Identosphere 207: • PHC Review by Eve Maler • Building Secure Scalable Reliable ID • Can’t Own The Social Web • Global DPI Summit Review • DigiYatra
Weekly edition of the latest Self Sovereign Identity related news, development, upcoming events, and thoughtful commentary from the blog-o-sphere. Thanks for your continued support.
We Gather, You Read!
We’re still aggregating industry info.
Thanks for supporting our efforts by a PayPal, or Patreon
Upcoming
Newly Listed
[Washington DC] BGIN will hold the 11th general meeting, Block#11 10/21-22 (during the DC Fintech Week)
Previously Listed
[California] OpenID Foundation Workshop at Cisco 10/28
[California] VRM Day, CHM 10/28
[California] Internet Identity Workshop #39 10/29-31
[New Orleans] Hybrid Identity Protection Conference (HIP Conf) 11/13-14
Shared Signals Interop Event at Gartner's IAM Summit 12/9-11
DID UnConf: Africa Postponed to the New year
Standards Development
Identity & the Web 2024-10-07 W3C
This document proposes an overview of Digital Identities on the Web and an analysis through different use cases of the systemic impact on both the market side and the human side, as well as the role that Web standardization may play in managing that impact.
10 Years On: OpenID Connect Published as an ISO/IEC Spec 2024-10-07 openid.net
10 years after OpenID Connect Final was launched, we are delighted to announce that 9 OIDC specifications are now published as ISO/IEC standards.
[GitHub] An implementation in Typescript of the Trust DID Web (did:tdw) DID Method github.com
trustdidweb-ts provides developers with a comprehensive library and resolver for working with Decentralized Identifiers (DIDs) following the did:tdw method specification.
Organizations
What makes a “safe” digital identity wallet? 2024-10-13 Pamela Dingle; The Open Wallet Foundation
NIST has published a second draft of sp800-63 v4
A 2nd public draft book club meeting could be beneficial for discussion
[Organization] SSI Korea
We apply Self-Sovereign Identity to a wide range of industries, building the foundation to make it available to all people and organizations. We achieve this through the following initiatives
Government
eIDAS 2.0: Redefining Digital Identity in The EU 2024-10-10 ; Lauren Hendrickson; Identity.com
eIDAS 2.0 is the updated version of the Electronic Identification, Authentication, and Trust Services regulation (eIDAS) by the European Union.
eIDAS 2.0 aims to improve the security, usability, and inclusivity of electronic identification (eID) and trust services across the EU.
A key feature of eIDAS 2.0 is the European Digital Identity Wallet (EUDI Wallet), which enables EU citizens to securely store, manage, and share their identity data, credentials, and attributes as needed.
State Legislatures Need to Block Creation of Nightmarish National Identity System 2024-10-10 Jay Stanley, Senior Policy Analyst, Aclu Speech, Privacy, Technology Project; ACLU
State legislatures considering creation of digital driver’s licenses (DDL)
ACLU raises concerns about potential privacy issues, tracking, and exclusionary effect
Strong societal demand for electronic transactions and identification
ACLU Digital ID State Legislative Recommendations American Civil Liberties Union
Verifiable Credentials and AI
Verifiable Credentials: Trust and Truth in an AI-enabled Talent Acquisition Market 2024-10-11 Velocity Network
Artificial Intelligence (AI) and Verifiable Credentials (VCs)
Enhance efficiency by allowing recruiters to focus on qualified candidates
Improve accuracy through predictions based on verified data
Facilitate hiring across borders with a global talent pool
Enhance candidate experience by providing personalized feedback and guidance
DigiYatra Set to Unveil a Multilingual, Multimodal AI Chatbot Soon 2024-10-07 Shalini Mondal
DigiYatra's Multilingual AI-Based Chatbot for Enhanced Passenger Experience:
Revealed plans to launch an AI chatbot at Cypher 2024
Supports text, voice and video in multiple languages
DigiYatra's Decentralized Identity Management:Adopted W3C standard for self-sovereign identity since 2021
Integrates verifiable credentials, decentralised identifiers, and trust layer on a distributed ledger
Use Cases
[Hiring] Vidos Challenges you to Transform the Recruiting Process and Streamline Access to Digital Services 2024-10-07 Decentralized Identity Foundation
Vidos's Challenges: Real-world impact on recruitment and travel industry
Employer Portal Using DIDs and VCs
VC Interoperability
[Digital Twin Security] Digital Twin Security: Event Tracking for Authentication 2024-07-08 Michael Reuter; Datarella
digital twins are essential for real-time monitoring, analysis, and optimization of physical objects. As their use increases, it becomes clear that robust security measures are needed.
[Content Verification] Make It Until You Can Fake It ; David G.W. Birch
If content is edited, the digital signature is invalidated and needs to be recreated using a new private key
Organizations like BBC can sign their own edited clips, making it difficult to determine authenticity of edited content
YouTube may not allow uploading unverified content, or mark it as potentially altered with red borders
Hackathon News
Known Customer Credential Hackathon 2024-10-11 Angie Jones; TBD
Challenge: Create DID, DWN, and VC Protocol for Alice's KCC
Obtain permission to write to Alice's DWN by sending a GET request
Install VC Protocol onto your DWN to communicate with Alice's DWN
Store VC JWT of KCC as private record in Alice's DWN
Known Customer Credential Hackathon
TBD x Hacktoberfest 2024-10-08 Tania Chakraborty; TBD
🚀 Don’t Miss These Exciting Challenges at the DIF Hackathon 2024! 🌍 2024-10-08 blog.identity.foundation
ONT Login Challenge ($1800 in prizes)
tbDEX Challenge ($5000 in prizes)
VIDOS Challenge ($4500 in prizes)
Future of Education and Economic Advancement ($15,000 in prizes)
Challenge 1: Employer Portal Using DIDs and VCs (Education Track)
Challenge 2: Build Tools for Global Use (Reusable ID Track)
Crossmint's Reusable Identity Challenge! ($5000 in prizes)
Revolutionize Hotel Check-Ins with Verifiable Credentials (VC)! ($2800 in prizes) Harness the Power of Decentralized Identity for Verifiable AI ($7500 in prizes)
Build the Future of Education & Workforce with Verifiable Credentials at the DIF 2024 Hackathon 2024-10-08 Decentralized Identity Foundation
The Future of Education & Workforce track, sponsored by Jobs for the Future and the Digital Credentials Consortium, invites you to explore a future where education is accessible to all learners and acts as a true gateway to economic advancement.
Company Stories
Meet the SpruceID Team: Jacob Healy 2024-10-08 ; Wayne Chang, Elissa Maercklein; SpruceID
Advice for Early Career Professionals:
Continuous learning is key
Stay adaptable
Build strong relationships
Pay attention to details
Affinidi Disrupts the Status Quo with Its Holistic Identity Approach 2024-10-11 Glenn Gore; CXO Insights
Consent-first principles
Central to Holistic Identity (HI): the Affinidi Trust Network (ATN)
Suite of solutions designed to safeguard personal data with consent-first framework
Users can store data locally on their own devices
Reverses traditional flow of information, ensuring individuals retain full control and ownership
Development
How to Implement Verified Credentials in Your Organization 2024-10-07 Tom Sargent ; Vidos
Engage stakeholders early in the process
Focus on user experience to drive adoption
Ensure security and compliance with relevant regulations and standards
The lessons learned in building a secure, scalable, and reliable identity platform @ DevRev 2024-10-12 ; Prabath Siriwardena; Facilelogin
Overcame Auth0 limitations for passwordless authentication
Addressed latency issues by routing login calls through CDN (Fastly)
Developed edge-based solution to reduce latency for authenticated users
Implemented token revocation for self-contained JWTs
Switched from SendGrid to AWS SES to resolve OTP delivery issues
SSI Explainers
Self-Sovereign Identity (SSI): Autonomous Identity Management Okta UK
The Future of Web: How Web5 Transforms Identity and Data OwnerShip 2024-10-05 Chrissiku
[OpenBadges] Explaining Verifiable Credentials and Open Badges 3.0 (Part 1: The Trust Model) 2024-10-07 ; Kerri Lemoie; blog.dcconsortium.org
When the Open Badges v 0.5 specification was first launched by the Mozilla Foundation in 2012, the intention was to recognize learning that happens at any time, anywhere, and any how. The trust of the badges was based on 1) the persistent hosting of the credential data and 2) the content of the credential in the context it was being evaluated
Recap
Human Colossus Foundation at the Global DPI Summit: Shaping the Future of Digital Public Infrastructure 2024-10-07 Robert Mitwicki; Human Colossus Foundation
Success stories: national digital identity, payments, government services, data exchange initiatives
Challenges: cross-governance data exchange, interoperability layer
Need for improved solutions to ensure seamless DPI ecosystem across sectors and borders
Decentralized Web
You Can’t Own The Social Web bix.blog
Like many trade groups, this one is named and self-described in a manner deliberately meant to capture and colonize an entire area. To become, in effect, synonymous with what its name names. It shits on twenty-five years of the web.
[Japanese] 3 Reasons Why Bluesky Didn’t Choose ActivityPub whtwnd.com
Account portability is the main reason we chose to build a separate protocol. We believe portability is extremely important as it protects users from sudden bans, server shutdowns, and policy mismatches.
Web3
[tweet] DingPay: Security and Protection The Powerful Combination of DID+PKI DingPay
DID+PKI: Combination of decentralized identity and public key technology for greater security.
https://dingpay.info/
Research Literature
[Korea] Personal Identity Proofing for E-Commerce: A Case Study of Online Service Users in the Republic of Korea 2024-01-13 ; Kim, Jongbae Kim; www.mdpi.com
a new method is proposed that introduces differentiated levels of PIP means according to authentication strength, allowing for the minimal necessary disclosure of personal information. The proposed method aims to improve the stability and reliability of the PIP service environment by addressing current privacy concerns and enhancing user control over personal information.
Ethical identity, ring VRFs, and zero-knowledge continuations 2023-01-01 ; Jeffrey Burdges, Handan Kılınç Alper, Alistair Stewart, Sergey Vasilyev
Ring VRFs provide unique pseudo-nonymous identities within context but unlinkable between different contexts
Improve user privacy and service provider or social interests balance compared to attribute based credentials like IRMA credentials
Support anonymous rationing or rate limiting resource consumption, more flexible and efficient than purchases via money-like protocols.
Personhood: The Killer Credential? 2024-09-16 Eve Maler
A new paper on PHCs advocated for proof-of-personhood as a VC contender
Proposed strategies:
Bounded credentials: Limiting how many credentials an issuer can issue per person to maximize privacy and civil liberties
Marketplace of issuers: Allowing people to choose, protect their privacy, and request retraction if they lose trust in an issuer
Aligns with the assistant's call for individuals to determine their relationship status
ID not SSI
GNAP: A Conversation of Authorization 2024-10-09 Justin Richer
After five years of standardization work, GNAP is now officially RFC9635!