKCD that we got are The Partial (going in and going out) and the “Frustratingly looking up at the cloud situation in Australia for 2028” Doc got it though
“We are thrilled to partner with Smart Spaces and Cohesion to provide their customers and users with a convenient, secure wallet experience on Android phones,” said HID’s VP of Mobile, Sanjit Bardhan. “By adding mobile credentials in Google Wallet, users can access everything from turnstiles and elevators to certain floors on a building to computer and printer networks.”
In a story on “Ripping IDs Should Go the Way of CDs”, I wrote about the questionable accuracy, usability, and privacy of “ripping” analog IDs into the digital space — a/k/a Mobile Know Your Customer (mKYC). Now I‘ll analyze the “ $1 cost problem” and you’ll see why important steps in mKYC are being skipped.
SSI emerged in 2015 and has gained limited momentum in the travel industry over the last few years, but it is hardly a universal trend that all have embraced. Simultaneously, biometrics are increasingly being paired with digital profiles to physically verify identity, primarily in the form of facial recognition. Throughout the travel journey, these two technologies can work in tandem to remove friction from the travel process.
So, while there was alignment on the problem of “how is an individual supposed to actively select their identity,”
With a digital identity wallet, we see requirements coming in from operating system developers, browser developers, and privacy advocates, as well as wallet and credential issuers and verifiers.
Historically our software has supported did:key, did:web, and did:ion, and some other methods within certain segments of our stack. Recognizing the impracticality of a "one-size-fits-all" approach, we embraced a multi-method strategy. Today that strategy incorporates three key DID methods: did:jwk, did:web, and did:dht, each catering to specific scenarios with their unique strengths.
We are excited to announce that Presentation Exchange v2.1 has reached a significant milestone and is now under review for Working Group Approval. This update marks a critical step forward marking the specification's continued adoption. Community members and stakeholders are encouraged to provide their feedback by April 26, 2024. Barring any significant objections, the proposal will transition to the Working Group Approved state and subsequently seek the approval of the DIF Steering Committee.
The Trust Spanning Protocol (TSP) facilitates secure communication between endpoints with potentially different identifier types, using message-based exchanges. As long as these endpoints use identifiers based on public key cryptography (PKC) with a verifiable trust root, TSP ensures their messages are authentic and, if optionally chosen, confidential. Moreover, it presents various privacy protection measures against metadata-based correlation exploitations. These attributes of TSP together allow endpoints to form authentic relationships rooted in their respective verifiable identifiers (VIDs), viewing TSP messages as virtual channels for trustworthy communication. [ANN]
Many protocols negotiate supported operations using just “alg” - RFC 8414 (AS Metadata) uses negotiation parameters like: "token_endpoint_auth_signing_alg_values_supported": ["RS256", "ES256"] - OpenID Connect negotiates using “alg” and “enc” values - WebAuthn and FIDO2 negotiate using COSE “alg” numbers
This doesn’t work for polymorphic algorithms: - With “EdDSA”, you don’t know which of Ed25519 or Ed448 are supported! - WebAuthn contains this definition as a result: - “-8 (EdDSA), where crv is 6 (Ed25519)”
Two key U.S. lawmakers said on Sunday they struck a deal on draft bipartisan data privacy legislation that would restrict consumer data that technology companies can collect and give Americans the power to prevent selling of personal information or compel its deletion.
But Brits have changed. Call it an identity crisis. If a Labour government decides to bring in ID cards, a subject on which it has recently softened, polls suggest the public would support it. Tories may at that point snipe from the opposition benches – but Labour can retort that they are out of touch, and hypocritical to boot
The European Cloud Scale Mediator is part of Indicio’s commitment to helping customers in Europe build powerful and fast identity solutions. Interest in the technology has been growing as the European Union looks to allow for easier travel and better identity management for its citizens.
The Extensible Authentication Protocol (EAP) is a popular protocol for authentication in (wireless) local area networks. [...] We are the first to propose combining both technologies by specifying EAP-SSI as a new EAP method. The integration of SSI to EAP entails several advantages: it eases roaming for users and provides enhanced security and better privacy protection.
We introduce “SovereignRx”, a novel system that integrates SSI and blockchain technologies to address privacy concerns in healthcare prescriptions. SovereignRx uses Decentralized Identifiers (DIDs) for party identification and uses distributed nodes that reduce the maintenance costs between healthcare entities. The proposed architecture, based on Hyperledger projects (Indy, Aries, and Fabric), supports secure data transportation, tracing of dispensation, and interoperability based on the FHIR standard.
Our work provides a foundational framework for future SSI research and development, including a comprehensive catalogue of SSI components and design requirements for trust, shortcomings in existing SSI systems and areas for further exploration.
synthesizes emerging research and explores the transformative implications of blockchain and SSI for university records management. It examines how these technologies streamline administrative processes, enhance data security and trustworthiness, empower students to control their narratives and foster collaboration between educational institutions.
This approach isn’t about modernizing access to infrastructure, but changing how it is managed, accessed and owned. Unlike centralized providers, the crypto tokens issued through DePINs incentivize all participants to get involved. Decentralized autonomous organizations (known as DAOs for short) play a vital role in establishing the framework for how these projects are managed.
There have already been countless examples of data breaches within the AI space. In March 2023, OpenAI temporarily took ChatGPT offline after a ‘significant’ error meant users were able to see the conversation histories of strangers.
The news outlet 404 Media reported the discovery of an “underground” service called OnlyFake that created and sold fake IDs for 26 countries through Telegram, and one of 404’s reporters used one of OnlyFake’s IDs to bypass the “KYC,” or “know your customer,” process of crypto exchange OKX.
