Identosphere 186: DIDs as a Metasystem • Sentries, Confessionals, Vaults, and Envelopes • Redefining Trust in the Financial Ecosystem • TLS with DIDs
We curate the latest in decentralized identity, with upcoming events, use-cases and developments in open standards and the public sector. Your Support is Greatly Appreciated.
During the four-day conference, Authlete will exhibit (booth number 1306) and deliver presentations on a wide-range of topics, including verifiable credentials, open banking, and OAuth 2.0.
OIDC ≅ (is analogous to) sentries. CHAPI ≅ confessionals. DWN ≅ vaults. DIDComm ≅ envelopes. The first two technologies are login-oriented. DWNs are data-oriented. DIDComm is communication-oriented. Each tool is useful, and each has a trust problem that it solves particularly well. A smart sovereign will define their trust goals carefully, and in a given circumstance, use whichever tool best achieves them.
The benefits of DIDs as an identifier metasystem sometimes get lost due to the technical details of DIDs themselves. However, focusing on the benefits of the identifier metasystem provides clearer business value and future-proofing.
KERI has three Detectability functions — Witnesses, Watchers, and Anchored Issuances — that are like the oil light of a car: they detect key compromise and malicious behaviors of Signers and service providers.
Disclaimer: this post is for a technical audience who have a need to read and understand the WebOfTrust Python implementation of the KERI, ACDC, and CESR Trust over IP (ToIP) specifications.
The significant speed improvement of the resulting TLS channel over a widely used, DID-based alternative transport protocol on the application layer demonstrates the potential of DID Link to become a viable solution for the establishment of secure and trustful end-to-end communication links with decentrally managed digital identities
The Financial Ecosystem needs to evolve towards a global ecosystem where all endpoints (account relationships) are identified and verifiable.
Financial Institutions should issue digital certificates that represent the account relationship they maintain with an account owner. The account owner will then receive an Account Relationship Credential (a Financial Passport) that they can present to prove their identity and relation with the account servicer.
This progressive approach not only enhances the efficiency of the payment process but also fortifies it against fraud through robust authentication and authorization protocols. By clearly distinguishing between identification, authentication, and authorization, the system ensures that each step is meticulously verified, fostering a higher level of trust and security in digital banking operations.
We therefore need a method for editing a signed photo, so that a viewer who only has the edited photo can be assured that (i) the original unedited photo was properly signed, and was taken at the claimed time and location, and (ii) only permissible edits, such as cropping, resizing, and grayscale, were made to the signed photo. The security of the scheme should not require trusting the editing software.
We are thrilled to welcome Fujifilm, one of the world’s leading camera manufacturers, as a member of the Content Authenticity Initiative (CAI) joining more than 3,000 media and technology companies, non-profits, creators, educators, and many others working together to build trust and transparency in our digital ecosystem.
DIF was established in 2017, and has grown a lot in terms of members, working groups, and work items. The I&D Working Group is one of the working groups that has existed since the beginning DIF, unlike many others which were added later. The reason for that, I would argue, is the fact that the concepts of “identifiers” and “discovery” are fundamental to pretty much any digital identity system.
“Mastercard have long been leaders in the Identity space and benefit from years of experience building rails that power global payments and collaborating on solutions to address the challenges we now face our industry,” said OIDF’s Executive Director, Gail Hodges. “We are delighted that they have furthered their commitment to the important work of the Foundation during such a transformative time.”
While using the framework isn’t required to comply with eIDAS 2.0, it’s still the best way to help meet the goal of an interoperable environment for digital wallets. Other countries and companies should see this as a great place to start.
The real problem to solve is not “identity” but identification, and specifically, making the government IDs we use day-to-day more reliable online.
Verifiable credentials technology is the solution. We should ‘seal’ existing IDs into digital wallets and then present them digitally, from device-to-server, instead of manually typing ID details into forms.
We respect the baseline included in 1033.421(e), however as security and implementation experts, we believe it would be suitable to address the security and interoperability risks more completely within this ecosystem as advised in this letter.
“The @IOTA #EBSI Team now officially finished the final phase 2B of the @EU_EBSI #PCP project yesterday with a dense 6 hour workshop summarizing the 805 pages final report. We had a very good discussion with the @EU_Commission on various aspects of the tech and use cases,” Christoph F. Strnadl, deputy CTO at Software AG, said on X this Friday.
Ultimately, driving adoption and achieving interoperability necessitates collaboration, deeper analysis, and engagement with stakeholders from both technical and educational realms. By addressing these challenges strategically, the EBSI-CAN project can pave the way for a more seamless and trusted digital identity ecosystem.
The key value proposition presented by decentralized identity is that once you have verified the relevant financial data that same data can be verified repeatedly with the same level of assurance. How is this possible?
Combined, this solution provides a plug-and-play platform for financial services’ KYC/KYB needs while providing reusability, client privacy, portability, and embedded compliance controls. The technology and capabilities provided through this alignment result in the following benefits for organisations that adopt this solution:
GoPlausible has been collaborating with Gora on several fronts for quite some time now and one of those is the implementation of DID and VC verification by Gora (as of separation of concerns required in ID and Credentials ecosystems) to achieve a 100% separated yet integrated and interoperable service under Gora to verify DIDs and VCs independently.
The integration of W3C standards into our governance practices demonstrates our unwavering commitment to data security and system interoperability. By implementing W3C-compliant protocols, we employ cutting-edge encryption techniques, secure authentication methods, and tamper-resistant data storage solutions to safeguard user information and instil confidence in the reliability of our platform.
With REA, it's easier to see how things are connected. For example, if a company sells something, REA would keep track of what was sold, who bought it, and how it affects things like inventory and contracts. This gives a clearer picture of the economy. Imagine a visual story… "You have a customer called Charlie who will make a sale of inventory. And we put an object into the system, and it's described as a sale or shipment," Professor McCarthy elaborates.
