Identosphere #55 • ENS names are DID • Ontario Action Plan • VC issuer-kit PoC report

A weekly digest of stories, company news, and industry updates surrounding decentralized identity. Includes upcoming events, job opportunities, and developents in standardization.

This weekly newsletter is possible thanks to readers like you!

Consider paying us a small amount each month via Patreon

Upcoming

Work 

Software Developer in Decentralised Identity Surrey AC UK

The project is to apply a Self-Sovereign Identity framework to the development of technology for privacy-preserving management of authorship of digital assets.  This is an exciting opportunity to work with emerging technologies and develop novel solutions.

Philosophy 

You are a network Aeon

You cannot be reduced to a body, a mind or a particular social role. An emerging theory of selfhood gets this complexity

Explainer

Self-Sovereign Identity (SSI) Foam Figure Explainer v2 - this time with two cameras John Phillips

Three approaches to Self-Sovereign Identity based on blockchain Coinmonks

In this short article, we investigate three different approaches to how SSI concepts map on the blockchain infrastructure.
[...]
The third approach is, in a way, derived from the previous one, and is the one pursued by uPort/Serto: the blockchain has one single registry that tracks down just the revocation of credentials,

The Buzz Behind Zero Trust State of Identity

The Zero Trust model is the belief that no one should be trusted from inside or outside your network, until their identity has been verified. Zero trust refers to the alignment of maturing identity practices, an established understanding of user behaviors, and the application of least-privilege access security policy decisions to trust boundaries

Research

Decentralized and Self-Sovereign Identity: Systematic Mapping Study Špela Čučko Muhamed Turkanović

The results suggest that validation research and solution proposals prevail, addressing decentralized identity in a general matter. Papers mainly propose systems/solutions, architectures, and frameworks, focusing on authentication, security, privacy, and trust, while there are hardly any studies researching usability, user experience, patterns, and good practices.

Use Cases

Why Machines Need Self-Sovereign Identities Peaq

As the world becomes even more connected and more machines are hooked up to the internet, the ability for machines to move, trade and interact securely and efficiently becomes increasingly important to life and business. Today’s centralized networks do not enable this. Machines today exist on closed, permission-based environments which massively limit which other machines can be interacted with, what machines can do and where they can go. 

Is the biggest tech change for travel since the internet and mobile the shift to self-sovereign identity tech? CAPA TV

  • What are some of the benefits of this new wave, such as reduced cybersecurity risk and enhanced travel experiences/personalisation?

  • Will this affect the way travel is distributed and paid for change?

  • What can players in the established travel eco-system expect?

  • When will we see this come about – where will we be by 2030? 

Identity Blockchains and Energy Consumption Indicio

A decentralized network using a blockchain-based distributed ledger means you can use Peer DIDs to move most “transactions” and their cryptographic proofing off ledger. This means that for those peer-to-peer interactions, identity blockchains don’t need to do any ledger transactions at all.

Countering Marketplace Deception with Mattereum’s Trust-as-a-Service Platform

Marketplace deception is everywhere, at great cost and risk to consumers and businesses. Regulation alone won’t fix it. Can Mattereum Asset Passports and Product Information Markets help secure trust in B2B and B2C trade?

Adoption

IIW33 Session: Crossing the chasm ➔ Mass market adoption of SSI and VC

One Size Doesn’t Fit All – Authentication Journeys to Digital Transformation Veridium

The IAM (Identity & Access Management) landscape may seem to be getting more complex, but only because we’re trying to fit a square peg in a round hole. Old methods tied strictly to AD and LDAP registries with groups and their associated roles are only a narrow keyhole from the past into which we can view a broader IAM future. These systems will continue to be used in many enterprises but form only part of the many journeys available to users within the new IAM landscape.

COVID-19

What is a vaccine passport? IBM

A vaccine passport is a physical or digital health credential to confirm a person has been vaccinated for a particular contagious disease to enable travel.

The Vaccine Certificate Experience WEBISTEMOLOGY

Version 1 of the Ontario COVID Vaccine Certificate is a cumbersome experience that needs some work

What I observed is NOT a user-friendly experience for either the customer or the business. For the experience to be improved it needs to be a single presentation operation of either a paper or digital certificate that the business can verify in one step. 

The advantage of a paper and ID card presentation ritual is that it is difficult to hack. So if we are going to improve the presentation with a single credential as above, privacy and security MUST be protected. 

Pramod Varma's message as India touches the 1 BN COVID Vaccination Certificates Milestone eGovernments Foundation

Pramod Varma, CTO, EkStep Foundation shares the journey of Digital Public Good- DIVOC (Digital Infrastructure for Vaccination Open Credentialing) envisioned a year back, for vaccination credentialing.

Understanding the Global COVID Certificate Landscape DIVOC

The DIVOC project is hosted and maintained by India’s eGov Foundation and is available as an MIT-licensed open source software package DIVOC is also supported by various multilateral funding institutions, as well as a community of software contributors and adopters in various geographies. DIVOC’s verifiable COVID credentials have also been tested for interoperability with several consumer-health and locker applications globally; and DIVOC’s certificates from the adopter countries can now be scanned/read/ingested by these domestic and international applications.  

Standarization

SSI with OpenID authentication Gimly ID

DIDs are not enough - we need an Authoriziation standard too Energy Web

If you are a developer and want to write a DApp [...] you probably are using API-Keys in your front-end. If this is the case, then you should consider the security risk the publication of the API-Key in your front end represents and ask yourself if it would make sense to switch to a user authentication scheme.

ENS names are Decentralized Identifiers (DIDs) uPort

  • did:ens:mainnet:vitalik.eth

This has two purposes:

  1. to wrap existing ENS names as DIDs to facilitate interoperability of emerging technologies in the Decentralized Identity and Ethereum community,

  2. to define a canonical way to augment ENS names with DID capabilities (e.g., encryption) as mentioned above.

Public Sector

Ontario Releases Technology and Standards for Digital Identity Ontario Newsroom

“Our Ontario Onwards: Action Plan first announced our government’s goal to make Ontario the most advanced digital jurisdiction in the world – all in the service of the people of this province,” said Peter Bethlenfalvy, Minister of Finance. “The release of Ontario’s Digital ID later this year will be an exciting step towards transforming and modernizing government services in an increasingly digital world.”

[…]

Additional Resources

BC Government’s VC Issuer Kit Proof of Concept Report DIACC (issuer-kit)

Recommendations: 

  • Open Collaboration

  • Interoperability

  • Responsive to Market Dynamics

  • Responsive to Industry Needs

  • Regulatory Compliance

  • Involvement with Governance of Networks and Registries

Early Adopters Programme | Imagining what EBSI can do for European citizens

An incubator to help Early Adopters and their partners imagine, build and launch their EBSI pilot project(s)

MyData

Hub Spotlight: MyData Japan - Promoting Ethical Approaches to Personal Data

Several committees promote the MyData movement in Japan in specific thematic areas. One of the most active committees is the Public Policy Committee, which has submitted expert opinions from the MyData Japan community to the Japanese government’s Public Comments.

Designed for Integrity MyDEX

Below are some of the design principles that underpin our infrastructure and services — principles designed to ensure that what we do truly does serve citizens, today and into the future.

Flicking the Switch of Personal Data MyDex

Over the last 14 years we have built the infrastructure needed to make citizen data empowerment possible — infrastructure capable of providing every individual with their own personal data store, where they can safely and securely collect their own data, use it and share it under their own control. This infrastructure is now live and operational, officially recognised as a supplier to public services on procurement platforms in both England and Scotland and independently accredited for data management security under ISO 27001.

Identity beyond SSI 

Authenticate Conference Gains Momentum in 2021 Find Biometrics

In-person attendance reached approximately 250 attendees, with good safety measures in place. No doubt we had to quickly get over the surreal nature of networking among security and identity experts while donning masks – symbology frequently used in the industry to represent the hackers! Virtual attendance was more than three-times the in-person numbers, and the tech and orchestration of the virtual speakers was very smooth. 

Issues to make sure we (SSI) address 

A Tour Through the OWASP Top 10 Auth0  

  • Broken access control

  • Cryptographic Failure

  • Injection

  • Insecure Design

  • Security Misconfiguration

  • Outdated Components

  • ID\Auth Failure

  • Software\Data Integrity Failure

  • Logging\Monitoring Failure

  • Server Side Request Forgery

8 Benefits of Multi-Factor Authentication (MFA) Ping

Multi-factor authentication takes it step further by requiring users to provide proof from two or more authentication factors (categories) before access is granted.

Access Now report holds up poster child Aadhaar as ‘Big ID’ bugbear Biometric Updates

A legal vacuum and vulnerable population allowed the creation of the world’s largest biometric digital ID project and built a myth which could be used by an entire industry to sell similar systems and dreams elsewhere, a new report argues.

BUSTING THE DANGEROUS MYTHS OF BIG ID PROGRAMS: CAUTIONARY LESSONS FROM INDIA

Aadhaar, India’s flagship Big ID project, is a clear example of this approach. Despite all the positive propaganda in its favor, Aadhaar has had a disastrous impact, has been heavily criticized, and has been challenged in several courts across India, including the Supreme Court of India, for its serious violation of human rights.

Thanks for Reading!

Read more \ Subscribe: newsletter.identosphere.net

Support this publication: patreon.com/identosphere

Contact \ Submission: newsletter [at] identosphere [dot] net