Identosphere #26 • ezcap library • ESSIF-Lab's second tranche winners • DID:DID
Another week's thoughts clarifications updates and developments towards verifiable credentials, decentralized identities, and the end of (FB) data silo honey pots
Thanks for joining us!
Hopefully our Patrons appreciate the Quarterly issue we just released, because we really appreciate you! We think it’s an impressive testament to the industry that’s grown around decentralized identity.
PoCATHON by Affiniti • Mar 26 – May 9, 2021
We invite developers across the world to come and build applications that generate secure, portable and privacy-preserving credentials enabling trust across entities using Affinidi’s APIs
Oktane21 • April 5-9
Inspiring keynotes. Hands-on training with experts. Oktane21 is the place to learn new skills, gain an Okta certification, engage with new ideas, and emerge ready to create the next transformative experiences.
The EOSIO Identity Working Group - Kickoff • April 12th
Gimly is excited to start the EOSIO identity working group WG (Twitter #eosio_id)! This open working group (WG) will create and foster identity solutions using EOSIO technology, by creating open W3C compliant self-sovereign identity standards, interoperability, and ecosystem development for eosio based identities.
Covid-19 Technology Innovations • April 14
“explore the technology innovations being pioneered in response to the Covid-19 pandemic, and what potential for Scottish ventures this presents.” by Peter Ferry, Gary McKay and Julian Ranger (Siccar, APPII and digi.me)
Internet Identity Workshop XXXII (#32) • April 20-22
OpenID Foundation Virtual Workshop • April 29, 2021
Identiverse 2021 • June 21-23 (Denver)
Gimly is Hiring
POSITION 1: FULL-STACK BLOCKCHAIN DEVELOPER
POSITION 2: PRODUCT DEVELOPMENT MANAGER
Getting Started with Self Sovereign Identity SSI
The blog is my getting started with Self Sovereign identity. I plan to explore developing solutions using Self Sovereign Identities, the different services and evaluate some of the user cases in the next couple of blogs. Some of the definitions are explained, but mainly it is a list of resources, links for getting started. I’m developing this blog series together with Matteo and will create several repos, blogs together.
Introduction to Self-Sovereign Identity Jakubkoci
In this article, I will do my best to explain self-sovereign identity from the end-user perspective, without any technicalities.
The way towards self-sovereign identity Ines Duits
This series of blogs focus on self-sovereign identity, SSI. This post explains where SSI originated from by giving a timeline of how digital identity has changed over the years. In the second blog, we focus on what SSI is exactly. In the third blog, give two examples of use cases (IRMA and Sovrin) where SSI plays an important role.
Verifiable Credentials Use Cases – Affinidi
Protecting Your Driver’s License
the biggest advantage of such an SSI-based driver’s license is that there’s absolutely no possibility of loss. Furthermore, there is no question of your PII on the license to fall into the wrong hands because the holder has complete control over how it is used and with whom it is shared.
Accessing Medical Records Anywhere
this workflow doesn’t involve any third-party to store your medical data and this also means no worry about medical data storage policies and the laws associated with it. The holder completely owns his or her medical data and stores it exclusively in his or her digital wallet, thereby making it secure and hassle-free.
Me2BA Claims Victory in Contest Over California Privacy Regulations
On March 15th, the AG’s Office of Administrative Law (OAL) approved additional CCPA regulations promulgated by the Department of Justice. Notably, the Department withdrew its original language mandating the “Privacy Options” icon. In its place is new language making commercial use of the icons optional only. In other words, our stated concerns about the icons were well received, and ultimately adopted.
Not Just Personal Data Stores Alan Mitchell
This is the fifth in a series of blogs which provide edited extracts of key points made by Mydex CIC in its response to the UK Government consultation around a new National Data Strategy.
This blog focuses on the main ingredients needed to unleash the full potential of personal data — in addition to personal data stores.
Why framing “data” as an asset or liability is dangerous MyDigital Footprint
If there is one thing that can change finance’s power and dominance as a decision-making tool, it is the rest of the data. According to Google (2020), 3% of company data is finance data when considered part of an entire company’s data lake. McKinsey reports that 90% of company decisions are based on finance data alone, the same 3% of data.
If you are in accounting, audit or finance shoes, how would you play the game to retain control when something more powerful comes on the scene?
Our Language Reflects Our Values Auth0
At Auth0, we believe that consistent, iterative improvement leads to incredible results. We recognize that addressing our use of biased language is an ongoing process rather than a one-and-done effort. With our guidelines and principles in place, all employees are empowered to address biased language as they find it. We all have an obligation to be intentional with our language and consider how all words we use have the potential to reflect our values and beliefs.
Digital identities – steps on the path to an ID ecosystem Bankenverband
This article is very very good in articulating the big picture of how SSI systems relative to older system and emerging fragmented systems.
An answer to these challenges is an ecosystem in which digital identity data can be exchanged in a way that is secure, reliable, scalable and convenient. This will have a positive impact on the economic future of Germany and Europe while at the same time enhancing the private sphere of the individual.
The EU Digital Green Certificate Program Evernym
Although the EU’s approach to COVID-19 health certificates (the Digital Green Certificate) implements existing technology and supports both paper and digital credentials, offline usage, and speedy verification, it makes a number of security and privacy compromises. Our analysis found it to be inherently centralised and better suited for low assurance use cases.
Elastos DID: What’s Ahead for 2021
DID 2.0’s primary objectives are to provide a superior developer and user experience, and to support more complex business models and use case scenarios enabling the expansion of DID’s implementation and adoption potential.
Drilling down: Co-development DIF
What “standardization” means to DIF and what DIF means to standardization.
A newbie-friendly survey of how DIF relates to nearby organizations with overlapping or related foci.
What “co-development” and “coöpetition” really mean, concretely
Spherity launches New Product to Support Pharmaceutical Supply Chain Compliance
The product establishes trust in digital interactions between trading partners in pharmaceutical supply chains and ensures compliance with the U.S. Drug Supply Chain Security Act (DSCSA).
One woman’s open-source journey to decentralized identity Indicio
Noha Abuaesh, a Bahrain-based computer scientist, has been exploring decentralized identity for the last year, often with assistance from Indicio.tech’s open-source tools and free communications channels.
Community Credentials Resonate
Verifiable Credentials are a new web standard for proving things digitally, thanks to some clever cryptography. We are building Community Credentials to be the ‘Know Your Co-operator’ equivalent of KYC (Know Your Customer for business) for co-op social trust, all without reliance on centralised providers (or blockchains).
Meet the eSSIF-Lab’s ecosystem: The Infrastructure Development Instrument second tranche winners NGI Community
2nd tranche winners are the following:
Verifier Universal Interface by Gataca España S.L. – Building Standard APIs for Verifier components to enable SSI interoperability
Automated data agreements to simplify SSI work flows by LCubed AB (operated under the brand iGrant.io) – Adopt SSI and make it consumable for both organisations and end-users
Presentation Exchange - Credential Query Infra by Sphereon B.V. – Presentation Exchange Interop and Integration
Letstrust.org by SSI Fabric GmbH – Self-Sovereign Identity for everyone: Enterprise & Consumer Cloud Wallet (OIDC-based), Credentials & SDKs as a basis for applications - free
SSI Java Libraries by Danube Tech GmbH – Improving and completing a set of generic, open-source Java libraries for working with DIDs and VCs
WordPreSSI Login by Associazione Blockchain Italia – SSI Login for every WordPress site
NFC DID VC Bridge by Gimly – Enabling the use of NFC secure elements as DID and VC transport for off-line and online identity, authorizations and access management
DIF SDS/CS WG: CS Refactoring Proposal 0.2 Hyperonomy
Latest Version of the Proposal (0.2 – March 24, 2021)
Agent-Hub-EDV Architecture Reference Model (AHE-ARM) 0.1
Transcription of Selected Parts of the DIF SDS/CS March 11, 2021 Zoom Call
OSI Stack Proposal for Confidential Storage Specification
Based on the March 11 Zoom discussion where we worked hard to discern the differences between Agents, Hubs, and EDVs (and I believe were largely successful IMO), I’ve like to propose to the SDS/CS WG that we refactor the current Confidential Storage specification into 3 separable parts/specifications.
EU Grant to Help Building Blockchain Infrastructure. Sphereon
We’ll be providing a Presentation Exchange that creates interoperability between W3C DIF-compliant Verifiable Credentials and Hyperledger Aries-based Verifiable Credentials for the European Blockchain Services Infrastructure (EBSI).
Self-Sovereign Identity for Social Impact & Importance of UX Jimmy J.P. Snoek, Tykn
when you go to somewhere in Sub-Saharan Africa, that’s going to be pretty difficult, when there’s maybe one phone in a village and it’s not even necessarily a smartphone. It’s very easy to say, “Oh yeah, but within SSI, everything has to be stored on the edge wallet.” What we saw was that if you make that this hard requirement, and keep working from that, then all these population groups are just going to be left behind more and more.
The Future of Authenticating Your Data with Doc Searls, Katherine Druckman and Dave Huseby
Across time and space immediately being tracked and, and falling victim to what I call sort of casual surveillance or corporate surveillance, right? Where is your data flows through systems; businesses are able to observe that movement of your data, your information aggregated, develop some kind of psychological model and then able to sell that to people who wish to manipulate you
PSA Today with Julian Ranger, founder of Digi.me
Personal data governance (in a world of surveillance capitalism)
Digi.me creates first working UK vaccine passport capability
verified fully private, secure and tamper-proof due to multiple robust security measures including encryption.
This health pass has been designed to be fully interoperable with other international standards, such as the UN Good Health Pass Collaborative, of which digi.me is a member.
SSI eIDAS Legal Report – Ignacio Alamillo – Webinar 55
The European Commission developed the SSI (Self-Sovereign Identity) eIDAS bridge, an ISA2 funded initiative, to promote eIDAS as a trust framework for the SSI ecosystem. It assists a VC (Verifiable Credential) issuer in the signing process, and helps the verifier to automate the identification of the organization behind the issuer’s DID (Decentralized Identifier). Simply by “crossing” the eIDAS Bridge, a Verifiable Credential can be proven trustworthy in the EU.
What BBS+ Means For Verifiable Credentials Evernym
In a recent Evernym blog post, we discussed why BBS+ LD-Proofs are the privacy-preserving VC format that everyone should implement. In this webinar….
- A brief history of verifiable credential formats, and how a lack of convergence makes scale and interoperability an ongoing challenge
- How BBS+ Signatures are the breakthrough that combine the best of the JSON-LD and ZKP formats, while still allowing for selective disclosure and non-trackability
- The path forward: What remains to be done to fully converge on the BBS+ format
NFT and music, NFT:DID for turning NFT's into identities, and critical updates to mainnet. Ceramic Community Call
you can go to ceramicnetwork/nft-did-resolver on github to see the prototype
so this is the minimal implementation that allows you to verify signatures of the most recent owner of the nft did as like being valid
Technical Report on the Universal RDF Dataset Normalization Algorithm - Bill Bradley
The goal of this technical report is to review the Universal RDF Dataset Normalization Algorithm (URDNA2015) for correctness and to provide satisfactory evidence that possible issues with URDNA2015 have been considered and dismissed.
did:did - DID Identity DID (DID) DID method
We hope the community will find this useful to help increase adoption and interoperability of Decentralized Identity technology.
Registration request: https://github.com/w3c/did-spec-registries/pull/280
The ezcap library - Manu Sporny
Now might be a good time to announce some open source tooling a few of us have been working on related to zcaps that is being created to simplify the developer experience when developing with zcaps.
ezcap (pronounced "Easy Cap") - An easy to use, opinionated Authorization Capabilities (zcap) client library for the browser and Node.js.
Blockchain, Self-Sovereign Identity and Digital Credentials: Promise Versus Praxis in Education
This article is primarily interested in the affordances of the technology as a public good for the education sector. It levers on the lead author’s perspective as a mediator between the blockchain and education sectors in Europe on high-profile blockchain in education projects to provide a snapshot of the challenges and workable solutions in the blockchain-enabled, European digital credentials sector.
Identity not SSI
V2 of FIDO2 CTAP advanced to Public Review Draft
The FIDO Alliance has published this Public Review Draft for the FIDO2 Client to Authenticator Protocol (CTAP) specification, bringing the second version of FIDO2 one step closer to becoming a completed standard.
FIDO Recognition for European Digital Identity Systems and eIDAS Grows
Recognition of the value of FIDO in European digital identity systems and eIDAS continues to grow. This month has featured two new updates in Europe on the FIDO front: the release of a landmark ENISA report that discusses the role FIDO2 plays in eIDAS, and the accreditation by the Czech government of a new eID solution using FIDO2.
Blockchain Ecosystem’s Response to MiCA Regulation Proposal INTABA
INATBA believes that the interaction between policymakers and industry representatives should continue throughout the whole regulatory process. The period between the publication of the proposal and the enactment of the regulation is estimated to be three years. 3 Within this time, many aspects of the blockchain (and DLT) ecosystem may change, the rather nascent technology may further evolve in unexpected ways and novel business models may emerge.