Identosphere #55 • ENS names are DID • Ontario Action Plan • VC issuer-kit PoC report
A weekly digest of stories, company news, and industry updates surrounding decentralized identity. Includes upcoming events, job opportunities, and developents in standardization.
This weekly newsletter is possible thanks to readers like you!
Consider paying us a small amount each month via Patreon
Support our work on Patreon — Get Exclusive Content!!
Read previous issues and Subscribe : newsletter.identosphere.net
Contact \ Content Submissions: newsletter [at] identosphere [dot] net
Upcoming
Does the W3C Still Believe in Tim Berners-Lee’s Vision of Decentralization? Evernym 11/3 (register)
Last month, Google, Apple, and Mozilla lodged formal objections to W3C approval of the W3C Decentralized Identifiers (DIDs) 1.0 specification.
Engineering Successful IAM Projects to Support Digital Business 11/23 KuppingerCole
Registration Open for OpenID Foundation Virtual Workshop 12/9
Self-issued OpenID Provider (SIOP) Update Kristina Yasuda – Microsoft
Work
Software Developer in Decentralised Identity Surrey AC UK
The project is to apply a Self-Sovereign Identity framework to the development of technology for privacy-preserving management of authorship of digital assets. This is an exciting opportunity to work with emerging technologies and develop novel solutions.
Philosophy
You are a network Aeon
You cannot be reduced to a body, a mind or a particular social role. An emerging theory of selfhood gets this complexity
Explainer
Self-Sovereign Identity (SSI) Foam Figure Explainer v2 - this time with two cameras John Phillips
Three approaches to Self-Sovereign Identity based on blockchain Coinmonks
In this short article, we investigate three different approaches to how SSI concepts map on the blockchain infrastructure.
[...]
The third approach is, in a way, derived from the previous one, and is the one pursued by uPort/Serto: the blockchain has one single registry that tracks down just the revocation of credentials,
The Buzz Behind Zero Trust State of Identity
The Zero Trust model is the belief that no one should be trusted from inside or outside your network, until their identity has been verified. Zero trust refers to the alignment of maturing identity practices, an established understanding of user behaviors, and the application of least-privilege access security policy decisions to trust boundaries
Research
Decentralized and Self-Sovereign Identity: Systematic Mapping Study Špela Čučko Muhamed Turkanović
The results suggest that validation research and solution proposals prevail, addressing decentralized identity in a general matter. Papers mainly propose systems/solutions, architectures, and frameworks, focusing on authentication, security, privacy, and trust, while there are hardly any studies researching usability, user experience, patterns, and good practices.
Use Cases
Why Machines Need Self-Sovereign Identities Peaq
As the world becomes even more connected and more machines are hooked up to the internet, the ability for machines to move, trade and interact securely and efficiently becomes increasingly important to life and business. Today’s centralized networks do not enable this. Machines today exist on closed, permission-based environments which massively limit which other machines can be interacted with, what machines can do and where they can go.
Is the biggest tech change for travel since the internet and mobile the shift to self-sovereign identity tech? CAPA TV
What are some of the benefits of this new wave, such as reduced cybersecurity risk and enhanced travel experiences/personalisation?
Will this affect the way travel is distributed and paid for change?
What can players in the established travel eco-system expect?
When will we see this come about – where will we be by 2030?
Identity Blockchains and Energy Consumption Indicio
A decentralized network using a blockchain-based distributed ledger means you can use Peer DIDs to move most “transactions” and their cryptographic proofing off ledger. This means that for those peer-to-peer interactions, identity blockchains don’t need to do any ledger transactions at all.
Countering Marketplace Deception with Mattereum’s Trust-as-a-Service Platform
Marketplace deception is everywhere, at great cost and risk to consumers and businesses. Regulation alone won’t fix it. Can Mattereum Asset Passports and Product Information Markets help secure trust in B2B and B2C trade?
Adoption
IIW33 Session: Crossing the chasm ➔ Mass market adoption of SSI and VC
One Size Doesn’t Fit All – Authentication Journeys to Digital Transformation Veridium
The IAM (Identity & Access Management) landscape may seem to be getting more complex, but only because we’re trying to fit a square peg in a round hole. Old methods tied strictly to AD and LDAP registries with groups and their associated roles are only a narrow keyhole from the past into which we can view a broader IAM future. These systems will continue to be used in many enterprises but form only part of the many journeys available to users within the new IAM landscape.
COVID-19
What is a vaccine passport? IBM
A vaccine passport is a physical or digital health credential to confirm a person has been vaccinated for a particular contagious disease to enable travel.
The Vaccine Certificate Experience WEBISTEMOLOGY
Version 1 of the Ontario COVID Vaccine Certificate is a cumbersome experience that needs some work
What I observed is NOT a user-friendly experience for either the customer or the business. For the experience to be improved it needs to be a single presentation operation of either a paper or digital certificate that the business can verify in one step.
The advantage of a paper and ID card presentation ritual is that it is difficult to hack. So if we are going to improve the presentation with a single credential as above, privacy and security MUST be protected.
Pramod Varma's message as India touches the 1 BN COVID Vaccination Certificates Milestone eGovernments Foundation
Pramod Varma, CTO, EkStep Foundation shares the journey of Digital Public Good- DIVOC (Digital Infrastructure for Vaccination Open Credentialing) envisioned a year back, for vaccination credentialing.
Understanding the Global COVID Certificate Landscape DIVOC
The DIVOC project is hosted and maintained by India’s eGov Foundation and is available as an MIT-licensed open source software package DIVOC is also supported by various multilateral funding institutions, as well as a community of software contributors and adopters in various geographies. DIVOC’s verifiable COVID credentials have also been tested for interoperability with several consumer-health and locker applications globally; and DIVOC’s certificates from the adopter countries can now be scanned/read/ingested by these domestic and international applications.
Standarization
SSI with OpenID authentication Gimly ID
DIDs are not enough - we need an Authoriziation standard too Energy Web
If you are a developer and want to write a DApp [...] you probably are using API-Keys in your front-end. If this is the case, then you should consider the security risk the publication of the API-Key in your front end represents and ask yourself if it would make sense to switch to a user authentication scheme.
ENS names are Decentralized Identifiers (DIDs) uPort
did:ens:mainnet:vitalik.eth
This has two purposes:
to wrap existing ENS names as DIDs to facilitate interoperability of emerging technologies in the Decentralized Identity and Ethereum community,
to define a canonical way to augment ENS names with DID capabilities (e.g., encryption) as mentioned above.
Public Sector
Ontario Releases Technology and Standards for Digital Identity Ontario Newsroom
“Our Ontario Onwards: Action Plan first announced our government’s goal to make Ontario the most advanced digital jurisdiction in the world – all in the service of the people of this province,” said Peter Bethlenfalvy, Minister of Finance. “The release of Ontario’s Digital ID later this year will be an exciting step towards transforming and modernizing government services in an increasingly digital world.”
[…]
Additional Resources
BC Government’s VC Issuer Kit Proof of Concept Report DIACC (issuer-kit)
Recommendations:
Open Collaboration
Interoperability
Responsive to Market Dynamics
Responsive to Industry Needs
Regulatory Compliance
Involvement with Governance of Networks and Registries
Early Adopters Programme | Imagining what EBSI can do for European citizens
An incubator to help Early Adopters and their partners imagine, build and launch their EBSI pilot project(s)
MyData
Hub Spotlight: MyData Japan - Promoting Ethical Approaches to Personal Data
Several committees promote the MyData movement in Japan in specific thematic areas. One of the most active committees is the Public Policy Committee, which has submitted expert opinions from the MyData Japan community to the Japanese government’s Public Comments.
Designed for Integrity MyDEX
Below are some of the design principles that underpin our infrastructure and services — principles designed to ensure that what we do truly does serve citizens, today and into the future.
Flicking the Switch of Personal Data MyDex
Over the last 14 years we have built the infrastructure needed to make citizen data empowerment possible — infrastructure capable of providing every individual with their own personal data store, where they can safely and securely collect their own data, use it and share it under their own control. This infrastructure is now live and operational, officially recognised as a supplier to public services on procurement platforms in both England and Scotland and independently accredited for data management security under ISO 27001.
Identity beyond SSI
Authenticate Conference Gains Momentum in 2021 Find Biometrics
In-person attendance reached approximately 250 attendees, with good safety measures in place. No doubt we had to quickly get over the surreal nature of networking among security and identity experts while donning masks – symbology frequently used in the industry to represent the hackers! Virtual attendance was more than three-times the in-person numbers, and the tech and orchestration of the virtual speakers was very smooth.
Issues to make sure we (SSI) address
A Tour Through the OWASP Top 10 Auth0
Broken access control
Cryptographic Failure
Injection
Insecure Design
Security Misconfiguration
Outdated Components
ID\Auth Failure
Software\Data Integrity Failure
Logging\Monitoring Failure
Server Side Request Forgery
8 Benefits of Multi-Factor Authentication (MFA) Ping
Multi-factor authentication takes it step further by requiring users to provide proof from two or more authentication factors (categories) before access is granted.
Access Now report holds up poster child Aadhaar as ‘Big ID’ bugbear Biometric Updates
A legal vacuum and vulnerable population allowed the creation of the world’s largest biometric digital ID project and built a myth which could be used by an entire industry to sell similar systems and dreams elsewhere, a new report argues.
BUSTING THE DANGEROUS MYTHS OF BIG ID PROGRAMS: CAUTIONARY LESSONS FROM INDIA
Aadhaar, India’s flagship Big ID project, is a clear example of this approach. Despite all the positive propaganda in its favor, Aadhaar has had a disastrous impact, has been heavily criticized, and has been challenged in several courts across India, including the Supreme Court of India, for its serious violation of human rights.
Thanks for Reading!
Read more \ Subscribe: newsletter.identosphere.net
Support this publication: patreon.com/identosphere
Contact \ Submission: newsletter [at] identosphere [dot] net