Identosphere 183: VC-JOSE-COSE Candidate Recommendation • x509 for DIDs • I Bought Booze with JWT • Passkeys: A Shattered Dream
Weekly edition of the latest Self Sovereign Identity related news, development, upcoming events, and thoughtful commentary from the blog-o-sphere. Thanks for your continued support.
“The missions of the T3 Network and TLN are very closely aligned. While there are a lot of synergies between T3 and TLN, both networks attract different stakeholders to the conversation around digital credentials and LERs,” said Taylor Hansen, executive director, policy and programs, at the U.S. Chamber of Commerce Foundation’s T3 Innovation Network.
Mathieu Glaude and Daniel Hardman discuss the blurred lines between personal and organizational identity. They suggest replacing 'governance' with 'empowerment' and highlight the challenges in managing relationships, roles, and identifiers within organizations. Hardman emphasizes the importance of understanding context in identity management, challenging the current distinction between personal and organizational identities.
This specification defines how to secure credentials and presentations conforming to the Verifiable Credential data model [VC-DATA-MODEL-2.0] with JSON Object Signing and Encryption (JOSE), Selective Disclosure for JWTs [SD-JWT], and CBOR Object Signing and Encryption (COSE) [RFC9052]. This enables the Verifiable Credential data model [VC-DATA-MODEL-2.0] to be implemented with standards for signing and encryption that are widely adopted.
The abundance of X.509 certificate authorities who already perform identity proofing for businesses provides a rich resource that can be leveraged to boot the verifiable data ecosystem.
Indicio Senior Software Engineer Colton Wolkins joins Identity Insights to discuss recent breakthroughs in connecting to IoT devices through DIDComm. He breaks down why you would want to use DIDComm for IoT, how it works, and offers a quick demonstration of the technology in action.
TDIDN delivers a comprehensive architecture for implementing DIDs on a blockchain, through two related projects from the Hyperledger Foundation:
Hyperledger Aries provides a complete toolkit for building decentralized identity solutions. Aries can issue, store and present verifiable credentials with maximum privacy, and establish confidential, ongoing communication channels for rich interactions.
Hyperledger Indy supports digital identities rooted in blockchains that are interoperable across administrative domains, applications, and any other silo.
Hyperledger Aries provides the agent side of the decentralized identity application that reads and writes to the underlying DID blockchain provided by Indy.
NYMLAB has, therefore, built a mechanism and toolkit to enable developers to create on-chain zero-knowledge proofs for off-chain verifiable credentials, a novel approach to blending DID with the broader blockchain landscape.
Blockchain-enabled Data Sharing: Patient records are stored securely on a blockchain, ensuring tamper-proof and transparent access. Each transaction, like adding a new record or granting access, is recorded for traceability.
AI-driven Data Analysis: AI algorithms analyze this data to detect patterns and support clinical decisions. For instance, AI can predict health outcomes or personalize treatment plans based on patient history.
Enhanced Patient Care: This integration allows for personalized care delivery. For example, AI flags potential health risks, enabling proactive interventions, and improving treatment outcomes.
With our platform, you can easily create smooth onboarding, document signing, or login experiences. Integrating our platform into your system is a breeze and can be accomplished within minutes by utilizing any OpenID Connect library available to quickly connect to our infrastructure. You can also utilize Ver.iD Studio to design an onboarding flow
This concept, which we call Holistic Identity, allows individuals to manage their private information effortlessly. It involves consolidating all their digital identities into a private vault, giving them the power to dictate what information they share and with whom, while ensuring the integrity of their data is secured.
Cole Davis, Founder & CEO of Switchchord, discussed how decentralized identifiers and verifiable credentials streamline legal and operational workflows in the music industry. Identity-based “verifiable data supply chains” enable existing copyright management systems to route authentic data across the music supply chain.
It’s important to note that while the integration of these technologies with existing blockchain ecosystems isn’t unheard of, they are able to solve the issues with blockchain discussed above. Cumulatively, they offer a way to efficiently address data, store and replicate data in a decentralized manner, and maintain identity.
That’s a big shot of support for the fediverse — the network of open and interoperable social services that have all been gaining momentum over the past year. Ghost founder John O’Nolan recently said that federation over ActivityPub was the platform’s “most requested feature over the past few years” — a comment he made on Meta’s Threads, which itself is slowing beginning to federate.
At this point I think that Passkeys will fail in the hands of the general consumer population. We missed our golden chance to eliminate passwords through a desire to capture markets and promote hype.
In the FIDO2 framework, if a user’s device is stolen or compromised, then the private key may be compromised, and the public key stored on the FIDO2 server may be tampered with by attackers attempting to impersonate the user for identity authentication, posing a high risk to information security. Recognizing this, this study aims to propose a solution based on the FIDO2 framework, combined with blockchain technology and access control, called the FIDO2 blockchain architecture, to address existing security vulnerabilities in FIDO2.
Evan Prodromou asks if we agree with Aristotle that there are three kinds of government: monarchy, aristocracy, and democracy. (As Evan points out, he actually defined six, with Polity — government by political organizations — ranked first. Which is what we have. Lucky us.)
I’m a qualified yes on this — I think it’s more nuanced, with flavors and combinations of each — but I’d like to offer a different framework for three kinds of government.
