Identosphere #20 • SSI in the Public Sector • CCG discussions • Covid ID

The latest news in Self-Sovereign Identity, including upcoming events, blog posts, announcements, and highlights from the Credentials Community Group mailing list.

Thanks to our Patrons

We are grateful for your support!
If you haven’t had the chance, we appreciate your consideration!

Coming Up

Trust and Identity: Digital Identity NZ 2020 research findings

Mar 3, 17, 31 11:00 AM (New Zealand)

One of the key discussion points related to education - both for organisations who have identity management needs, and for individuals, whānau and communities. We agreed that the theme 'Identity is a Taonga' is fundamental to this work. These DINZ member sessions are for us to further discuss the education gap, and to start work on shaping educational materials to fill that gap.

Rebuilding Respectful Relationships in the Digital Realm

by Elizabeth Renieris, presented by the Me2B Alliance. 

the relationships we have with digital products and services are increasingly complex and multi-dimensional while our legal protections lag behind and put us at risk. Find out what policymakers should do in order to address these vulnerabilities and help us rebuild respectful digital relationships.

Internet Identity Workshop XXXII (#32) April 20-22

Thoughtful Biometrics Workshop March 8,10,12

Disposable SSI-RFI Webinar

Watch the video at above link \ check out the slide deck.

• Background
• History of the Disposable SSID RFI
• The Evolution of Identity
• What are Disposable SSIDs?
• Potential for a Disposable SSID Standard
• RFI Response Request and Timings

High Level: Good to share with people asking about SSI  

The End of Logins and Passwords, Just for Starters The Reboot

Who Controls Your Digital Identity? SAP

SSI will have to be integrated with large existing business processes – and therefore enterprise systems such as ERPs, HCMs, or SCMs to name a few. If this integration results in SSI being as easy to use as clicking a button or selecting a menu item, it will lead to rapid uptake and acceptance.

This is precisely what we set out to test and understand with our proof-of-concept, developed in close collaboration between the SAP Innovation Center Network, Evernym and ATB Ventures.

The 5P’s of a Self-Sovereign Identity

A self-sovereign identity can be defined by the 5P’s as it is personal (it is about you), portable (meaning you can take your identity and data from one platform to another), private (you control your identity and data), persistent (it does not change without your consent) and protected (they cannot steal your identity).

Evernym: Privacy-Preserving Verifiable Credentials in the Time of COVID-19 Hyperledger

This session will focus on the analysis and discussion of two use cases where legacy identity solutions were unable to meet the needs, but ledger based solutions have been successful: covid credentials for travel, and employment credentials for staff movements.


IDWorks turned to Tarmac to help accelerate their mobile app and backend development

Having decided to build their "Envoy" solution on the R3 Corda platform, finding affordable development resources with the right technical skills was proving difficult. Corda certified developers are extremely thin-on-the-ground and if you find a qualified engineer, they can be difficult and costly to recruit

Kaliya’s Articles on the DIF Blog

Those of you who know me – know I care a lot about the difference between Open Source and Open Standards. So Juan Caballero and I drilled down on this topic.

Meeco Terms & Conditions Update - Feedback Welcome.

Over the next fourteen days, we would love your feedback or questions on any of the changes.

IdRamp partners with the Lifelong Learner Project to win the ACE Blockchain Innovation Challenge

Lifelong Learner Project is proud to announce its selection as a recipient of the first phase of the Blockchain Innovation Challenge, a competition funded by the U.S. Department of Education to identify ways in which blockchain technology can provide social mobility and equitable access to economic opportunity.  

Companies involved include, RANDA Solutions, ETS, Digital Promise, University Instructors, The Utah State BOE, BlockFrame Inc. IdRamp, Evernym, Velocity Career Network, Fluree, Crocus, IMS Global Learning Consortium, Credential Engine.

Okta CEO: Here’s where cloud identity management is headed CSO

CSO: Do you have an opinion on self-sovereign identity?
McKinnon: I do. I think that it’s the future. We’ve got to get it done. The problem is: How does it get bootstrapped? How does it get useful in enough places so that enough people use it to make it useful? Where is it going to come from?

Public Sector

Legal compliance and the involvement of governments SSI Ambassador

It’s currently possible to be eIDAS compliant with SSI, leveraging one out of five scenarios described in the SSI eIDAS legal report by Dr. Ignacio Alamillo Domingo. Especially interesting is the SSI eIDAS bridge, which adds legal value to verified credentials with the use of electronic certificates and electronic seals. However, it’s also possible to derive national eIDs notified in eIDAS, which are eIDAS linked by issuing a verifiable credential with a qualified certificate according to the technical specification.

The Past, Present and Future of Identity

Susan Morrow, considers the ‘digital identity journey’ to date and the important opportunity for the government to make use of the lessons learned when creating tomorrows digital identity ecosystem.

Catalan government announces self-sovereign identity project

The government of Catalonia announced its plans for self-sovereign identities (SSIs) for citizens based on blockchain technology. The project, named IdentiCAT, was revealed by the President of Catalonia Quim Torra and will allow citizens to be the “owner, manager and exclusive custod[ian] of his identity and data”.

The Future of Identity: Self-Sovereignity, Digital Wallets, and Blockchain InterAmerican Development Bank

enables sovereignty for individuals over their digital assets and credentials -such as digital passports, digital diplomas, digital property titles, and tokenized currencies such as dollar, euro, pound, or pesos- using digital wallets that can take the form of a mobile app. Secondly, when the subject of these digital assets and credentials presents them to a third party to prove ownership, the third party does not need to reach out to the issuer to verify them, as they can go against a public, decentralized, and immutable registry, such as a blockchain network, where the cryptographic proofs of the asset or credential were registered and are maintained by the issuer in an standardized and trustable way. 

IDunion: An open ecosystem for trusted identities

  • IDunion (formerly SSI for Germany) has completed the competition phase of the innovation competition “Schaufenster Sichere Digitale Identitäten” and is applying to the Federal Ministry of Economics and Energy (BMWi) for the next phase of the innovation competition.

  • The use of decentralised, self-sovereign identities for natural persons, companies and things is to be tested in over 35 use cases from a wide range of sectors.

  • The project involves 26 well-known public and private partners.

EU Data Governance Act (Meeco)

We welcome the regulation as a needed common ground for clarifying the role of data intermediaries, building trust in these intermediaries and setting the direction for data governance, including the emergence of digital human rights. 

In this context we offer the following suggestions: 

  1. Explicitly include individuals as active participants in the definitions [...]

  2. Clarify the scope of the data sharing services (Art. 9 (2)) and extend it to include services that empower the data subject beyond compliance. 

  3. Foster the growth of intermediaries, which offer new technologies and have the greatest likelihood of success in Europe if supported by the Data Governance Act. 

  4. Open silos and implement soft infrastructure such as standards & open APIs to accelerate uptake and interoperability between data sharing services. 

  5. Foster eco-systems and demonstrate the value through practical use-cases. 

  6. Create a level playing field for sustainable data sharing by providing funding to pioneers at the forefront of developing data eco-systems

Meeco Review of the European Data Strategy - Whitepaper


Covid has accelerated Canadians’ demand for digital ID DIACC

three-quarters of the population feels it’s important to have a secure, trusted and privacy-enhancing digital ID to safely and securely make transactions online. The majority of Canadians believe it is important for federal and provincial governments to move quickly on enabling digital ID in a safe and secure manner, according to the survey. partners with Healthmark to enable Covid testing and verified result reporting

Consentry healthpass capability is an end-to-end solution which enables users to take a self-administered PCR saliva test, send it in for processing, and then receive an in-app result. Crucially, Consentry also generates a certified and dated travel certificate, together with qualifying details of the test taken, which can be printed, shared securely or displayed as needed.

Center for Global Development: A COVID Vaccine Certificate

Building on Lessons from Digital ID for the Digital Yellow Card

Covid Vaccination Certificate will be a formidable challenge, not only to international cooperation, but because it will need to be implemented in the course of mass vaccination campaigns across countries with very different health management systems and ID systems and with a constantly evolving situation.

The fine line between global COVID-19 protocols and privacy Tech Republic

A panel of experts considers the best methods for safe domestic and international air travel including proof of testing, vaccination passports, and digital health passes.

‘Vaccination Passports’: State of Play Infinite Ideas Machine

‘vaccination passports’ are unwarranted, in practice near-pointless clinically, and potentially risky in a number of ways.

Research: Vaccine passports and COVID status apps Ada Lovelace Inst.

Not to late to contribute to this Ada Lovelace Institute Project the due date is Feb 28th 

An evidence review and expert deliberation of the practical and ethical issues around digital vaccine passports and COVID status apps


Self-Sovereign Identity and IoT

Michael Shea is the Managing Director of the Dingle Group and the Chair of Sovrin Foundation’sSSI in IoT Working Group. In this podcast we discussed the white paper he authored on Self Sovereign Identity and IoT. To explain the opportunities SSI can provide to IoT, Michael introduces us to three profiles: Jamie (machine to person), Bob (machine to machine) and Bessie the cow (digital twin).

PSA Today: Kaliya & Seth talk LEIs

with Simon Wood, CEO of Ubisecure (#1 issuer of Legal Entity Identifiers)

the evolution of LEIs since the financial crisis of 2008, the difference between high assurance and low assurance, and the relationship between rights and ownership as it relates to identity management of entities.

Catching up with the Credentials Community Group

Lotta great topics on the CCG Mailing List, click through to follow the discussion. 

credential definitions, credential manifests, BBS+, etc Daniel Hardman

When Tobias first described Mattr's approach to BBS+ signatures, one of my takeaways was that this changed the Indy mechanism of cred defs in two wonderful ways:

  1. It eliminated the need for lots of keys (only one key, Y, needs to be declared as a credential signing key, instead of a set of keys, Y[0]..Y[n])

  2. It made it possible to store a cred def somewhere other than a ledger

I was very happy about this.

However, I have since heard several smart people summarize the breakthrough as: "We don't need credential definitions at all. You just use the assertionMethod key in your DID doc to sign credentials, and that's all you need." I believe this is oversimplifying in a way that loses something important, so I wanted to open a conversation

Credentials and HTTP-Sig authentication for Solid Henry Story

Here is an extended version of the HTTP-Signature document I put together today, bringing in ideas that have emerged thinking about this over the past 3 months

Announce: CCG 101 Work Item Interest Heather Vescent

the CCG 101 work item is focused on identifying and creating material to make it easy for new participants & interested parties to learn about the CCG, our activities, work items, process & get involved.

Dillo plugin for DID URLs Charles E. Lehner

I would like to announce dillo-did, a plugin for the Dillo web browser implementing support for DIDs. This plugin enables navigating to DID URLs in Dillo and viewing the resolved/dereferenced DID documents and resources like web pages. The implementation of the DID functionality used is from ssi/DIDKit.

ERC-721 Non-Fungible Token Standard on Ethereum vs. VCs on Hyperledger Indy Michael Herman

When are Hyperledger Indy/Sovrin VCs better than Ethereum smart contracts for NFEs/NFTs (non-fungible entities/tokens)?

It seems obvious but I don't have a detailed/worked out answer.  One project I'm associated with wants to use the ERC-721 Non-Fungible Token Standard on Ethereum but I believe VCs are a better route to take. Part of the desire to stay on Ethereum is there is quite a vibrant NFT community on Ethereum and lots of different EC-721 tokens.

Vaccination Certificate Vocabulary Tobias Looker

I'd like to propose a new work item that formally defines a vocabulary for issuing Vaccination Certificates in the form of Verifiable Credentials.

Link to CCG PR
Link to current draft
Link to repository

Web 3

Elemental Chat - 1st Holochain P2P App for Hosts

Elemental Chat running on HoloPorts has no central database. Each person who is running the app signs their messages to their own chain and then automatically posts them to the shared database that is hosted by the other users of the application.


Bridging the Gap Between DeFi and Decentralized Identity Bloom

Decentralized Identity & DeFi are Disconnected ← true
Decentralized Identity is Chain-Adjacent  ← true 
Decentralized Identity & DeFi are Complimentary ← true 
How Decentralized Identity is Being Used

  • Health Data Passes

  • Employment Information

  • Credit, Income, KYC

Ontology Partnership with Binance Smart Chain

Ontology and Binance have a long history of cooperation and partnership that has generated benefits for both sides, none possibly more important the integration of Ontology’s Decentralized Identity Solution into the Binance Smart Chain. The symbiotic relationship sees Ontology, and ONT ID, as the sole partner for BSC in terms of providing a truly decentralized identity option and KYC user verification.

Hands On

Introduction to Trinsic’s APIs

Provider • Credentials • Wallet

Building and Securing a Go and Gin Web Application Okta

Today, we are going to build a simple web application that implements a to-do list. The backend will be written in Go. It will use the Go Gin Web Framework which implements a high-performance HTTP server. The front end will use the Vue.js JavaScript framework to implement a single page application (SPA). We will secure it using Okta OAuth 2.0 authentication.

Become a Node Operator Indicio 

we’ve seen a rapid rise in demand for robust, stable, and professionally maintained networks to support decentralized identity solutions. It’s not a surprise: decentralized identity’s moment has arrived. That’s why we’ve been hard at work creating Hyperledger Indy networks upon which developers all over the world are building, testing, and launching their solutions.


Decentralized SSI Governance, the missing link in automating business decisions TNO

This paper introduces SSI Assurance Communities (SSI-ACs) and identifies three specific governance topics: credential-types, accreditation and decision tree support.

Tools and services are suggested that help with these topics. Furthermore, a distinction is made between what the business primarily cares about (business and business applications), and the technology and other things that are just expected to work (which we call "SSI-infrastructure").

Development of a Mobile, Self-Sovereign Identity Approach for Facility Birth Registration in Kenya

The process of birth registration and the barriers experienced by stakeholders are highly contextual. There is currently a gap in the literature with regard to modeling birth registration using SSI technology. This paper describes the development of a smartphone-based prototype system that allows interaction between families and health workers to carry out the initial steps of birth registration and linkage of mothers-baby pairs in an urban Kenyan setting using verifiable credentials, decentralized identifiers, and the emerging standards for their implementation in identity systems.

Towards a Modelling Framework for Self-Sovereign Identity Systems

Modelling self-sovereign identity systems seeks to provide stakeholders and software architects with tools to enable them to communicate effectively, and lead to effective and well-regarded system designs and implementations. This paper draws upon research from Actor-based Modelling to guide a way forward in modelling self-sovereign systems, and reports early success in utilising the iStar 2.0 framework to provide a representation of a birth registration case study.

Thanks for reading. See you next week!