Identosphere #20 • SSI in the Public Sector • CCG discussions • Covid ID
The latest news in Self-Sovereign Identity, including upcoming events, blog posts, announcements, and highlights from the Credentials Community Group mailing list.
Thanks to our Patrons
We are grateful for your support!
If you haven’t had the chance, we appreciate your consideration!
Coming Up
Trust and Identity: Digital Identity NZ 2020 research findings
Mar 3, 17, 31 11:00 AM (New Zealand)
One of the key discussion points related to education - both for organisations who have identity management needs, and for individuals, whānau and communities. We agreed that the theme 'Identity is a Taonga' is fundamental to this work. These DINZ member sessions are for us to further discuss the education gap, and to start work on shaping educational materials to fill that gap.
Rebuilding Respectful Relationships in the Digital Realm
by Elizabeth Renieris, presented by the Me2B Alliance.
the relationships we have with digital products and services are increasingly complex and multi-dimensional while our legal protections lag behind and put us at risk. Find out what policymakers should do in order to address these vulnerabilities and help us rebuild respectful digital relationships.
Internet Identity Workshop XXXII (#32) April 20-22
Thoughtful Biometrics Workshop March 8,10,12
Disposable SSI-RFI Webinar
Watch the video at above link \ check out the slide deck.
• Background
• History of the Disposable SSID RFI
• The Evolution of Identity
• What are Disposable SSIDs?
• Potential for a Disposable SSID Standard
• The DSSID RFI
• RFI Response Request and Timings
High Level: Good to share with people asking about SSI
The End of Logins and Passwords, Just for Starters The Reboot
Who Controls Your Digital Identity? SAP
SSI will have to be integrated with large existing business processes – and therefore enterprise systems such as ERPs, HCMs, or SCMs to name a few. If this integration results in SSI being as easy to use as clicking a button or selecting a menu item, it will lead to rapid uptake and acceptance.
This is precisely what we set out to test and understand with our proof-of-concept, developed in close collaboration between the SAP Innovation Center Network, Evernym and ATB Ventures.
The 5P’s of a Self-Sovereign Identity
A self-sovereign identity can be defined by the 5P’s as it is personal (it is about you), portable (meaning you can take your identity and data from one platform to another), private (you control your identity and data), persistent (it does not change without your consent) and protected (they cannot steal your identity).
Evernym: Privacy-Preserving Verifiable Credentials in the Time of COVID-19 Hyperledger
This session will focus on the analysis and discussion of two use cases where legacy identity solutions were unable to meet the needs, but ledger based solutions have been successful: covid credentials for travel, and employment credentials for staff movements.
News
IDWorks turned to Tarmac to help accelerate their mobile app and backend development
Having decided to build their "Envoy" solution on the R3 Corda platform, finding affordable development resources with the right technical skills was proving difficult. Corda certified developers are extremely thin-on-the-ground and if you find a qualified engineer, they can be difficult and costly to recruit
Kaliya’s Articles on the DIF Blog
Finding the Bell Curve of Meaning - A process for supporting the emergence of shared language in broad collaborative communities
Where to begin with OIDC and SIOP - and how today’s most powerful authentication mechanisms can be decentralized
Understanding DIDComm - A cross-community effort to standardize on common, DID-anchored capabilities
Those of you who know me – know I care a lot about the difference between Open Source and Open Standards. So Juan Caballero and I drilled down on this topic.
Drilling down: Open Standards - What standards are and what it means to make them openly
Drilling down: Open Source - A crash-course in the complex world of variously-open software licensing
DIFS updated code of conduct - Setting a tone for inclusive collaboration.
Meeco Terms & Conditions Update - Feedback Welcome.
Over the next fourteen days, we would love your feedback or questions on any of the changes.
IdRamp partners with the Lifelong Learner Project to win the ACE Blockchain Innovation Challenge
Lifelong Learner Project is proud to announce its selection as a recipient of the first phase of the Blockchain Innovation Challenge, a competition funded by the U.S. Department of Education to identify ways in which blockchain technology can provide social mobility and equitable access to economic opportunity.
Companies involved include, RANDA Solutions, ETS, Digital Promise, University Instructors, The Utah State BOE, BlockFrame Inc. IdRamp, Evernym, Velocity Career Network, Fluree, Crocus, IMS Global Learning Consortium, Credential Engine.
Okta CEO: Here’s where cloud identity management is headed CSO
CSO: Do you have an opinion on self-sovereign identity?
McKinnon: I do. I think that it’s the future. We’ve got to get it done. The problem is: How does it get bootstrapped? How does it get useful in enough places so that enough people use it to make it useful? Where is it going to come from?
Public Sector
Legal compliance and the involvement of governments SSI Ambassador
It’s currently possible to be eIDAS compliant with SSI, leveraging one out of five scenarios described in the SSI eIDAS legal report by Dr. Ignacio Alamillo Domingo. Especially interesting is the SSI eIDAS bridge, which adds legal value to verified credentials with the use of electronic certificates and electronic seals. However, it’s also possible to derive national eIDs notified in eIDAS, which are eIDAS linked by issuing a verifiable credential with a qualified certificate according to the technical specification.
The Past, Present and Future of Identity
Susan Morrow, considers the ‘digital identity journey’ to date and the important opportunity for the government to make use of the lessons learned when creating tomorrows digital identity ecosystem.
Catalan government announces self-sovereign identity project
The government of Catalonia announced its plans for self-sovereign identities (SSIs) for citizens based on blockchain technology. The project, named IdentiCAT, was revealed by the President of Catalonia Quim Torra and will allow citizens to be the “owner, manager and exclusive custod[ian] of his identity and data”.
The Future of Identity: Self-Sovereignity, Digital Wallets, and Blockchain InterAmerican Development Bank
enables sovereignty for individuals over their digital assets and credentials -such as digital passports, digital diplomas, digital property titles, and tokenized currencies such as dollar, euro, pound, or pesos- using digital wallets that can take the form of a mobile app. Secondly, when the subject of these digital assets and credentials presents them to a third party to prove ownership, the third party does not need to reach out to the issuer to verify them, as they can go against a public, decentralized, and immutable registry, such as a blockchain network, where the cryptographic proofs of the asset or credential were registered and are maintained by the issuer in an standardized and trustable way.
IDunion: An open ecosystem for trusted identities
IDunion (formerly SSI for Germany) has completed the competition phase of the innovation competition “Schaufenster Sichere Digitale Identitäten” and is applying to the Federal Ministry of Economics and Energy (BMWi) for the next phase of the innovation competition.
The use of decentralised, self-sovereign identities for natural persons, companies and things is to be tested in over 35 use cases from a wide range of sectors.
The project involves 26 well-known public and private partners.
EU Data Governance Act (Meeco)
We welcome the regulation as a needed common ground for clarifying the role of data intermediaries, building trust in these intermediaries and setting the direction for data governance, including the emergence of digital human rights.
In this context we offer the following suggestions:
Explicitly include individuals as active participants in the definitions [...]
Clarify the scope of the data sharing services (Art. 9 (2)) and extend it to include services that empower the data subject beyond compliance.
Foster the growth of intermediaries, which offer new technologies and have the greatest likelihood of success in Europe if supported by the Data Governance Act.
Open silos and implement soft infrastructure such as standards & open APIs to accelerate uptake and interoperability between data sharing services.
Foster eco-systems and demonstrate the value through practical use-cases.
Create a level playing field for sustainable data sharing by providing funding to pioneers at the forefront of developing data eco-systems
Meeco Review of the European Data Strategy - Whitepaper
COVID and ID
Covid has accelerated Canadians’ demand for digital ID DIACC
three-quarters of the population feels it’s important to have a secure, trusted and privacy-enhancing digital ID to safely and securely make transactions online. The majority of Canadians believe it is important for federal and provincial governments to move quickly on enabling digital ID in a safe and secure manner, according to the survey.
Digi.me partners with Healthmark to enable Covid testing and verified result reporting
Consentry healthpass capability is an end-to-end solution which enables users to take a self-administered PCR saliva test, send it in for processing, and then receive an in-app result. Crucially, Consentry also generates a certified and dated travel certificate, together with qualifying details of the test taken, which can be printed, shared securely or displayed as needed.
Center for Global Development: A COVID Vaccine Certificate
Building on Lessons from Digital ID for the Digital Yellow Card
Covid Vaccination Certificate will be a formidable challenge, not only to international cooperation, but because it will need to be implemented in the course of mass vaccination campaigns across countries with very different health management systems and ID systems and with a constantly evolving situation.
The fine line between global COVID-19 protocols and privacy Tech Republic
A panel of experts considers the best methods for safe domestic and international air travel including proof of testing, vaccination passports, and digital health passes.
‘Vaccination Passports’: State of Play Infinite Ideas Machine
‘vaccination passports’ are unwarranted, in practice near-pointless clinically, and potentially risky in a number of ways.
Research: Vaccine passports and COVID status apps Ada Lovelace Inst.
Not to late to contribute to this Ada Lovelace Institute Project the due date is Feb 28th
An evidence review and expert deliberation of the practical and ethical issues around digital vaccine passports and COVID status apps
Podcasts
Self-Sovereign Identity and IoT
Michael Shea is the Managing Director of the Dingle Group and the Chair of Sovrin Foundation’sSSI in IoT Working Group. In this podcast we discussed the white paper he authored on Self Sovereign Identity and IoT. To explain the opportunities SSI can provide to IoT, Michael introduces us to three profiles: Jamie (machine to person), Bob (machine to machine) and Bessie the cow (digital twin).
PSA Today: Kaliya & Seth talk LEIs
with Simon Wood, CEO of Ubisecure (#1 issuer of Legal Entity Identifiers)
the evolution of LEIs since the financial crisis of 2008, the difference between high assurance and low assurance, and the relationship between rights and ownership as it relates to identity management of entities.
Catching up with the Credentials Community Group
Lotta great topics on the CCG Mailing List, click through to follow the discussion.
credential definitions, credential manifests, BBS+, etc Daniel Hardman
When Tobias first described Mattr's approach to BBS+ signatures, one of my takeaways was that this changed the Indy mechanism of cred defs in two wonderful ways:
It eliminated the need for lots of keys (only one key, Y, needs to be declared as a credential signing key, instead of a set of keys, Y[0]..Y[n])
It made it possible to store a cred def somewhere other than a ledger
I was very happy about this.
However, I have since heard several smart people summarize the breakthrough as: "We don't need credential definitions at all. You just use the assertionMethod key in your DID doc to sign credentials, and that's all you need." I believe this is oversimplifying in a way that loses something important, so I wanted to open a conversation
Credentials and HTTP-Sig authentication for Solid Henry Story
Here is an extended version of the HTTP-Signature document I put together today, bringing in ideas that have emerged thinking about this over the past 3 months
Announce: CCG 101 Work Item Interest Heather Vescent
the CCG 101 work item is focused on identifying and creating material to make it easy for new participants & interested parties to learn about the CCG, our activities, work items, process & get involved.
Dillo plugin for DID URLs Charles E. Lehner
I would like to announce dillo-did, a plugin for the Dillo web browser implementing support for DIDs. This plugin enables navigating to DID URLs in Dillo and viewing the resolved/dereferenced DID documents and resources like web pages. The implementation of the DID functionality used is from ssi/DIDKit.
ERC-721 Non-Fungible Token Standard on Ethereum vs. VCs on Hyperledger Indy Michael Herman
When are Hyperledger Indy/Sovrin VCs better than Ethereum smart contracts for NFEs/NFTs (non-fungible entities/tokens)?
It seems obvious but I don't have a detailed/worked out answer. One project I'm associated with wants to use the ERC-721 Non-Fungible Token Standard on Ethereum but I believe VCs are a better route to take. Part of the desire to stay on Ethereum is there is quite a vibrant NFT community on Ethereum and lots of different EC-721 tokens.
Vaccination Certificate Vocabulary Tobias Looker
I'd like to propose a new work item that formally defines a vocabulary for issuing Vaccination Certificates in the form of Verifiable Credentials.
Web 3
Elemental Chat - 1st Holochain P2P App for Hosts
Elemental Chat running on HoloPorts has no central database. Each person who is running the app signs their messages to their own chain and then automatically posts them to the shared database that is hosted by the other users of the application.
Crypto
Bridging the Gap Between DeFi and Decentralized Identity Bloom
Decentralized Identity & DeFi are Disconnected ← true
Decentralized Identity is Chain-Adjacent ← true
Decentralized Identity & DeFi are Complimentary ← true
How Decentralized Identity is Being Used
Health Data Passes
Employment Information
Credit, Income, KYC
Ontology Partnership with Binance Smart Chain
Ontology and Binance have a long history of cooperation and partnership that has generated benefits for both sides, none possibly more important the integration of Ontology’s Decentralized Identity Solution into the Binance Smart Chain. The symbiotic relationship sees Ontology, and ONT ID, as the sole partner for BSC in terms of providing a truly decentralized identity option and KYC user verification.
Hands On
Introduction to Trinsic’s APIs
Provider • Credentials • Wallet
Building and Securing a Go and Gin Web Application Okta
Today, we are going to build a simple web application that implements a to-do list. The backend will be written in Go. It will use the Go Gin Web Framework which implements a high-performance HTTP server. The front end will use the Vue.js JavaScript framework to implement a single page application (SPA). We will secure it using Okta OAuth 2.0 authentication.
Become a Node Operator Indicio
we’ve seen a rapid rise in demand for robust, stable, and professionally maintained networks to support decentralized identity solutions. It’s not a surprise: decentralized identity’s moment has arrived. That’s why we’ve been hard at work creating Hyperledger Indy networks upon which developers all over the world are building, testing, and launching their solutions.
Research
Decentralized SSI Governance, the missing link in automating business decisions TNO
This paper introduces SSI Assurance Communities (SSI-ACs) and identifies three specific governance topics: credential-types, accreditation and decision tree support.
Tools and services are suggested that help with these topics. Furthermore, a distinction is made between what the business primarily cares about (business and business applications), and the technology and other things that are just expected to work (which we call "SSI-infrastructure").
Development of a Mobile, Self-Sovereign Identity Approach for Facility Birth Registration in Kenya
The process of birth registration and the barriers experienced by stakeholders are highly contextual. There is currently a gap in the literature with regard to modeling birth registration using SSI technology. This paper describes the development of a smartphone-based prototype system that allows interaction between families and health workers to carry out the initial steps of birth registration and linkage of mothers-baby pairs in an urban Kenyan setting using verifiable credentials, decentralized identifiers, and the emerging standards for their implementation in identity systems.
Towards a Modelling Framework for Self-Sovereign Identity Systems
Modelling self-sovereign identity systems seeks to provide stakeholders and software architects with tools to enable them to communicate effectively, and lead to effective and well-regarded system designs and implementations. This paper draws upon research from Actor-based Modelling to guide a way forward in modelling self-sovereign systems, and reports early success in utilising the iStar 2.0 framework to provide a representation of a birth registration case study.