Awesome-Mirrors/decentralized-id.github.io
1
0
Fork 0
mirror of https://github.com/Decentralized-ID/decentralized-id.github.io.git synced 2024-12-12 00:54:23 -05:00
Code Issues Packages Projects Releases Wiki Activity

credentials, dids, diacc

Browse Source
This commit is contained in:
⧉ infominer 2022-12-03 04:05:47 -05:00
parent d88e61056a
commit 18794aca8f
18 changed files with 481 additions and 528 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
_posts/identosphere-dump/companies/README.md
View File

@ -81,3 +81,24 @@ Gimly ID is leading self-sovereign identity innovation, with the implementation
* [SSI with OpenID authentication](https://www.loom.com/share/d49e005bb32349d7950022e83d55b944) Gimly ID
## Indicio
* [Indicio launches blockchain-enabled network for identity](https://indicio.tech/blog/indicio-launches-blockchain-enabled-network-for-identity/)
> “Our clients asked for a stable, fully-staffed network based on Hyperledger Indy— one that could provide the  Service Level Agreements their customers need for mission-critical workloads,” said Heather Dahl, CEO of Indicio. “Today, we are excited to announce that this MainNet is open for business.”
>
> “This is the network we need to accelerate adoption of passwordless zero trust ecosystems for enterprise customers” said Mike Vesey, President of [IdRamp](https://idramp.com), a leader in decentralized identity and a Genesis Node Operator on the Network.
* [Panel: Start Simple to Scale Decentralized Identity](https://hgf2021.sched.com/event/j3ej%23new_tab) HGF2021 • Indicio
> Liquid Avatar Technologies and Indicio.tech will share how together they are transitioning the current KABN ID solution to verifiable credentials by building the Liquid Avatar Verifiable Credentials Ecosystem utilizing Hyperledger Aries, Ursa, and Indy.
* [Become a Node Operator](https://indicio.tech/blog/be-a-part-of-the-most-dynamic-network-community-in-decentralized-identity/) Indicio
> weve seen a rapid rise in demand for robust, stable, and professionally maintained networks to support decentralized identity solutions. Its not a surprise: decentralized identitys moment has arrived. Thats why weve been hard at work creating Hyperledger Indy networks upon which developers all over the world are building, testing, and launching their solutions.
* [Indicio completes Hyperledger Indy DID Method—A Milestone in the Evolution of DID Interop](https://indicio.tech/indicio-completes-hyperledger-indy-did-method-a-milestone-in-the-evolution-of-decentralized-identity-network-interoperability/)
The Indy DID Method paves the way for Hyperledger Indy credentials to scale globally by allowing Indy networks to seamlessly interoperate and create a “network-of-networks” effect.
## Identos
* [Identos builds Verifiable Credentials into updated federated digital ID API](https://www.biometricupdate.com/202209/identos-builds-verifiable-credentials-into-updated-federated-digital-id-api) Biometric Update
The new FPX Junction cloud software suite is designed for fine-grained API authorization and user-centric digital identity management. The digital wallet and user-managed access 2.0 authorization server work together to enable single-sign on federation. An optional user interface SDK for the digital wallet provides native mobile and web support.

1
_posts/identosphere-dump/educational-resources/governance.md
View File

@ -78,7 +78,6 @@ Then run [https://github.com/solid/community-server](https://github.com/solid/co
a simple mechanism to provide public information concerning an entity by advertising a public profile service in the DID document of a public DID. A good analogy for this public identity information would be a machine-readable and cryptographically-verifiable imprint.
* [Wrapping Indy Credentials (AnonCreds) in W3C VCs](https://hackmd.io/S6e2MeSWTICnV9lD9OukKg)
* [https://www.gaia-x.eu/pdf/Gaia-X_Architecture_Document_2103.pdf](https://www.gaia-x.eu/pdf/Gaia-X_Architecture_Document_2103.pdf)

7
_posts/identosphere-dump/open-source-projects/hyperledger/README.md Normal file
View File

@ -0,0 +1,7 @@
# Hyperledger
## Ursa
* [Hyperledger Ursa code review](https://www.hyperledger.org/hyperledger-ursa/2022/05/31/hyperledger-ursa-code-review) Hyperledger
> Rooted in a “trust but verify” mindset, several Canadian public sector entities and [Interac](https://www.interac.ca/en/) (Canadas interbank network) sponsored a project at the [Digital Identity Laboratory of Canada](https://idlab.org/) (IDLab) to perform a security and cryptography code review of Hyperledger Ursa  (full report is available [here](https://www.hyperledger.org/wp-content/uploads/2022/05/URSA-IDLab-Code-Review.pdf)).

8
_posts/identosphere-dump/open-source-projects/hyperledger/anoncreds.md Normal file
View File

@ -0,0 +1,8 @@
* [AnonCreds Indy-Pendence](https://blog.cheqd.io/anoncreds-indy-pendence-4946367469d4) Cheqd
Part 1: Decoupling the reliance on Hyperledger Indy and creating more extensible AnonCreds Objects with cheqd.
- [Anonymous Credential Part 1: Brief Overview and History](https://medium.com/finema/anonymous-credential-part-1-brief-overview-and-history-c6679034c914)
> An anonymous credential (Anoncred), which is also known as an attribute-based credential (ABC), is a concept for a digital credential that provides a credential holder maximal privacy and an ability to selectively disclose their personal information.
- [Anonymous Credential Part 2: Selective Disclosure and CL Signature](https://medium.com/finema/anonymous-credential-part-2-selective-disclosure-and-cl-signature-b904a93a1565)
> selective disclosure and an anonymous credential (Anoncred) relies on an efficient signature scheme that supports multiple messages with a single signature. One such signature scheme is known as CL signature that is named after its Jan Camenisch and Anna Lysyanskaya […] CL signature popularized Anoncreds, and it also served as a cryptographic building block in Identity Mixer (Idemix) and Hyperledger Indy projects.
* [Wrapping Indy Credentials (AnonCreds) in W3C VCs](https://hackmd.io/S6e2MeSWTICnV9lD9OukKg)

25
_posts/identosphere-dump/open-source-projects/hyperledger/hyperledger-umbrella.md
View File

@ -44,26 +44,18 @@ High level:
Technical details (implementation):
* [https://docs.google.com/document/d/1Tg4dAEtC78TxG9AsIby_CfpbeOicK_YMKznSQOvtIVU/edit](https://docs.google.com/document/d/1Tg4dAEtC78TxG9AsIby_CfpbeOicK_YMKznSQOvtIVU/edit)
* [Indicio launches blockchain-enabled network for identity](https://indicio.tech/blog/indicio-launches-blockchain-enabled-network-for-identity/)
> “Our clients asked for a stable, fully-staffed network based on Hyperledger Indy— one that could provide the  Service Level Agreements their customers need for mission-critical workloads,” said Heather Dahl, CEO of Indicio. “Today, we are excited to announce that this MainNet is open for business.”
>
> “This is the network we need to accelerate adoption of passwordless zero trust ecosystems for enterprise customers” said Mike Vesey, President of [IdRamp](https://idramp.com), a leader in decentralized identity and a Genesis Node Operator on the Network.
* [https://northernblock.io/products/ssi-enterprise-cloud/](https://northernblock.io/products/ssi-enterprise-cloud/). In this video, we will demonstrate how to create new Verifiable Credentials with custom schemas using the NB Orbit enterprise app. Once the credential schema is created and the attribute fields specified, the enterprise user can then publish a credential definition to whatever root of trust they are using, in our case a Hyperledger Indy network.
* [How to Create New Verifiable Credentials with Customizable Schemas](https://www.youtube.com/watch?v%3D3JR6_tQYhgk)
> In this video, we will demonstrate how to create new Verifiable Credentials with custom schemas using the NB Orbit enterprise app.
>
> Once the credential schema is created and the attribute fields specified, the enterprise user can then publish a credential definition to whatever root of trust they are using, in our case a Hyperledger Indy network.
- [Anonymous Credential Part 1: Brief Overview and History](https://medium.com/finema/anonymous-credential-part-1-brief-overview-and-history-c6679034c914)
> An anonymous credential (Anoncred), which is also known as an attribute-based credential (ABC), is a concept for a digital credential that provides a credential holder maximal privacy and an ability to selectively disclose their personal information.
- [Anonymous Credential Part 2: Selective Disclosure and CL Signature](https://medium.com/finema/anonymous-credential-part-2-selective-disclosure-and-cl-signature-b904a93a1565)
> selective disclosure and an anonymous credential (Anoncred) relies on an efficient signature scheme that supports multiple messages with a single signature. One such signature scheme is known as CL signature that is named after its Jan Camenisch and Anna Lysyanskaya […] CL signature popularized Anoncreds, and it also served as a cryptographic building block in Identity Mixer (Idemix) and Hyperledger Indy projects.
* [Forbes “Blockchain 50” Shows Enterprise Blockchains Footprint and Impact, with Hyperledger Tech Leading The Pack](https://www.hyperledger.org/blog/2021/02/02/once-again-forbes-blockchain-50-shows-enterprise-blockchains-footprint-and-impact-with-hyperledger-technologies-leading-the-pack)
> Declaring that blockchain has “gone mainstream,” Forbes today released its 2021 “Blockchain 50,” featuring companies that have at least $1 billion in revenues or are valued at $1 billion or more and “lead in employing distributed ledger technology.” And, once again, half of the companies on the list are using Hyperledger technology.* [Why Distributed Ledger Technology (DLT) for Identity?](https://www.hyperledger.org/blog/2021/04/21/why-distributed-ledger-technology-dlt-for-identity) Hyperledger
> To understand why DLT is useful for identity, we need to go back to the basics—paper credentials, how that model has worked for 1000s of years, and how the use of DLTs with verifiable credentials allows us to transition the great parts—security and privacy—of that model to the digital age.
* [Panel: Start Simple to Scale Decentralized Identity](https://hgf2021.sched.com/event/j3ej%23new_tab) HGF2021 • Indicio
Liquid Avatar Technologies and Indicio.tech will share how together they are transitioning the current KABN ID solution to verifiable credentials by building the Liquid Avatar Verifiable Credentials Ecosystem utilizing Hyperledger Aries, Ursa, and Indy.
* [hyperledger-labs/business-partner-agent: The Business Partner Agent allows to manage and exchange master data between organizations](https://github.com/hyperledger-labs/business-partner-agent)
@ -73,27 +65,14 @@ There was some discussion about the way to present such a profile, especially th
One alternative, to create a DIDcomm-based protocol for public profile was discussed and would be a good alternative at the cost of every client having to be able to speak DIDcomm.
* [Become a Node Operator](https://indicio.tech/blog/be-a-part-of-the-most-dynamic-network-community-in-decentralized-identity/) Indicio
> weve seen a rapid rise in demand for robust, stable, and professionally maintained networks to support decentralized identity solutions. Its not a surprise: decentralized identitys moment has arrived. Thats why weve been hard at work creating Hyperledger Indy networks upon which developers all over the world are building, testing, and launching their solutions.
* [Hyperledger Ursa code review](https://www.hyperledger.org/hyperledger-ursa/2022/05/31/hyperledger-ursa-code-review) Hyperledger
Rooted in a “trust but verify” mindset, several Canadian public sector entities and [Interac](https://www.interac.ca/en/) (Canadas interbank network) sponsored a project at the [Digital Identity Laboratory of Canada](https://idlab.org/) (IDLab) to perform a security and cryptography code review of Hyperledger Ursa  (full report is available [here](https://www.hyperledger.org/wp-content/uploads/2022/05/URSA-IDLab-Code-Review.pdf)).
* [Indicio completes Hyperledger Indy DID Method—A Milestone in the Evolution of DID Interop](https://indicio.tech/indicio-completes-hyperledger-indy-did-method-a-milestone-in-the-evolution-of-decentralized-identity-network-interoperability/)
The Indy DID Method paves the way for Hyperledger Indy credentials to scale globally by allowing Indy networks to seamlessly interoperate and create a “network-of-networks” effect.
* [Our Approach to Resources on-ledger](https://blog.cheqd.io/our-approach-to-resources-on-ledger-25bf5690c975): Using the capabilities of the DID Core specification for standards-compliant resource lookup
Decentralised Identifiers (DIDs): are often stored on ledgers (e.g., [cheqd](https://github.com/cheqd/node-docs/blob/adr-008-resources-updates/architecture/adr-list/adr-002-cheqd-did-method.md), [Hyperledger Indy](https://hyperledger.github.io/indy-did-method/), distributed storage (e.g., [IPFS](https://ipfs.io/) in [Sidetree](https://identity.foundation/sidetree/spec/)), or non-ledger distributed systems (e.g., [KERI](https://keri.one/)). Yet, DIDs can be stored on traditional centralised-storage endpoints (e.g., [did:web](https://w3c-ccg.github.io/did-method-web/), [did:git](https://github-did.com/)).
* [AnonCreds Indy-Pendence](https://blog.cheqd.io/anoncreds-indy-pendence-4946367469d4) Cheqd
Part 1: Decoupling the reliance on Hyperledger Indy and creating more extensible AnonCreds Objects with cheqd.

0
_posts/identosphere-dump/open-standards/hubs.md → _posts/identosphere-dump/open-standards/data-exchange.md
View File

233
_posts/identosphere-dump/open-standards/decentralized-identifier.md Normal file
View File

@ -0,0 +1,233 @@
# Decentralized Identifier
* [W3C launches Decentralized Identifiers as a web standard](https://portswigger.net/daily-swig/w3c-launches-decentralized-identifiers-as-a-web-standard) in the Daily Swig: Cybersecurity news and views.
“I would summarize the overall impact of DIDs on cybersecurity as making digital signing and [encryption](https://portswigger.net/daily-swig/encryption) much more widely available than todays conventional X.509-based public key infrastructure (PKI),” Drummond Reed, director of trust services at Avast
* [W3C overrules objections by Google, Mozilla to decentralized identifier spec](https://www.theregister.com/2022/07/01/w3c_overrules_objections/) Oh no, he DIDn't in the Register
> The [DID specification](https://www.w3.org/TR/did-core/%23introduction) describes a way to deploy a globally unique identifier without a centralized authority (eg, Apple [for Sign in with Apple](https://developer.apple.com/sign-in-with-apple/) as a verifying entity.
* [Link your domain to your Decentralized Identifier (DID) (preview)](https://docs.microsoft.com/en-us/azure/active-directory/verifiable-credentials/how-to-dnsbind)
> We make a link between a domain and a DID by implementing an open standard written by the Decentralized Identity Foundation called [Well-Known DID configuration](https://identity.foundation/.well-known/resources/did-configuration/). The verifiable credentials service in Azure Active Directory (Azure AD) helps your organization make the link between the DID and domain by including the domain information that you provided in your DID, and generating the well-known config file:
* [What is a DID? Part 1](https://www.youtube.com/watch?v%3DOYYtxVEra1c) XSL Labs
* [Quest-ce quun DID? Partie 1](https://www.youtube.com/watch?v%3DVNLKufTDM4o) XSL Labs
* [Decentralized Identity: Why Are DIDs The Future of Digital Identity Management?](https://elastos.info/decentralized-identity-dids/)
> Why would you have 75 logins when you could have 1?
* [A DIF & TOIP Joint Statement of Support for the Decentralized Identifiers (DIDS) V1.0 Specification Becoming A W3C Specification](https://trustoverip.org/blog/2021/10/29/a-dif-toip-joint-statement-of-support-for-the-decentralized-identifiers-dids-v1-0-specification-becoming-a-w3c-standard/).
DIDs are a critical part of a technical foundation for the products and activities of many of our members. Many of the implementations in the [DID Working Groups implementation report](https://w3c.github.io/did-test-suite/%23report-by-methods) were developed by engineers and companies who collaborate openly at DIF on points of technical interoperability, and at ToIP on points of policy and governance.
* [Indicios support for the W3C DID Specification and its path to standardization](https://indicio.tech/indicios-support-for-the-w3c-did-specification-and-its-path-to-standardization/)
> The position of Indicio is that the DID Specification is of signal importance to creating a better digital world. We recognize that, as with any specification, improvements can and will be made in the future; but we back its recommendations and its approval.
* [ENS names are Decentralized Identifiers (DIDs)](https://medium.com/uport/ens-names-are-decentralized-identifiers-dids-724f0c317e4b) uPort
> - did:ens:mainnet:vitalik.eth
>
> This has two purposes:
> 1. to wrap existing ENS names as DIDs to facilitate interoperability of emerging technologies in the Decentralized Identity and Ethereum community,
> 2. to define a canonical way to augment ENS names with DID capabilities (e.g., encryption) as mentioned above.
* [Community Resources - DID Primer](https://w3c-ccg.github.io/did-primer/) Credentials Community Group
> At a superficial level, a decentralized identifier (DID) is simply a new type of globally unique identifier. But at a deeper level, DIDs are the core component of an entirely new layer of decentralized digital identity and public key infrastructure (PKI) for the Internet. This [decentralized public key infrastructure](https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust/blob/master/final-documents/dpki.pdf) (DPKI) could have as much impact on global cybersecurity and cyberprivacy as the development of the [SSL/TLS protocol](https://en.wikipedia.org/wiki/Transport_Layer_Security) for encrypted Web traffic (now the largest PKI in the world).
* [Cryptography Review of W3C VC Data Model and DID Standards and Implementation Recommendations](https://www.linkedin.com/posts/aniljohn_cryptography-review-of-w3c-vc-and-w3c-did-ugcPost-6892250585652162560-OQ3Y) SRI International
* [Adding DID ION to MATTR VII](https://medium.com/mattr-global/adding-did-ion-to-mattr-vii-d56bdb7a2fde)
> Different types of DIDs can be registered and anchored using unique rules specific to the set of infrastructure where theyre stored. Since DIDs provide provenance for keys which are controlled by DID owners, the rules and systems that govern each kind of DID method have a significant impact on the trust and maintenance model for these identifiers.
## DID Core advances to recommendation
* [Objections overruled by W3C director approving the DIDCore specification as a W3C Recommendation](https://www.w3.org/2022/06/DIDRecommendationDecision.html) W3C
The DID core specification is approved to advance to W3C Recommendation.
In its next chartered period the Working Group should address and deliver proposed standard DID method(s) and demonstrate interoperable implementations.  The community and Member review of such proposed methods is the natural place to evaluate the questions raised by the objectors and other Member reviewers regarding decentralization, fitness for purpose, and sustainable resource utilization. -Ralph Swick, for Tim Berners-Lee
* [Decentralized Identifiers (DID) 1.0 specification approved as W3C Recommendation](https://blog.identity.foundation/w3cdidspec-2/) Identity Foundatoin
Announcing the [Decentralized Identifiers (DID) v1.0 specification](https://www.w3.org/TR/did-core/) as an open web standard signals that it is technically sound, mature, and ready for widespread adoption. Having an established v1.0 specification allows work to continue with renewed energy and focus, not only at the many groups meeting at DIF, but across the digital identity community.
* [Decentralized Identifiers: Implications for Your Data, Payments and Communications](https://newsletter.impervious.ai/decentralized-identifiers-implications-for-your-data-payments-and-communications-2/) Impervious
> Through the DID Specification, service endpoints and DIDComm, Impervious has interlaced DIDs with Bitcoin Lightning, IPFS, WebRTC and resilient relays to introduce a new peer-to-peer internet standard with practical applications for mitigating censorship and surveillance risk.
* [Verification Patterns, Part 2](https://docs.centre.io/blog/verification-patterns-2) Verite
Part 2 of this 2-part series explains the [did:pkh](https://github.com/w3c-ccg/did-pkh/blob/main/did-pkh-method-draft.md)/[CACAO](https://github.com/ChainAgnostic/CAIPs/blob/master/CAIPs/caip-74.md%23simple-summary) variation for Verite data models and flows, which provides an entry path for wallets that may not support sufficient functionality for emerging decentralized identity patterns
* [Cute Learning Thread](https://twitter.com/fennykyun/status/1564249472053514240) fennykyun
tldr :: DID is just an URI :: VC is a cryptographically verifiable credential using DID :: SSI is a self-sovereign and privacy-preserving identity :: Non-human (Machines, Bots, Goods, anything) also able to have DID, VC, and SSIs
* [Universal Resolver - resolve practically any DID](https://blog.identity.foundation/uni-resolver/) Identity Foundation
The Universal Resolver can now resolve 45 DID methods, and more are being added regularly. Visit [https://dev.uniresolver.io/](https://dev.uniresolver.io/) to see the full list of supported methods, and visit [this github page](https://github.com/decentralized-identity/universal-resolver/blob/main/docs/driver-development.md) to contribute a driver for a DID method.
* [Advancing digital identity through DID core specification](https://iohk.io/en/blog/posts/2022/09/08/advancing-digital-identity-through-did-core-specification/) IOHK
Good news to see Cardano jumping on the bandwagon, looks like they will join the fray and bring DID\VC to Atla Prism.
The recent DID core specification approval at the World Wide Web Consortium (W3C) provided clearer and stronger foundations for identity platforms building decentralized identifiers.
* [DIDs in DPKI](https://github.com/WebOfTrustInfo/rwot7/blob/master/topics-and-advance-readings/dids-in-dpki.md)
- [jolocom/ddoresolver-rs](https://github.com/jolocom/ddoresolver-rs) github
- [Rust implementation of the did:key method](https://crates.io/crates/did-key) creds to Tomislav Markovski.
* [Universal Resolver Driver Policy Discussion](https://iiw.idcommons.net/21P/_Universal_Resolver_Driver_Policy_Discussion) by Bernhard Fuchs, Markus Sabadello
> The project has some guidelines for contributing new DID method drivers:[https://github.com/decentralized-identity/universal-resolver/blob/master/docs/driver-development.md](https://github.com/decentralized-identity/universal-resolver/blob/master/docs/driver-development.md)
- [DID test suite](https://github.com/w3c/did-test-suite) GitHub
> DID test suite is not for runtime, but the Universal Resolver could do a few simple checks on a driver's responses. But there's also a philosophical question: Should the Universal Resolver be "allowed" to check and potentially transform driver responses, or should it just "pass through" everything that comes from a driver?
* [did:orb slides Troy Ronda (SecureKey)](https://lists.w3.org/Archives/Public/public-credentials/2021Mar/0017.html)
> - Decouple witness ledgers from the critical path.
> - Allow for Trust but Verify model.
> - Leverage the Certificate Transparency model
> - Witnesses observe VDR objects and promise to include in their ledgers.
> - Provide a signed timestamp and a maximum merge delay.
> - Enable monitoring to ensure witnesses follow their promises.
> - Use trusted Witness (and origin) timings to resolve late publishing.
> - Use origin to enable observers to know if they have the latest operations.
* [re: Defining load balanced, failover clusters for DID Document serviceEndpoints?](https://lists.w3.org/Archives/Public/public-credentials/2022Jan/0056.html) (Monday, 10 January)
#didlang 0.3 includes support for round-robin, load-balanced DID Agent serviceEndpoint clusters. [Here's a demo](https://youtu.be/mf0aKLvJoCw)
* [W3C Decentralized Identifiers v1.0 is a W3C Proposed Recommendation](https://lists.w3.org/Archives/Public/public-credentials/2021Aug/0030.html)  Manu Sporny (Tuesday, 3 August)
* [W3C Decentralized Identifiers v1.0 is a W3C Proposed Recommendation](https://www.w3.org/blog/news/archives/9179):
* [The published version that will be voted on by W3C Members can be found here](https://www.w3.org/TR/2021/PR-did-core-20210803/):
This is the final step of the W3C global standardization process.
If you are a W3C Member, you can now vote to approve it as a global standard here:
* [DID 1.0 Comments / Meeting Minutes (was RE: Mozilla Formally Objects to DID Core)](https://lists.w3.org/Archives/Public/public-credentials/2021Sep/0135.html)  John, Anil (Monday, 27 September)
* [https://www.w3.org/2021/09/21-did10-minutes.html](https://www.w3.org/2021/09/21-did10-minutes.html) is fascinating reading!
* [...] I can speak to the work of the DHS SVIP Program and our approach and perspective across our two  work-streams that touch upon the two points.
1.  Governments “lobbying” for single DID method and Non-Interoperability
*   “tantek: concerned to hear that there are governments looking to adopt, with only single implementation methods and non interop, sounds like lobbying may have occurred, … advocating for single-implementation solutions that are centralized wolves in decentralized clothing”
*  <cwilso> +1 to tantek's concern that governments are responding to lobbying attempts on non-interoperable methods”
* [Mozilla Formally Objects to DID Core](https://lists.w3.org/Archives/Public/public-credentials/2021Sep/0010.html)  Drummond Reed (Thursday, 1 September)
Now, here's the REAL irony. Mozilla and others are pointing to the URI spec and existing URI schemes as the precedent without recognizing that in [in section 9.11 of the DID spec](https://www.w3.org/TR/did-core/%23dids-as-enhanced-urns), we specifically compare the DID spec to the *URN spec*, [RFC 8141](https://datatracker.ietf.org/doc/html/rfc8141). In fact we deliberately patterned the [ABNF for DIDs](https://www.w3.org/TR/did-core/%23did-syntax)  after the ABNF for URNs—and patterned DID method names after URN namespaces. And we set up a registry for the exactly the same way RFC 8141 establishes a [registry of URN namespaces](https://www.iana.org/assignments/urn-namespaces/urn-namespaces.xhtml).
Now: guess how many URN namespaces have been registered with IANA?
- [SEVENTY*. Count em.](https://www.iana.org/assignments/urn-namespaces/urn-namespaces.xhtml)
I don't see anyone complaining about interoperability of URN namespaces. Amd RFC 8141 was published over four years ago.
* [Some questions regarding DID verification relationships](https://lists.w3.org/Archives/Public/public-credentials/2021Dec/0009.html) Dmitri Zagidulin (Thursday, 2 December)
The motivation for verification relationships in the DID spec stems from the general security recommendation of "use separate keys for separate purposes".
You can see this at work in other specifications, such as JWKS (JSON Wek Key Set), specifically in the 'use' (Public Key Use) parameters, from [https://datatracker.ietf.org/doc/html/rfc7517#section-4.2](https://datatracker.ietf.org/doc/html/rfc7517%23section-4.2)
* [DID press release and UNECE white paper](https://lists.w3.org/Archives/Public/public-credentials/2022Jul/0087.html)  steve capell (Wednesday, 20 July)
great to see that press release at [https://www.w3.org/2022/07/pressrelease-did-rec.html.en](https://www.w3.org/2022/07/pressrelease-did-rec.html.en)
There's a testimonial from UNECE near the bottom.  I thought the community might be interested in the white paper from UNECE on VCs and DIDs for cross border trade - [https://unece.org/trade/uncefact/guidance-material](https://unece.org/trade/uncefact/guidance-material)
* [DID Press Release Testimonials](https://lists.w3.org/Archives/Public/public-credentials/2022Jul/0022.html)  Zundel, Brent (Friday, 8 July)
This message is to inform the DID WG and CCG that the W3C intends to write a press release.
To that end, we are seeking testimonials about Decentralized Identifiers.
For an example of the sort of thing we're looking for, please see: [https://www.w3.org/2019/03/pressrelease-webauthn-rec.html](https://www.w3.org/2019/03/pressrelease-webauthn-rec.html)
The testimonials may be submitted as a reply to this email.
DID Methods
* [Announcement: New DID Method Specification: did:object](https://lists.w3.org/Archives/Public/public-credentials/2021Dec/0067.html) (Tuesday, 14 December)
The publication of [this DID Method specification](https://github.com/mwherman2000/TrustedDigitalWeb/blob/master/specifications/did-methods/did-object.md) realizes, in large part, a 4-year quest (or should I say personal mission) to create a platform to Tokenize Every Little Thing (ELT).
* [Re: CCG Community opinions needed to define CCG scope (specifically re: did methods as work items)](https://lists.w3.org/Archives/Public/public-credentials/2021Aug/0376.html)  Manu Sporny (Thursday, 26 August)
On 8/26/21 12:37 PM, Heather Vescent wrote:
> 1. What are the *pros* of including did methods as work items in the CCG?
Community vetting and approval of particular DID Methods.
Basically, broader and deeper review of DID Methods that we expect to be of
great use to the world. I expect there will be DID Methods that the community
wants to eventually propose as DID Methods for standardization (did:key and
did:web feel like two ones where we could get consensus on doing so).
* [DID methods as W3C standards - a happy compromise?](https://lists.w3.org/Archives/Public/public-credentials/2022Feb/0117.html)  steve capell (Tuesday, 22 February)
can't we pick just a small number of un-controversial methods to standardise?  even if it's just did:key and did:web to start with.
* [Cross border identity use case - which did methods?](https://lists.w3.org/Archives/Public/public-credentials/2022Mar/0016.html)  steve capell (Sunday, 6 March)
The broader generalisation of this question is : "for trust anchors like governments that issue VCs to their constituents, what rules should govern which did:methods they should accept as the *subject* identifier for the VCs they issue?"  Are those rules context specific?
I'm not sure of the answer - but it's why did:ion was on my list - as an allowed *subject* of a government issued vc - and as the issuer of trade documents.  should I take it off my list pending a bit more maturity (eg that azure service goes out of beta into full production)?  or is it safe enough for this use case?  if so what others would also be "safe enough"?
![https://www.notion.soimages/image2.png](https://www.notion.soimages/image2.png)
DID:TAG[re: Using Email as an Identifier](https://lists.w3.org/Archives/Public/public-credentials/2021Nov/0065.html)  Bob Wyman (Friday, 12 November)
My [did:tag](https://github.com/bobwyman/did_method_tag) proposal is, I believe, the only proposed DID Method that addresses the use of email addresses and email as a resolution method
There are quite a number of issues with using email addresses as identifiers, or parts of identifiers, and I'm hoping that discussion and development of the did:tag method will illuminate those issues and potentially find solutions for them.
DID:WEB
* [re: some thought after using did:web](https://lists.w3.org/Archives/Public/public-credentials/2022Jan/0031.html)  Orie Steele (Wednesday, 5 January)
We have had the same issue... per the did core spec, there are really 2 main key types, in our crypto libraries for the key pair classes themselves, we do our best to support both and handle translation for you:
* [https://github.com/transmute-industries/verifiable-data/blob/main/packages/ed25519-key-pair/src/Ed25519KeyPair.ts#L78](https://github.com/transmute-industries/verifiable-data/blob/main/packages/ed25519-key-pair/src/Ed25519KeyPair.ts%23L78)
* [https://github.com/transmute-industries/verifiable-data/blob/main/packages/ed25519-key-pair/src/types/Ed25519VerificationKey2018.ts](https://github.com/transmute-industries/verifiable-data/blob/main/packages/ed25519-key-pair/src/types/Ed25519VerificationKey2018.ts)
* [https://github.com/transmute-industries/verifiable-data/blob/main/packages/ed25519-key-pair/src/types/Ed25519VerificationKey2020.ts](https://github.com/transmute-industries/verifiable-data/blob/main/packages/ed25519-key-pair/src/types/Ed25519VerificationKey2020.ts)
* [https://github.com/transmute-industries/verifiable-data/blob/main/packages/ed25519-key-pair/src/types/JsonWebKey2020.ts](https://github.com/transmute-industries/verifiable-data/blob/main/packages/ed25519-key-pair/src/types/JsonWebKey2020.ts)
* [DID Web, OpenSSL and Certificate Authorities](https://lists.w3.org/Archives/Public/public-credentials/2022Feb/0078.html)  Orie Steele (Thursday, 17 February)
We then generate a DID Web DID Document from the public keys for the 3 children, and encode the ca chain from them back to the root using `x5c`.
We then issue a JWT from the private key for 1 of them.
We then verify the JWT signature using the public key.
We then check the x5c using open seel to confirm the certificate chain.
My questions are:
1. Is it possible to use JOSE to automate this further?
2. Is there a better way of accomplishing this?
3. Should the CA chain be pushed into the JWT?
DID:JWK
* [did:jwk is reborn!](https://lists.w3.org/Archives/Public/public-credentials/2022Apr/0066.html)  Orie Steele (Friday, 8 April)
* [https://github.com/w3c/did-spec-registries/pull/432](https://github.com/w3c/did-spec-registries/pull/432)
DID:KEY
* [did-key-creator published](https://lists.w3.org/Archives/Public/public-credentials/2022Jun/0061.html)  Brent Shambaugh (Tuesday, 28 June)
I published a did:key creator at
* [https://www.npmjs.com/package/did-key-creator](https://www.npmjs.com/package/did-key-creator)
This has been tested to create did:keys from the P-256,P-384, and P-521 curves specified in [https://github.com/w3c-ccg/did-method-key](https://github.com/w3c-ccg/did-method-key) and [https://w3c-ccg.github.io/did-method-key/](https://w3c-ccg.github.io/did-method-key/) .
* [did:key DID Document generation algorithm feedback](https://lists.w3.org/Archives/Public/public-credentials/2022Jun/0016.html)  Manu Sporny (Tuesday, 14 June)
The DID Document generation algorithm for did:key is being refined to the
point that we can finish off a first pass of a did:key test suite.
* [...] [https://github.com/w3c-ccg/did-method-key/pull/51](https://github.com/w3c-ccg/did-method-key/pull/51)

4
_posts/identosphere-dump/open-standards/exchange-protocol/oidc.md
View File

@ -257,3 +257,7 @@ Options we consider:
- [https://w3c-ccg.github.io/vp-request-spec/#format](https://w3c-ccg.github.io/vp-request-spec/%23format)
- [https://specs.bloom.co/wallet-and-credential-interactions/](https://specs.bloom.co/wallet-and-credential-interactions/)
- [https://github.com/w3c-ccg/universal-wallet-interop-spec/issues/84](https://github.com/w3c-ccg/universal-wallet-interop-spec/issues/84)
* [Using OpenID4VC for Credential Exchange; Technometria - Issue #62](http://news.windley.com/issues/using-openid4vc-for-credential-exchange-technometria-issue-62-1374264?via%3Dtwitter-card%26client%3DDesktopWeb%26element%3Dissue-card)
Extending OAuth and OIDC to support the issuance and presentation of verifiable credentials provides for richer interactions than merely supporting authentication. All the use cases weve identified for verifiable credentials are available in OpenID4VC as well.

23
_posts/identosphere-dump/open-standards/id-not-ssi.md
View File

@ -7,15 +7,6 @@ published: false
## Explainer
### Identity not SSI
* [FIDO: Everything You Need to Know About Fast Identity Online](https://www.pingidentity.com/en/company/blog/posts/2021/fast-identity-online-fido.html)
* [Directory of Products That Assess Identification Documents and Verify Identity Version 2.0](https://diacc.ca/2021/05/03/directory-of-products-that-assess-identification-documents-and-verify-identity-version-2-0/)
This [Directory](https://diacc.ca/2020/05/21/directory-products-assess-identification-documents-verify-identity/) is designed to provide an overview of providers solutions which use government issued photo identification cards, combined with biometric facial scans, to establish Digital Identity.
Built on standards: OAuth 2.0 and JWT
See the presentation at [https://self-issued.info/?p=2167](https://self-issued.info/?p%3D2167).
@ -83,9 +74,9 @@ As a part of the pilot, you will add your MyAlberta Digital ID as a verifiable c
Magic Login Form represents a new onboarding experience for end-users, so we wanted to revamp our own onboarding experience for developers to match. Learning about auth can quickly derail any developers good day. Striking the balance between good UX and good security can just boggle the mind.
* [Use Fido2 Passwords Authentication with Azure AD](https://damienbod.com/2022/01/17/use-fido2-passwordless-authentication-with-azure-ad/) Damion Bod
This article shows how to implement FIDO2 passwordless authentication with Azure AD for users in an Azure tenant.
* [What is Knowledge-based Authentication (KBA)?](https://www.pingidentity.com/en/company/blog/posts/2022/what-is-knowledge-based-authentication-kba.html) Ping Identity
@ -99,9 +90,6 @@ This is a story of a politician who cried “hacker” after a reporter informed
The paper documents the international movement towards Open Banking, Open Finance, and secure, consent driven access to all user data. It describes the OpenID Foundation and in particular the Financial-Grade API (FAPI) Working Groups experience with Open Banking ecosystems internationally.
* [Charting an Accelerated Path Forward for Passwordless Authentication Adoption](https://fidoalliance.org/charting-an-accelerated-path-forward-for-passwordless-authentication-adoption/) FIDO
* [The paper introduces](https://media.fidoalliance.org/wp-content/uploads/2022/03/How-FIDO-Addresses-a-Full-Range-of-Use-CasesFINAL.pdf) multi-device FIDO credentials, also informally referred to by the industry as “passkeys,” which enable users to have their FIDO login credentials readily available across all of the users devices.
* [Open Badges is now on the plateau of productivity](https://dougbelshaw.com/blog/2022/03/18/open-badges-fers/) Doug Belshaw
@ -116,9 +104,6 @@ Our [understanding](https://twitter.com/toddmckinnon/status/1506184721922859010)
The OpenID Foundation is pleased to share its new whitepaper, “[Open Banking, Open Data and Financial-Grade APIs](https://openid.net/wordpress-content/uploads/2022/03/OIDF-Whitepaper_Open-Banking-Open-Data-and-Financial-Grade-APIs_2022-03-16.pdf)”. The paper documents the international movement towards Open Banking, Open Finance, and secure, consent driven access to all user data. It describes the OpenID Foundation and in particular the Financial-Grade API (FAPI) Working Groups experience with Open Banking ecosystems internationally.
* [FIDO passkeys are an existential threat to fintech startups](https://werd.io/2022/fido-passkeys-are-an-existential-threat-to-fintech-startups)
by definition, screen scraping requires storing a users financial system passwords in clear text. Nonetheless, you can bet that every system that integrates with payroll systems, and almost every system that integrates with banks (at a minimum), uses the technique. The US has badly needed [open banking style standards](https://standards.openbanking.org.uk/api-specifications/) for years.
Disasters in the World of Data
@ -166,9 +151,6 @@ From our past work in this area, we have seen that slow and steady wins the race
Maintaining an online community is a lot of work, in both the short term and the long term. It requires setting aside time, human resources and tech infrastructure to keep things running smoothly. Here are some questions and ideas that can help you assess what it may take to maintain the online community youre trying to build:
* [What is FIDO? Infographic](https://www.scmagazine.com/resource/identity-and-access/what-is-fido)
- [How passkeys pave the way for passwordless authentication](https://www.scmagazine.com/resource/identity-and-access/how-passkeys-pave-the-way-for-passwordless-authentication)
- [InfoCert has been recognized Representative Vendor in Gartners Market Guide for Electronic Signature 2022](https://infocert.digital/infocert-has-been-recognized-representative-vendor-in-gartners-market-guide-for-electronic-signature-2022/)
- [GBG: The State of Digital Identity 2022](https://www.gbgplc.com/media/heqgqhur/gbg-state-of-digital-identity-2022.pdf)
- Security and satisfaction: Gaining from The Great Switch
@ -187,7 +169,6 @@ Bad News
* [LastPass Reports a Breach: Identity News Digest](https://findbiometrics.com/lastpass-reports-a-breach-identity-news-digest-508262/)
* [Fido Passkey](https://www.pingidentity.com/en/resources/blog/post/how-fido-passkeys-accelerate-passwordless-future.html)
* [Security pros say the cloud has increased the number of identities at their organizations](https://www.scmagazine.com/analysis/cloud-security/security-pros-say-the-cloud-has-increased-the-number-of-identities-at-their-organizations)

55
_posts/identosphere-dump/open-standards/not-ssi/README.md
View File

@ -38,6 +38,23 @@ This years FIDO Developer Challenge reached a successful conclusion, with a c
W3C Web Authentication (FIDO2) provides a mechanism for strong authentication whilst W3C Verifiable Credentials provide a mechanism for strong identification and authorisation. Together they make an unbeatable pair for identity management.
Prof. David Chadwick presented work on sharing W3C Verifiable Crendentials via FIDO2 key setup with issuers of credentials.  In a nutshell, the holder and issuer use the WebAuthN protocol to strongly authenticate before the issuer protects the credentials with its signature.  Upon providing credentials to a relying party, the issuer (acting in an IDP capacity, so they must be online) will verify the identity of the holder via FIDO2 WebAuthN so that the credentials (or selected claims in the credentials for selective disclosure) can be shared with the relying party.  Ephemeral keys are created to bind the holder with such credentials shared to the relying party/verifier.  The relying party/verifier can use X.509 certs to confirm that the issuer is valid by checking the signature on the derived credential from the holder.
* [Fido Passkey](https://www.pingidentity.com/en/resources/blog/post/how-fido-passkeys-accelerate-passwordless-future.html)
* * [What is FIDO? Infographic](https://www.scmagazine.com/resource/identity-and-access/what-is-fido)
- [How passkeys pave the way for passwordless authentication](https://www.scmagazine.com/resource/identity-and-access/how-passkeys-pave-the-way-for-passwordless-authentication)
* [FIDO: Everything You Need to Know About Fast Identity Online](https://www.pingidentity.com/en/company/blog/posts/2021/fast-identity-online-fido.html)
* [Use Fido2 Passwords Authentication with Azure AD](https://damienbod.com/2022/01/17/use-fido2-passwordless-authentication-with-azure-ad/) Damion Bod
This article shows how to implement FIDO2 passwordless authentication with Azure AD for users in an Azure tenant.
* [Charting an Accelerated Path Forward for Passwordless Authentication Adoption](https://fidoalliance.org/charting-an-accelerated-path-forward-for-passwordless-authentication-adoption/) FIDO
* [The paper introduces](https://media.fidoalliance.org/wp-content/uploads/2022/03/How-FIDO-Addresses-a-Full-Range-of-Use-CasesFINAL.pdf) multi-device FIDO credentials, also informally referred to by the industry as “passkeys,” which enable users to have their FIDO login credentials readily available across all of the users devices.
* [FIDO passkeys are an existential threat to fintech startups](https://werd.io/2022/fido-passkeys-are-an-existential-threat-to-fintech-startups)
by definition, screen scraping requires storing a users financial system passwords in clear text. Nonetheless, you can bet that every system that integrates with payroll systems, and almost every system that integrates with banks (at a minimum), uses the technique. The US has badly needed [open banking style standards](https://standards.openbanking.org.uk/api-specifications/) for years.
* [FIDO Alliance Supports Biden Administration EO on Cybersecurity](https://fidoalliance.org/fido-alliance-supports-biden-administration-eo-on-cybersecurity/)
There have been a number of high profile attacks against critical American infrastructure in recent months, including the Solarwinds supply chain attack that exposed much of the government to potential risk. Top of mind in recent days is the ransomware attack against Colonial Pipeline, which significantly impacted the flow of refined oil across America. These attacks expose the vulnerability of critical infrastructure in the United States, and the Biden Administration is issuing federal directives that will minimize or eliminate risk.
## OAuth
@ -49,3 +66,41 @@ Prof. David Chadwick presented work on sharing W3C Verifiable Crendentials via F
## KMIP
## Secure QR Code
## RDF
## RDF
* [Technical Report on the Universal RDF Dataset Normalization Algorithm](https://lists.w3.org/Archives/Public/public-credentials/2021Apr/att-0032/Mirabolic_Graph_Iso_Report_2020_10_19.pdf) - [Bill Bradley](https://lists.w3.org/Archives/Public/public-credentials/2021Apr/0032.html)
> The goal of this technical report is to review the Universal RDF Dataset Normalization Algorithm (URDNA2015) for correctness and to provide satisfactory evidence that possible issues with URDNA2015 have been considered and dismissed. We do not lay out the algorithm in its considerable technical detail here, but refer the reader to the proposed technical specification 1 [Longley], a set of proofs by Rachel Arnold and Dave Longely [Arnold], and a reference implementation in Python [DigitalBazaar]
* [Importing Verifiable Data as Labeled Property Graphs](https://lists.w3.org/Archives/Public/public-credentials/2022Jun/0022.html)  Orie Steele (Wednesday, 15 June)
I think what happens is that a first blank node is created for the proof, and since that node has `@container` `@graph`, instead of being able to trace the relationships directly from credential to proof to verification method...
Each proof is being treated as a disjoint subgraph, and the relationship is not being preserved during import… [...]
I suspect this is solvable with a more complicated graph config: [https://neo4j.com/labs/neosemantics/4.0/config/](https://neo4j.com/labs/neosemantics/4.0/config/)
But I wonder if we might correct this behavior in VC Data Model 2.0, such that RDF representations don't have this odd behavior when imported as labeled property graphs. [...]
answer on the github issue for the standard, I raised it here: [](https://github.com/w3c/vc-data-model/issues/881)[https://github.com/w3c/vc-data-model/issues/881](https://github.com/w3c/vc-data-model/issues/881)
* [Proposed W3C Charter: RDF Dataset Canonicalization and Hash Working Group](https://lists.w3.org/Archives/Public/public-credentials/2022May/0033.html)  Manu Sporny (Tuesday, 17 May)
The goal of this group is to standardize the way many of us digitally sign Verifiable Credentials. This working group has been about decade in the making (some would say two decades) and is important for achieving things like BBS+ selective disclosure as well as standardizing the way we format Verifiable Credentials before they are digitally signed.
The [announcement](https://lists.w3.org/Archives/Public/public-new-work/2022May/0005.html) is here
The [proposed charter](https://www.w3.org/2022/05/04-proposed-rch-wg-charter/) is here
* [URDNA2015 Implementation Question](https://lists.w3.org/Archives/Public/public-credentials/2022Jul/0017.html)  Daniel Petranek (Thursday, 7 July)
I've instrumented the rdf-canonicalize library so I can inspect the order of execution, and it appears that what differs between my implementation and the Javascript one is the order of the permutations. The spec doesn't say how the permutations should be ordered, and my intuition is that the order does indeed matter - though I'm happy to be corrected if I'm wrong.
So, here is my question(s):
- Does the order of the permutations matter?
- If so, what order should they be in?

375
_posts/identosphere-dump/open-standards/standards.md
View File

@ -161,16 +161,6 @@ The [W3C WebAuthn](https://www.w3.org/blog/webauthn/) and [FIDO2](https://fidoal
SDTT is a tool from Google which began life as the [Rich Snippets Testing Tool](https://developers.google.com/search/blog/2010/09/rich-snippets-testing-tool-improvements) back in 2010. Last year Google [announced plans](https://developers.google.com/search/blog/2020/07/rich-results-test-out-of-beta) to migrate from SDTT to successor tooling, the [Rich Results Test](https://search.google.com/test/rich-results), alongside plans to "deprecate the Structured Data Testing Tool". The newer Google tooling is focused on helping publishers who are targeting specific schema.org-powered [searc](https://developers.google.com/search/docs/guides/search-gallery)[h features](https://www.blogger.com/) offered by Google, and for these purposes is a huge improvement as it contextualizes many warnings and errors to a specific target application.
## Standards
* [Do I Need a Verifiable Credential?](https://community.rsa.com/t5/rsa-labs-blog/do-i-need-a-verifiable-credential/ba-p/610241)
* [What is a DID? Part 1](https://www.youtube.com/watch?v%3DOYYtxVEra1c) XSL Labs
* [Quest-ce quun DID? Partie 1](https://www.youtube.com/watch?v%3DVNLKufTDM4o) XSL Labs
* [Verifiable Claim Protocol](https://github.com/ontio/ontology-DID/blob/master/docs/en/claim_spec.md) Ontology
This isnt new, but its new to us, and thought our readers might appreciate it, in case you have also wondered about the nuts and bolts behind OntID
* [Open Badges as Verifiable Credentials](https://kayaelle.medium.com/in-the-w3c-vc-edu-call-on-june7-2021-we-discussed-open-badges-asserted-as-w3c-verifiable-90391cb9a7b7)
In the [W3C VC-EDU](https://w3c-ccg.github.io/vc-ed/) call on June 7, 2021 we discussed [Open Badges](https://openbadges.org/) asserted as [W3C Verifiable Credentials](https://www.w3.org/TR/vc-data-model/) (VCs). This call began the public discussion of Open Badges as Native VCs (potentially as Open Badges 3.0) to inform the IMS Open Badges Working Group. Why are we discussing this? Why does it matter? How will it work?
* [ToIP Primer](https://trustoverip.org/wp-content/uploads/sites/98/2020/05/toip_050520_primer.pdf)
@ -200,13 +190,7 @@ Strongly-typed Code to Generate Bobs UDID Document
* [Schema.org is ten!](http://blog.schema.org/2021/06/schemaorg-is-ten.html)
Schema.org was founded on the idea of making it easier and simpler for the ordinary, everyday sites that make up the web to use machine-readable data, and for that data to enable an ecosystem of applications used by millions of people. While it's hard to predict exactly what the next decade will bring, if we can all keep these founding concerns in mind as we improve, refine and curate our growing collection of schemas, we'll be doing our part to continue improving the web.
* [DIF Grant #1: JWS Test Suite](https://blog.identity.foundation/dif-grant-1-jws-test-suite/)
DIF announces its first community microgrant, sponsored by Microsoft and rewarding the timely creation of a comprehensive test suite for detached-JWS signatures on Verifiable Credentials
* [How a combination of Federated identity and Verifiable Credentials can help with Customer onboarding](https://pranavkirtani.medium.com/how-a-combination-of-federated-identity-and-verifiable-credentials-can-help-with-customer-7e6518feb018) Pranav Kirtani
Before we dive into how Federated systems like OIDC and SAML along with Verifiable Credentials (VC) can help improve customer onboarding to your application, let us first understand what are the current methods being used for onboarding.
* [Reflections from Identiverse: Identity Security Threats & Trends](https://www.secureauth.com/blog/reflections-from-identiverse-identity-security-threats-and-trends/) SecureAuth
talks like [“Simplify Your Least-Privilege Journey with Access Analysis”](https://identiverse.com/idv2021/session/SESCI5F77RW8COIGZ/) and [“Managing and governing workload identities”](https://identiverse.com/idv2021/session/SESTZ5WNB1OMKD9EV/) definitively provide greater insight. [...] UberEther showed in [“User Behavior Analytics: Marrying Identity and the SOC Like Peanut Butter and Jelly”](https://pheedloop.com/identiverse2021/virtual/?page%3Dsessions%26section%3DSESKWZML7NBJX42P3) how UBA (User Behavior Analytics) and UEBA (User Events Behavior Analysis) deliver additional value to help avoid threats in real-time and provide visibility to analysts.
@ -216,9 +200,6 @@ talks like [“Simplify Your Least-Privilege Journey with Access Analysis”](h
our latest series examining the evolution of digital identity, and how self-sovereign identity, specifically, can advance a consent-based economy.
* [DIF Grant #1: JWS Test Suite](https://medium.com/decentralized-identity/dif-grant-1-jws-test-suite-a26cc4a95540)
The Claims and Credentials Working Group will be overseeing a new work item open to all DIF members that creates and harden a JWS test suite, with this grant funding a lead editor to drive the work and keep it to a pre-determined timeline, paid upon stable and complete release.
* [Shared Signals: An Open Standard for Webhooks](https://openid.net/2021/08/24/shared-signals-an-open-standard-for-webhooks/) OpenID
@ -245,9 +226,6 @@ Since February he has also been the informal chair of the [Hospitality and Trav
Already used throughout web3, this is an effort to standardize the method with best practices and to make it easier for web2 services to adopt it.
* [Decentralized Identity: Why Are DIDs The Future of Digital Identity Management?](https://elastos.info/decentralized-identity-dids/)
Why would you have 75 logins when you could have 1?
* [WAYF certificeret efter ISO 27001](https://www.wayf.dk/en/node/317)
@ -274,9 +252,7 @@ Ive defined an Authentication Method Reference (AMR) value called “pop” t
If you are a developer and want to write a DApp [...] you probably are using API-Keys in your front-end. If this is the case, then you should consider the security risk the publication of the API-Key in your front end represents and ask yourself if it would make sense to switch to a user authentication scheme.
* [A DIF & TOIP Joint Statement of Support for the Decentralized Identifiers (DIDS) V1.0 Specification Becoming A W3C Specification](https://trustoverip.org/blog/2021/10/29/a-dif-toip-joint-statement-of-support-for-the-decentralized-identifiers-dids-v1-0-specification-becoming-a-w3c-standard/).
DIDs are a critical part of a technical foundation for the products and activities of many of our members. Many of the implementations in the [DID Working Groups implementation report](https://w3c.github.io/did-test-suite/%23report-by-methods) were developed by engineers and companies who collaborate openly at DIF on points of technical interoperability, and at ToIP on points of policy and governance.
* [Keep Badges Weird…](https://blog.weareopen.coop/keep-badges-weird-e26a1b055ff5) at the Badge Summit
@ -290,19 +266,12 @@ Considering that the group has accomplished these goals, there is currently no m
In a sense, this recommendation is a kind of abbreviation of the key things that our specifications test for. And youll be able to see that soon as the Me2B Safe Website Specification for Respectful Technology is currently in the membership review stage of the approval process.
* [Indicios support for the W3C DID Specification and its path to standardization](https://indicio.tech/indicios-support-for-the-w3c-did-specification-and-its-path-to-standardization/)
The position of Indicio is that the DID Specification is of signal importance to creating a better digital world. We recognize that, as with any specification, improvements can and will be made in the future; but we back its recommendations and its approval.
* [Discover Open Badges 3.0!](https://app.participate.com/communities/keep-badges-weird/62003f3f-a7ba-4f6a-990a-64d6f893016d/announcements/0bc15852-0f91-48c8-a7ca-478b246b553c) Keep Badges Weird
1. Check out the (accepted) [Open Badges 3.0 proposal](https://github.com/IMSGlobal/openbadges-specification/files/6977048/Proposal-Open-Badges-3.0-update-08-11-2021.pdf)
2. [Watch a video](https://www.youtube.com/watch?v%3DQDGPwR1F3FY%26t%3D1357s) from the ePIC conference giving an overview of what Open Badges 3.0 will enable (or view the [slide deck](https://docs.google.com/presentation/d/1NEJoQaI9b6KC1EFDDhR3MGybGVoa0R3bQh0xuKtUKkY)
3. Discuss what this means for you, your organisation, or your community in [this thread](https://app.participate.com/discussions/open-badges-3-0/68917656-db8f-4932-88fd-153fdb54e285)
* [Link your domain to your Decentralized Identifier (DID) (preview)](https://docs.microsoft.com/en-us/azure/active-directory/verifiable-credentials/how-to-dnsbind)
We make a link between a domain and a DID by implementing an open standard written by the Decentralized Identity Foundation called [Well-Known DID configuration](https://identity.foundation/.well-known/resources/did-configuration/). The verifiable credentials service in Azure Active Directory (Azure AD) helps your organization make the link between the DID and domain by including the domain information that you provided in your DID, and generating the well-known config file:
* [Reflecting on the Evolving Badges and Credentials Ecosystem](https://blog.weareopen.coop/reflecting-on-the-evolving-badges-and-credentials-ecosystem-6efac4d673d3)
@ -334,23 +303,6 @@ What already exists, more recently: [fine-grained permissions 1](https://blog.oc
1. Marketplace-level fine-grained permissions for browsing, publishing, etc within a marketplace frontend
2. Asset-level fine-grained permissions on consuming the asset itself
* [ENS names are Decentralized Identifiers (DIDs)](https://medium.com/uport/ens-names-are-decentralized-identifiers-dids-724f0c317e4b) uPort
- did:ens:mainnet:vitalik.eth
This has two purposes:
1. to wrap existing ENS names as DIDs to facilitate interoperability of emerging technologies in the Decentralized Identity and Ethereum community,
2. to define a canonical way to augment ENS names with DID capabilities (e.g., encryption) as mentioned above.
* [Community Resources - DID Primer](https://w3c-ccg.github.io/did-primer/) Credentials Community Group
At a superficial level, a decentralized identifier (DID) is simply a new type of globally unique identifier. But at a deeper level, DIDs are the core component of an entirely new layer of decentralized digital identity and public key infrastructure (PKI) for the Internet. This [decentralized public key infrastructure](https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust/blob/master/final-documents/dpki.pdf) (DPKI) could have as much impact on global cybersecurity and cyberprivacy as the development of the [SSL/TLS protocol](https://en.wikipedia.org/wiki/Transport_Layer_Security) for encrypted Web traffic (now the largest PKI in the world).
* [Cryptography Review of W3C VC Data Model and DID Standards and Implementation Recommendations](https://www.linkedin.com/posts/aniljohn_cryptography-review-of-w3c-vc-and-w3c-did-ugcPost-6892250585652162560-OQ3Y) SRI International
* [Vote for First Implementers Drafts of OIDConnect SIOPV2 and OIDC4VP Specifications](https://openid.net/2022/01/18/notice-of-vote-for-first-implementers-drafts-of-openid-connect-siopv2-and-oidc4vp-specifications/) OpenID
@ -364,15 +316,6 @@ Summary: The hype over NFTs and collectibles is blinding us to their true useful
- [Nat has a presentation](https://nat.sakimura.org/2021/09/14/announcing-gain/)
- There is a [linked in Group](https://www.linkedin.com/groups/12559000/)
* [Adding DID ION to MATTR VII](https://medium.com/mattr-global/adding-did-ion-to-mattr-vii-d56bdb7a2fde)
Different types of DIDs can be registered and anchored using unique rules specific to the set of infrastructure where theyre stored. Since DIDs provide provenance for keys which are controlled by DID owners, the rules and systems that govern each kind of DID method have a significant impact on the trust and maintenance model for these identifiers.
* [Open standards should be developed openly](https://blog.weareopen.coop/open-standards-should-be-developed-openly-1f0cf552308d)
Open standards should be developed openly because not enough people work to ensure that equity is central to innovation and development. We believe that openness is an attitude, and one which bears fruit over time from which everyone can benefit.
@ -381,13 +324,9 @@ Open standards should be developed openly because not enough people work to ensu
This is the Use Case Implementation Workstream of the [COVID Credentials Initiative (CCI)](https://www.covidcreds.com/). This workstream identifies privacy-preserving verifiable credentials (VCs) that are most useful to the COVID-19 response and provides a forum and platform for those who are implementing COVID VCs to present their projects/solutions.
* [@csuwildcat](https://twitter.com/csuwildcat) shares
> As of Friday, we believe v1 of ION is functionally code complete, and the Sidetree Working Group at DIF (@DecentralizedID) should have a v1 spec candidate ready for the underlying protocol by Jan 21st. Public v1 launch of the ION network on Bitcoin mainnet is just weeks away.
* [What Is ISO 27018:2019? Everything Executives Need to Know](https://auth0.com/blog/what-is-iso-27018-2019-everything-executives-need-to-know/)
> ISO 27018 is part of the ISO 27000 family of standards, which define best practices for information security management. ISO 27018 adds new guidelines, enhancements, and security controls to the ISO/IEC 27001 and ISO/IEC 27002 standards, which help cloud service providers better manage the data security risks unique to PII in cloud computing.
@ -486,11 +425,6 @@ This past November, the GBBC released [The Global Standards Mapping Initiative 2
The arrow for “Issue Credentials” is exactly the same as “Send Presentation,” leading us to believe these activities are similar, but how are they similar? We cant adequately answer these questions by looking at the above picture and the specification doesnt provide a ton of help either…
WG Meeting of the week
* [OpenID for Verifiable Credentials](https://openid.net/2022/05/12/openid-for-verifiable-credentials-whitepaper/) OpenID ([Whitepaper](https://openid.net/wordpress-content/uploads/2022/05/OIDF-Whitepaper_OpenID-for-Verifiable-Credentials_FINAL_2022-05-12.pdf)
to inform and educate the readers about the work on the OpenID for Verifiable Credentials (OpenID4VC) specifications family. It addresses use-cases referred to as Self-Sovereign Identity, Decentralized Identity, or User-Centric Identity.
* [What is Open Recognition, anyway?](https://blog.weareopen.coop/what-is-open-recognition-anyway-9f38ec1f8629) Going beyond credentialing and the formal/informal divide
Badges as credentials includes approaches that are well understood and largely replace or augment existing certification practices. Badges for recognition, however, include approaches that remain somewhat confusing to many people.
@ -507,17 +441,11 @@ Today were releasing [ADX, the “Authenticated Data Experiment”](https://g
## DID Core advances to recommendation
* [Objections overruled by W3C director approving the DIDCore specification as a W3C Recommendation](https://www.w3.org/2022/06/DIDRecommendationDecision.html) W3C
- [Nat has a presentation](https://nat.sakimura.org/2021/09/14/announcing-gain/)
- There is a [linked in Group](https://www.linkedin.com/groups/12559000/)
The DID core specification is approved to advance to W3C Recommendation.
In its next chartered period the Working Group should address and deliver proposed standard DID method(s) and demonstrate interoperable implementations.  The community and Member review of such proposed methods is the natural place to evaluate the questions raised by the objectors and other Member reviewers regarding decentralization, fitness for purpose, and sustainable resource utilization. -Ralph Swick, for Tim Berners-Lee
* [Decentralized Identifiers (DID) 1.0 specification approved as W3C Recommendation](https://blog.identity.foundation/w3cdidspec-2/) Identity Foundatoin
Announcing the [Decentralized Identifiers (DID) v1.0 specification](https://www.w3.org/TR/did-core/) as an open web standard signals that it is technically sound, mature, and ready for widespread adoption. Having an established v1.0 specification allows work to continue with renewed energy and focus, not only at the many groups meeting at DIF, but across the digital identity community.
Harrison Tang, CEO of Spokeo, [is the new co-chair of the CCG](https://twitter.com/TheCEODad/status/1544884282316845057)
@ -542,13 +470,6 @@ W3C Press Release - [Decentralized Identifiers (DIDs) v1.0 becomes a W3C Recomme
For individuals in particular, DIDs can put them back in control of their personal data and consent, and also enable more respectful bi-directional trust relationships where forgery is prevented, privacy is honored, and usability is enhanced.
* [W3C launches Decentralized Identifiers as a web standard](https://portswigger.net/daily-swig/w3c-launches-decentralized-identifiers-as-a-web-standard) in the Daily Swig: Cybersecurity news and views.
“I would summarize the overall impact of DIDs on cybersecurity as making digital signing and [encryption](https://portswigger.net/daily-swig/encryption) much more widely available than todays conventional X.509-based public key infrastructure (PKI),” Drummond Reed, director of trust services at Avast
* [W3C overrules objections by Google, Mozilla to decentralized identifier spec](https://www.theregister.com/2022/07/01/w3c_overrules_objections/) Oh no, he DIDn't in the Register
The [DID specification](https://www.w3.org/TR/did-core/%23introduction) describes a way to deploy a globally unique identifier without a centralized authority (eg, Apple [for Sign in with Apple](https://developer.apple.com/sign-in-with-apple/) as a verifying entity.
* [DIF Monthly #28](https://blog.identity.foundation/dif-monthly-28/)
@ -558,38 +479,6 @@ Table of contents: 1. [Foundation News](https://blog.identity.foundation/dif-mon
Since verification is off-chain (and generally fast/inexpensive, depending on the provider), and since this avoids on-chain storage of potentially correlatable data, this is often the preferred solution.
* [Verification Patterns, Part 2](https://docs.centre.io/blog/verification-patterns-2) Verite
Part 2 of this 2-part series explains the [did:pkh](https://github.com/w3c-ccg/did-pkh/blob/main/did-pkh-method-draft.md)/[CACAO](https://github.com/ChainAgnostic/CAIPs/blob/master/CAIPs/caip-74.md%23simple-summary) variation for Verite data models and flows, which provides an entry path for wallets that may not support sufficient functionality for emerging decentralized identity patterns
* [Decentralized Identifiers: Implications for Your Data, Payments and Communications](https://newsletter.impervious.ai/decentralized-identifiers-implications-for-your-data-payments-and-communications-2/) Impervious
Through the DID Specification, service endpoints and DIDComm, Impervious has interlaced DIDs with Bitcoin Lightning, IPFS, WebRTC and resilient relays to introduce a new peer-to-peer internet standard with practical applications for mitigating censorship and surveillance risk.
* [[SCITT] Endor: A SCITT PoC for W3C Verifiable Credentials](https://mailarchive.ietf.org/arch/msg/scitt/WSyUQuYimFowl6plzi_TIJzjBpM/)
I made this today: [https://github.com/OR13/endor](https://github.com/OR13/endor) [...]
nice thing about endorsing W3C Verifiable Credentials is that they are
already an abstraction that applies to "non software supply chain" use
Cases [...] we model [cyber physical supply chain flows](https://w3id.org/traceability)
^^^ [inspired by](https://twitter.com/OR13b/status/1553488644224204800) : [IETF 114: Plenary](https://www.ietf.org/live/ietf114-plenary/) (video)
* [GLEIF vLEI Verifiable Credentials containing trusted organization identity and roles](https://rapidlei.com/vlei/)
vLEI will provide a cryptographically secure chain of trust that will replace manual processes needed to access and confirm an entitys identity across all industries.
* [Verifiable Health Data: Demonstrating Verifiable Credentials using Cardea](https://www.youtube.com/watch?v%3DruhnyMTqNog)
members from across the community come together to test interoperability between systems, networks, agents and more.
* [JSON Web Proofs BoF at IETF 114 in Philadelphia](https://self-issued.info/?p%3D2286)
@ -627,40 +516,18 @@ The concept behind a Trust Registry is that a Wallet needs to know which decentr
* [ONDC: An Open Network for Ecommerce](https://www.windley.com/archives/2022/08/ondc_an_open_network_for_ecommerce.shtml) Phil Windley
* [Open Network for Digital Commerce](https://en.wikipedia.org/wiki/Open_Network_for_Digital_Commerce) is a non-profit established by the Indian government to develop open ecommerce. The goal is to end platform monopolies in ecommerce using an open protocol called [Beckn](https://developers.becknprotocol.io/). I'd never heard of Beckn before. From the reaction on the VRM mailing list, not many there had either.
* [Cute Learning Thread](https://twitter.com/fennykyun/status/1564249472053514240) fennykyun
tldr :: DID is just an URI :: VC is a cryptographically verifiable credential using DID :: SSI is a self-sovereign and privacy-preserving identity :: Non-human (Machines, Bots, Goods, anything) also able to have DID, VC, and SSIs
* [BCGov improves sustainability reporting with digital trust technology](https://trustoverip.org/blog/2022/08/29/toip-steering-committee-member-the-government-of-british-columbia-improves-sustainability-reporting-with-digital-trust-technology/) ToIP
Digital credentials can be checked in real time, expediting access to trustworthy information. These trusted, verifiable digital credentials are the core digital trust technologies being piloted and the trust ecosystem in which they operate are defined in ToIP architecture, governance, and related documents.
* [Universal Resolver - resolve practically any DID](https://blog.identity.foundation/uni-resolver/) Identity Foundation
The Universal Resolver can now resolve 45 DID methods, and more are being added regularly. Visit [https://dev.uniresolver.io/](https://dev.uniresolver.io/) to see the full list of supported methods, and visit [this github page](https://github.com/decentralized-identity/universal-resolver/blob/main/docs/driver-development.md) to contribute a driver for a DID method.
Mobile Document Request API
* [Apple, with support from Google, just announced the Mobile Document Request API](https://github.com/WICG/proposals/issues/67) Web Incubator CG
The API is concerning because it lists "Define the native communication between the User Agent and the application holding the mdoc." as out of scope. That is, digital wallet selection is out of scope. Also out of scope is "issuing" and "provisioning". The specification focuses on delivery from a digital wallet to a website.
## Standards Work
> The API is concerning because it lists "Define the native communication between the User Agent and the application holding the mdoc." as out of scope. That is, digital wallet selection is out of scope. Also out of scope is "issuing" and "provisioning". The specification focuses on delivery from a digital wallet to a website.
* [Premature Standardization & Interoperability](https://www.continuumloop.com/premature-standardization-interoperability/) Continuum Loop
Heres my premise we dont have standards nor interoperability at least not as people really need. We have been through a process that is powerful and good but what we have is what I call “premature standardization.” Its a great start but nowhere near where things will be.
* [Notes from W3C TPAC on major deployments of Verifiable Credentials](https://twitter.com/philarcher1/status/1570082512122294273) Manu Sporny via Phil Archer
- Steel, Oil Agriculture Shipment into US Customs ($2.3T in good/year)
- European Digital Wallet (€163M funding, 450M people)
- Digital Education Credentials in Uganda, Nigeria, Kenya (323M people)
- Digital Age Verfication (152k retail stores, 200M people)
- Content Authenticity Initative (30M Adobe customers)
- Digital Permanent Resident Cards (14M people)
* [IDnow joins Accelerate@IATA to shape the future of seamless air travel](https://www.idnow.io/pr/idnow-joins-accelerateiata/) IDnow
@ -668,11 +535,6 @@ The goal of IATA One ID is to set industry standards that further streamline the
Cardano showing interest in our work
* [Advancing digital identity through DID core specification](https://iohk.io/en/blog/posts/2022/09/08/advancing-digital-identity-through-did-core-specification/) IOHK
Good news to see Cardano jumping on the bandwagon, looks like they will join the fray and bring DID\VC to Atla Prism.
The recent DID core specification approval at the World Wide Web Consortium (W3C) provided clearer and stronger foundations for identity platforms building decentralized identifiers.
* [Circle and Industry Leaders Have Built the First Decentralized Identity Proof-of-Concept for Crypto Finance using Verite Credentials](https://www.circle.com/en/pressroom/circle-and-industry-leaders-have-built-the-first-decentralized-identity-proof-of-concept-for-crypto-finance-using-verite-credentials) Circle
@ -683,13 +545,6 @@ Circle joined other crypto and blockchain companies in February 2022 to introduc
TBD and [Circle](https://www.circle.com/en/?_gl%3D1*14yjcwp*_up*MQ..%26gclid%3DCjwKCAjwm8WZBhBUEiwA178UnPZbgZJJxhwK7ivE5Yx9FGW8PQ31-hc1O-njcLOmzcN2nzLz110FihoCgV4QAvD_BwE) are collaborating on a set of open standards and open source technologies aimed at enabling global-scale, mainstream adoption of digital currency in payments and financial applications. The first step of which will support cross-border remittances and self-custody wallets that can hold stablecoins.
* [Identos builds Verifiable Credentials into updated federated digital ID API](https://www.biometricupdate.com/202209/identos-builds-verifiable-credentials-into-updated-federated-digital-id-api) Biometric Update
The new FPX Junction cloud software suite is designed for fine-grained API authorization and user-centric digital identity management. The digital wallet and user-managed access 2.0 authorization server work together to enable single-sign on federation. An optional user interface SDK for the digital wallet provides native mobile and web support.
* [Open Workplace Recognition using Verifiable Credentials](https://blog.weareopen.coop/open-workplace-recognition-using-verifiable-credentials-fc0134fad7ec) WeAreOpenCoop
Yesterday, [the draft](https://w3c-ccg.github.io/vc-ed-use-cases/) Verifiable Credentials for Education, Employment, and Achievement Use Cases report was published [...] The next version of the Open Badges specification (v3.0) will be compatible with Verifiable Credentials (VCs).
* [Identity Manager Self Sovereign Identity made Simple](https://tanglelabs.io/identity-manager-self-sovereign-identity-made-simple/) TangleLabs
@ -713,21 +568,6 @@ Call for Comments/Feedbacks for DPV v1.0 release
Please provide your comments by 15-OCT-2022 via [GitHub](https://github.com/w3c/dpv/issues/50) or [public-dpvcg@w3.org](https://lists.w3.org/Archives/Public/public-dpvcg/) (mailing list).
* [FYI >> DHS W3C VC/DID Implementation Profile: Credential Data Model Representation Syntax & Proof Format](https://lists.w3.org/Archives/Public/public-credentials/2022Sep/0253.html) Anil John
We are walking this path step-by-step by documenting the results and lessons from the DHS sponsored multi-platform, multi-vendor interoperability plug-fests and other rigorous plug-fests with similar goals to develop a “DHS Implementation Profile of W3C Verifiable Credentials and W3C Decentralized Identifiers” to ensure the use of Security, Privacy and Interoperability implementation choices that are acceptable to the USG such that these capabilities can be deployed on and connect to USG networks and infrastructure.
please [find attached the DHS Implementation Profile](https://lists.w3.org/Archives/Public/public-credentials/2022Sep/att-0253/DHS.W3C.VC-DID.Implemenation.Profile-20220929-SHARE.pdf) of W3C VCs and W3C DIDs normative guidance on:
·         Credential Data Model Representation Syntax
·         Credential Data Model Proof Format
* [Using OpenID4VC for Credential Exchange; Technometria - Issue #62](http://news.windley.com/issues/using-openid4vc-for-credential-exchange-technometria-issue-62-1374264?via%3Dtwitter-card%26client%3DDesktopWeb%26element%3Dissue-card)
Extending OAuth and OIDC to support the issuance and presentation of verifiable credentials provides for richer interactions than merely supporting authentication. All the use cases weve identified for verifiable credentials are available in OpenID4VC as well.
* [Trinsic Basics: What Are SSI Standards?](https://trinsic.id/what-are-ssi-standards/)
> There are two kinds of standards that Trinsic implements to enable interoperability and avoid vendor lock-in: data model standards and protocol standards.
@ -735,215 +575,6 @@ Extending OAuth and OIDC to support the issuance and presentation of verifiable
* [Manifesto: Rules for standards-makers](http://scripting.com/2017/05/09/rulesForStandardsmakers.html)
> I've used all kinds of formats and protocols in a long career as a software developer, even created a few. My new manifesto summarizes what I've learned about what works and what doesn't.
## RDF
* [Technical Report on the Universal RDF Dataset Normalization Algorithm](https://lists.w3.org/Archives/Public/public-credentials/2021Apr/att-0032/Mirabolic_Graph_Iso_Report_2020_10_19.pdf) - [Bill Bradley](https://lists.w3.org/Archives/Public/public-credentials/2021Apr/0032.html)
> The goal of this technical report is to review the Universal RDF Dataset Normalization Algorithm (URDNA2015) for correctness and to provide satisfactory evidence that possible issues with URDNA2015 have been considered and dismissed. We do not lay out the algorithm in its considerable technical detail here, but refer the reader to the proposed technical specification 1 [Longley], a set of proofs by Rachel Arnold and Dave Longely [Arnold], and a reference implementation in Python [DigitalBazaar]
* [Importing Verifiable Data as Labeled Property Graphs](https://lists.w3.org/Archives/Public/public-credentials/2022Jun/0022.html)  Orie Steele (Wednesday, 15 June)
I think what happens is that a first blank node is created for the proof, and since that node has `@container` `@graph`, instead of being able to trace the relationships directly from credential to proof to verification method...
Each proof is being treated as a disjoint subgraph, and the relationship is not being preserved during import… [...]
I suspect this is solvable with a more complicated graph config: [https://neo4j.com/labs/neosemantics/4.0/config/](https://neo4j.com/labs/neosemantics/4.0/config/)
But I wonder if we might correct this behavior in VC Data Model 2.0, such that RDF representations don't have this odd behavior when imported as labeled property graphs. [...]
answer on the github issue for the standard, I raised it here: [](https://github.com/w3c/vc-data-model/issues/881)[https://github.com/w3c/vc-data-model/issues/881](https://github.com/w3c/vc-data-model/issues/881)
* [Proposed W3C Charter: RDF Dataset Canonicalization and Hash Working Group](https://lists.w3.org/Archives/Public/public-credentials/2022May/0033.html)  Manu Sporny (Tuesday, 17 May)
The goal of this group is to standardize the way many of us digitally sign Verifiable Credentials. This working group has been about decade in the making (some would say two decades) and is important for achieving things like BBS+ selective disclosure as well as standardizing the way we format Verifiable Credentials before they are digitally signed.
The [announcement](https://lists.w3.org/Archives/Public/public-new-work/2022May/0005.html) is here
The [proposed charter](https://www.w3.org/2022/05/04-proposed-rch-wg-charter/) is here
* [URDNA2015 Implementation Question](https://lists.w3.org/Archives/Public/public-credentials/2022Jul/0017.html)  Daniel Petranek (Thursday, 7 July)
I've instrumented the rdf-canonicalize library so I can inspect the order of execution, and it appears that what differs between my implementation and the Javascript one is the order of the permutations. The spec doesn't say how the permutations should be ordered, and my intuition is that the order does indeed matter - though I'm happy to be corrected if I'm wrong.
So, here is my question(s):
- Does the order of the permutations matter?
- If so, what order should they be in?
## DIDs
* [DIDs in DPKI](https://github.com/WebOfTrustInfo/rwot7/blob/master/topics-and-advance-readings/dids-in-dpki.md)
- [jolocom/ddoresolver-rs](https://github.com/jolocom/ddoresolver-rs) github
- [Rust implementation of the did:key method](https://crates.io/crates/did-key) creds to Tomislav Markovski.
* [Universal Resolver Driver Policy Discussion](https://iiw.idcommons.net/21P/_Universal_Resolver_Driver_Policy_Discussion) by Bernhard Fuchs, Markus Sabadello
> The project has some guidelines for contributing new DID method drivers:[https://github.com/decentralized-identity/universal-resolver/blob/master/docs/driver-development.md](https://github.com/decentralized-identity/universal-resolver/blob/master/docs/driver-development.md)
- [DID test suite](https://github.com/w3c/did-test-suite) GitHub
> DID test suite is not for runtime, but the Universal Resolver could do a few simple checks on a driver's responses. But there's also a philosophical question: Should the Universal Resolver be "allowed" to check and potentially transform driver responses, or should it just "pass through" everything that comes from a driver?
* [did:orb slides Troy Ronda (SecureKey)](https://lists.w3.org/Archives/Public/public-credentials/2021Mar/0017.html)
> - Decouple witness ledgers from the critical path.
> - Allow for Trust but Verify model.
> - Leverage the Certificate Transparency model
> - Witnesses observe VDR objects and promise to include in their ledgers.
> - Provide a signed timestamp and a maximum merge delay.
> - Enable monitoring to ensure witnesses follow their promises.
> - Use trusted Witness (and origin) timings to resolve late publishing.
> - Use origin to enable observers to know if they have the latest operations.
* [re: Defining load balanced, failover clusters for DID Document serviceEndpoints?](https://lists.w3.org/Archives/Public/public-credentials/2022Jan/0056.html) (Monday, 10 January)
#didlang 0.3 includes support for round-robin, load-balanced DID Agent serviceEndpoint clusters. [Here's a demo](https://youtu.be/mf0aKLvJoCw)
* [W3C Decentralized Identifiers v1.0 is a W3C Proposed Recommendation](https://lists.w3.org/Archives/Public/public-credentials/2021Aug/0030.html)  Manu Sporny (Tuesday, 3 August)
* [W3C Decentralized Identifiers v1.0 is a W3C Proposed Recommendation](https://www.w3.org/blog/news/archives/9179):
* [The published version that will be voted on by W3C Members can be found here](https://www.w3.org/TR/2021/PR-did-core-20210803/):
This is the final step of the W3C global standardization process.
If you are a W3C Member, you can now vote to approve it as a global standard here:
* [DID 1.0 Comments / Meeting Minutes (was RE: Mozilla Formally Objects to DID Core)](https://lists.w3.org/Archives/Public/public-credentials/2021Sep/0135.html)  John, Anil (Monday, 27 September)
* [https://www.w3.org/2021/09/21-did10-minutes.html](https://www.w3.org/2021/09/21-did10-minutes.html) is fascinating reading!
* [...] I can speak to the work of the DHS SVIP Program and our approach and perspective across our two  work-streams that touch upon the two points.
1.  Governments “lobbying” for single DID method and Non-Interoperability
*   “tantek: concerned to hear that there are governments looking to adopt, with only single implementation methods and non interop, sounds like lobbying may have occurred, … advocating for single-implementation solutions that are centralized wolves in decentralized clothing”
*  <cwilso> +1 to tantek's concern that governments are responding to lobbying attempts on non-interoperable methods”
* [Mozilla Formally Objects to DID Core](https://lists.w3.org/Archives/Public/public-credentials/2021Sep/0010.html)  Drummond Reed (Thursday, 1 September)
Now, here's the REAL irony. Mozilla and others are pointing to the URI spec and existing URI schemes as the precedent without recognizing that in [in section 9.11 of the DID spec](https://www.w3.org/TR/did-core/%23dids-as-enhanced-urns), we specifically compare the DID spec to the *URN spec*, [RFC 8141](https://datatracker.ietf.org/doc/html/rfc8141). In fact we deliberately patterned the [ABNF for DIDs](https://www.w3.org/TR/did-core/%23did-syntax)  after the ABNF for URNs—and patterned DID method names after URN namespaces. And we set up a registry for the exactly the same way RFC 8141 establishes a [registry of URN namespaces](https://www.iana.org/assignments/urn-namespaces/urn-namespaces.xhtml).
Now: guess how many URN namespaces have been registered with IANA?
- [SEVENTY*. Count em.](https://www.iana.org/assignments/urn-namespaces/urn-namespaces.xhtml)
I don't see anyone complaining about interoperability of URN namespaces. Amd RFC 8141 was published over four years ago.
* [Some questions regarding DID verification relationships](https://lists.w3.org/Archives/Public/public-credentials/2021Dec/0009.html) Dmitri Zagidulin (Thursday, 2 December)
The motivation for verification relationships in the DID spec stems from the general security recommendation of "use separate keys for separate purposes".
You can see this at work in other specifications, such as JWKS (JSON Wek Key Set), specifically in the 'use' (Public Key Use) parameters, from [https://datatracker.ietf.org/doc/html/rfc7517#section-4.2](https://datatracker.ietf.org/doc/html/rfc7517%23section-4.2)
* [DID press release and UNECE white paper](https://lists.w3.org/Archives/Public/public-credentials/2022Jul/0087.html)  steve capell (Wednesday, 20 July)
great to see that press release at [https://www.w3.org/2022/07/pressrelease-did-rec.html.en](https://www.w3.org/2022/07/pressrelease-did-rec.html.en)
There's a testimonial from UNECE near the bottom.  I thought the community might be interested in the white paper from UNECE on VCs and DIDs for cross border trade - [https://unece.org/trade/uncefact/guidance-material](https://unece.org/trade/uncefact/guidance-material)
* [DID Press Release Testimonials](https://lists.w3.org/Archives/Public/public-credentials/2022Jul/0022.html)  Zundel, Brent (Friday, 8 July)
This message is to inform the DID WG and CCG that the W3C intends to write a press release.
To that end, we are seeking testimonials about Decentralized Identifiers.
For an example of the sort of thing we're looking for, please see: [https://www.w3.org/2019/03/pressrelease-webauthn-rec.html](https://www.w3.org/2019/03/pressrelease-webauthn-rec.html)
The testimonials may be submitted as a reply to this email.
DID Methods
* [Announcement: New DID Method Specification: did:object](https://lists.w3.org/Archives/Public/public-credentials/2021Dec/0067.html) (Tuesday, 14 December)
The publication of [this DID Method specification](https://github.com/mwherman2000/TrustedDigitalWeb/blob/master/specifications/did-methods/did-object.md) realizes, in large part, a 4-year quest (or should I say personal mission) to create a platform to Tokenize Every Little Thing (ELT).
* [Re: CCG Community opinions needed to define CCG scope (specifically re: did methods as work items)](https://lists.w3.org/Archives/Public/public-credentials/2021Aug/0376.html)  Manu Sporny (Thursday, 26 August)
On 8/26/21 12:37 PM, Heather Vescent wrote:
> 1. What are the *pros* of including did methods as work items in the CCG?
Community vetting and approval of particular DID Methods.
Basically, broader and deeper review of DID Methods that we expect to be of
great use to the world. I expect there will be DID Methods that the community
wants to eventually propose as DID Methods for standardization (did:key and
did:web feel like two ones where we could get consensus on doing so).
* [DID methods as W3C standards - a happy compromise?](https://lists.w3.org/Archives/Public/public-credentials/2022Feb/0117.html)  steve capell (Tuesday, 22 February)
can't we pick just a small number of un-controversial methods to standardise?  even if it's just did:key and did:web to start with.
* [Cross border identity use case - which did methods?](https://lists.w3.org/Archives/Public/public-credentials/2022Mar/0016.html)  steve capell (Sunday, 6 March)
The broader generalisation of this question is : "for trust anchors like governments that issue VCs to their constituents, what rules should govern which did:methods they should accept as the *subject* identifier for the VCs they issue?"  Are those rules context specific?
I'm not sure of the answer - but it's why did:ion was on my list - as an allowed *subject* of a government issued vc - and as the issuer of trade documents.  should I take it off my list pending a bit more maturity (eg that azure service goes out of beta into full production)?  or is it safe enough for this use case?  if so what others would also be "safe enough"?
![https://www.notion.soimages/image2.png](https://www.notion.soimages/image2.png)
DID:TAG[re: Using Email as an Identifier](https://lists.w3.org/Archives/Public/public-credentials/2021Nov/0065.html)  Bob Wyman (Friday, 12 November)
My [did:tag](https://github.com/bobwyman/did_method_tag) proposal is, I believe, the only proposed DID Method that addresses the use of email addresses and email as a resolution method
There are quite a number of issues with using email addresses as identifiers, or parts of identifiers, and I'm hoping that discussion and development of the did:tag method will illuminate those issues and potentially find solutions for them.
DID:WEB
* [re: some thought after using did:web](https://lists.w3.org/Archives/Public/public-credentials/2022Jan/0031.html)  Orie Steele (Wednesday, 5 January)
We have had the same issue... per the did core spec, there are really 2 main key types, in our crypto libraries for the key pair classes themselves, we do our best to support both and handle translation for you:
* [https://github.com/transmute-industries/verifiable-data/blob/main/packages/ed25519-key-pair/src/Ed25519KeyPair.ts#L78](https://github.com/transmute-industries/verifiable-data/blob/main/packages/ed25519-key-pair/src/Ed25519KeyPair.ts%23L78)
* [https://github.com/transmute-industries/verifiable-data/blob/main/packages/ed25519-key-pair/src/types/Ed25519VerificationKey2018.ts](https://github.com/transmute-industries/verifiable-data/blob/main/packages/ed25519-key-pair/src/types/Ed25519VerificationKey2018.ts)
* [https://github.com/transmute-industries/verifiable-data/blob/main/packages/ed25519-key-pair/src/types/Ed25519VerificationKey2020.ts](https://github.com/transmute-industries/verifiable-data/blob/main/packages/ed25519-key-pair/src/types/Ed25519VerificationKey2020.ts)
* [https://github.com/transmute-industries/verifiable-data/blob/main/packages/ed25519-key-pair/src/types/JsonWebKey2020.ts](https://github.com/transmute-industries/verifiable-data/blob/main/packages/ed25519-key-pair/src/types/JsonWebKey2020.ts)
* [DID Web, OpenSSL and Certificate Authorities](https://lists.w3.org/Archives/Public/public-credentials/2022Feb/0078.html)  Orie Steele (Thursday, 17 February)
We then generate a DID Web DID Document from the public keys for the 3 children, and encode the ca chain from them back to the root using `x5c`.
We then issue a JWT from the private key for 1 of them.
We then verify the JWT signature using the public key.
We then check the x5c using open seel to confirm the certificate chain.
My questions are:
1. Is it possible to use JOSE to automate this further?
2. Is there a better way of accomplishing this?
3. Should the CA chain be pushed into the JWT?
DID:JWK
* [did:jwk is reborn!](https://lists.w3.org/Archives/Public/public-credentials/2022Apr/0066.html)  Orie Steele (Friday, 8 April)
* [https://github.com/w3c/did-spec-registries/pull/432](https://github.com/w3c/did-spec-registries/pull/432)
DID:KEY
* [did-key-creator published](https://lists.w3.org/Archives/Public/public-credentials/2022Jun/0061.html)  Brent Shambaugh (Tuesday, 28 June)
I published a did:key creator at
* [https://www.npmjs.com/package/did-key-creator](https://www.npmjs.com/package/did-key-creator)
This has been tested to create did:keys from the P-256,P-384, and P-521 curves specified in [https://github.com/w3c-ccg/did-method-key](https://github.com/w3c-ccg/did-method-key) and [https://w3c-ccg.github.io/did-method-key/](https://w3c-ccg.github.io/did-method-key/) .
* [did:key DID Document generation algorithm feedback](https://lists.w3.org/Archives/Public/public-credentials/2022Jun/0016.html)  Manu Sporny (Tuesday, 14 June)
The DID Document generation algorithm for did:key is being refined to the
point that we can finish off a first pass of a did:key test suite.
* [...] [https://github.com/w3c-ccg/did-method-key/pull/51](https://github.com/w3c-ccg/did-method-key/pull/51)
## Assorted

3
_posts/identosphere-dump/open-standards/trust-frameworks.md
View File

@ -91,3 +91,6 @@ Its a great pleasure to share with you DINZ Reflections Report, a seminal pie
>
> “a document that provides a set of agreed-upon rules, guidelines or characteristics for activities or their results. Standards establish accepted practices, technical requirements, and terminologies for diverse fields.”  He goes on to highlight a lot of the work being done in Canada and where it all sits relative to being a standard - “In closing, there are lots of trust frameworks being developed today. But to be truly trusted, a trust framework needs to either apply existing standards or become a standard itself.”
* [Pan-Canadian Trust Framework (PCTF) Overview](https://northernblock.io/pan-canadian-trust-framework/)
Right now, we are alpha testing the framework with different kinds of actors, both public and private, and with assessors. Through this process, were going to learn what may need to change, and what may not need to change. Were going to get real knowledge there. I will say that what were seeing already, is that DIACC and our priorities are really driven by members.

27
_posts/identosphere-dump/open-standards/verifiable-credentials.md
View File

@ -5,6 +5,33 @@ published: false
# Verifiable Credentials
* [DIF Grant #1: JWS Test Suite](https://blog.identity.foundation/dif-grant-1-jws-test-suite/)
DIF announces its first community microgrant, sponsored by Microsoft and rewarding the timely creation of a comprehensive test suite for detached-JWS signatures on Verifiable Credentials
* [Open Workplace Recognition using Verifiable Credentials](https://blog.weareopen.coop/open-workplace-recognition-using-verifiable-credentials-fc0134fad7ec) WeAreOpenCoop
Yesterday, [the draft](https://w3c-ccg.github.io/vc-ed-use-cases/) Verifiable Credentials for Education, Employment, and Achievement Use Cases report was published [...] The next version of the Open Badges specification (v3.0) will be compatible with Verifiable Credentials (VCs).
* [FYI >> DHS W3C VC/DID Implementation Profile: Credential Data Model Representation Syntax & Proof Format](https://lists.w3.org/Archives/Public/public-credentials/2022Sep/0253.html) Anil John
> We are walking this path step-by-step by documenting the results and lessons from the DHS sponsored multi-platform, multi-vendor interoperability plug-fests and other rigorous plug-fests with similar goals to develop a “DHS Implementation Profile of W3C Verifiable Credentials and W3C Decentralized Identifiers” to ensure the use of Security, Privacy and Interoperability implementation choices that are acceptable to the USG such that these capabilities can be deployed on and connect to USG networks and infrastructure.
> … please [find attached the DHS Implementation Profile](https://lists.w3.org/Archives/Public/public-credentials/2022Sep/att-0253/DHS.W3C.VC-DID.Implemenation.Profile-20220929-SHARE.pdf) of W3C VCs and W3C DIDs normative guidance on:
> - Credential Data Model Representation Syntax
> - Credential Data Model Proof Format
* [Notes from W3C TPAC on major deployments of Verifiable Credentials](https://twitter.com/philarcher1/status/1570082512122294273) Manu Sporny via Phil Archer
- Steel, Oil Agriculture Shipment into US Customs ($2.3T in good/year)
- European Digital Wallet (€163M funding, 450M people)
- Digital Education Credentials in Uganda, Nigeria, Kenya (323M people)
- Digital Age Verfication (152k retail stores, 200M people)
- Content Authenticity Initative (30M Adobe customers)
- Digital Permanent Resident Cards (14M people)
* [Do I Need a Verifiable Credential?](https://community.rsa.com/t5/rsa-labs-blog/do-i-need-a-verifiable-credential/ba-p/610241)
* [Verifiable Claim Protocol](https://github.com/ontio/ontology-DID/blob/master/docs/en/claim_spec.md) Ontology
* [Open Badges as Verifiable Credentials](https://kayaelle.medium.com/in-the-w3c-vc-edu-call-on-june7-2021-we-discussed-open-badges-asserted-as-w3c-verifiable-90391cb9a7b7)
> In the [W3C VC-EDU](https://w3c-ccg.github.io/vc-ed/) call on June 7, 2021 we discussed [Open Badges](https://openbadges.org/) asserted as [W3C Verifiable Credentials](https://www.w3.org/TR/vc-data-model/) (VCs). This call began the public discussion of Open Badges as Native VCs (potentially as Open Badges 3.0) to inform the IMS Open Badges Working Group. Why are we discussing this? Why does it matter? How will it work?
* [How a combination of Federated identity and Verifiable Credentials can help with Customer onboarding](https://pranavkirtani.medium.com/how-a-combination-of-federated-identity-and-verifiable-credentials-can-help-with-customer-7e6518feb018) Pranav Kirtani
> Before we dive into how Federated systems like OIDC and SAML along with Verifiable Credentials (VC) can help improve customer onboarding to your application, let us first understand what are the current methods being used for onboarding.
* [Verifiable Credentials Data Model v2.0](https://www.w3.org/TR/2022/WD-vc-data-model-2.0-20220811/)
- The components that constitute a [verifiable credential](https://www.w3.org/TR/2022/WD-vc-data-model-2.0-20220811/%23dfn-verifiable-credentials)

103
_posts/identosphere-dump/organizations/diacc.md Normal file
View File

@ -0,0 +1,103 @@
# DIACC
* [Budget 2022 investments for](https://diacc.ca/2022/04/07/2022-budget-statement/) [digital transformation](https://diacc.ca/2022/04/07/2022-budget-statement/) [and Canadian innovation](https://diacc.ca/2022/04/07/2022-budget-statement/) DIACC
Todays budget announcement keeps the importance of secure and privacy protecting digital ID in our windows and more work needs to be done to develop this path based on citizen consent, control, and trust. We look forward to collaborating with the government on consultations to support these imperative next steps while finding ways to combat misinformation that surrounds it.
* [Report on the Adequacy of Identity Governance Transparency DIACC Special Group Insights](https://diacc.ca/2022/03/31/adequacy-of-identity-governance-transparency/)
* [This report](https://diacc.ca/wp-content/uploads/2022/03/Report-on-the-Adequacy-of-Identity-Goverance-Transparency.pdf) looks at Transborder use of digital identity in the context of international transfer, control, and access to private/personal data between Canada and the European Union. In particular, it looks at such data transfer considering the obligation to inform individuals during data processing and investigate into the adequacy of transparency and notice for international data transfer.
* [Canadians Want user-centric Digital ID aligned with their values](https://diacc.ca/2022/04/04/privacy-security-and-choice-drive-canadians-desire-for-digital-id/) DIACC Research
* [2021 Research Report](https://diacc.ca/wp-content/uploads/2022/04/DIACC-2021-Research-Report-ENG.pdf) • [Multi-page Synopsis](https://diacc.ca/wp-content/uploads/2022/04/DIACC-2021-Research-Reppor-Multi-ENG.pdf) • [One-page Synopsis](https://diacc.ca/wp-content/uploads/2022/04/DIACC-2021-Research-Report-One-Page-ENG.pdf)
Establishing a trusted digital ID will allow people and organizations the choice to verify themselves online securely, while protecting personal information with no user traceability. It offers a decentralized, privacy-enhancing solution for both the private and public sectors.
* [Request for Comment & IPR Review: PCTF Digital Wallet Draft Recommendation V1.0](https://diacc.ca/2022/04/10/digital-wallet-draft-recommendation-v1-0/)
a framework that Digital Identity Ecosystem Participants can use to assess the degree to which the digital wallets that are part of their respective ecosystems accomplish the following:
1. Provide Citizens and Consumers with a Digital Identity Wallet that complies with the human rights principles of preserving peoples privacy and control over their information.
2. Introduces a consistent identity metaphor and consent-driven automated experience across all Ecosystem Participants to reduce impact on users caused by Digital Transformation.
3. Contribute to a stable infrastructure with longevity and world-wide interoperability by adopting and supporting relevant standards as appropriate (e.g., W3C Standards for Verifiable Credentials and DIDs).
4. Counter cyber vulnerability and extortion by enabling Service Providers to incrementally replace existing login mechanisms, some of which may be exploitable, without suffering negative impact to business.
5. Establish an environment of trust within which the wallets owner can interact with other Ecosystem Participants such as Issuers, Verifiers, and other Relying Parties.
* [Directory of Products That Assess Identification Documents and Verify Identity Version 2.0](https://diacc.ca/2021/05/03/directory-of-products-that-assess-identification-documents-and-verify-identity-version-2-0/)
This [Directory](https://diacc.ca/2020/05/21/directory-products-assess-identification-documents-verify-identity/) is designed to provide an overview of providers solutions which use government issued photo identification cards, combined with biometric facial scans, to establish Digital Identity.
Built on standards: OAuth 2.0 and JWT
See the presentation at [https://self-issued.info/?p=2167](https://self-issued.info/?p%3D2167).
* [Request for Comment and IPR Review: PCTF Assurance Maturity Model Draft Recommendation V1.0](https://diacc.ca/2021/06/27/comment-ipr-review-assurance-maturity-model-draft-recommendation-v1-0/) DIACC
It is essential that Participants in a digital ecosystem have a way to evaluate the robustness and trustworthiness of transactions within that ecosystem. In order to do so, Participants must share a common vocabulary that describes the level of confidence they can associate with an Entity or transaction, as well as a common way in which to determine that level of confidence.
* [Decentralized Identity and DIACC PCTF Authentication](https://diacc.ca/wp-content/uploads/2021/02/Decentralized-Identity-and-DIACC-PCTF-Authentication.pdf)
The [Authentication](https://diacc.ca/wp-content/uploads/2020/09/PCTF-Authentication-Component-Overview-Final-Recommendation_V1.0.pdf) component of the [DIACC Pan-Canadian Trust Framework](https://diacc.ca/trust-framework/)™ specifies processes and conformance criteria for service providers. Authentication and credential management services may be assessed against these criteria.
* [2022 Pre-Budget Submission](https://diacc.ca/2021/08/03/2022-pre-budget-submission/) DIACC
1. That the government secure adoption of the [Pan-Canadian Trust Framework](https://diacc.ca/wp-content/uploads/2016/08/PCTF-Overview-FINAL.pdf) by businesses and governments.
2. That the government act on the [Finance Committees 2021 Pre-Budget Consultation](https://www.ourcommons.ca/Committees/en/FINA/StudyActivity?studyActivityId%3D11021772) Recommendations 128, Implement a digital identity system that empowers Canadians to control their data that is held by the federal government, and 129, Create a national data strategy.
3. That the government work with provincial and territorial partners and Immigration, Refugees and Citizenship Canada to ensure that all Canadians have access to an ISO-compliant government-issued digital ID credential with economy-wide utility by December 2022.
4. That the government make digital identity-enabled services available to all Canadians by December 2022.
5. That the government prioritizes funding and integration of digital ID as part of the [Digital Technology Supercluster](https://www.digitalsupercluster.ca/) Initiative.
* [Agri-Food Product Identity Verification & Governance](https://diacc.ca/2022/04/26/agri-food-product-identity-verification-governance-diacc-special-interest-group-insights/) DIACC Special Interest Group Insights
This report discusses what the identity verification related requirements for the creation and management of agri-food products (or items) unique identifiers to enable provenance tracking, ensure traceability, facilitate agri-food data integration, enhance governance, protect privacy and confidentiality, inform policies, and improve communications.
* [DIACC 2022 Industry Survey Report](https://diacc.ca/2022/06/02/diacc-2022-industry-survey-report/) DIACC
The intent of the [DIACC Industry Survey](https://diacc.ca/wp-content/uploads/2022/05/DIACC-Industry-Survey_Final.pdf) was to identify any pain points Canadian industries have that prevent the use of trusted Digital Identity.
* [RFC and IPR Review: PCTF Infrastructure (Technology & Operations) Final Recommendation V1.1](https://diacc.ca/2022/09/26/request-for-comment-and-ipr-review-pctf-infrastructure-technology-operations-final-recommendation-v1-1/) DIACC (RFC Closes 10/27)
The intent of the Infrastructure (Technology & Operations) component is to identify the operational policies, plans, technology and technology operations requirements to support implementation of the principles of the PCTF Profiles in the context of a Digital Identity Ecosystem.
* [DIACC welcomes Budget 2021 investments for digital transformation and innovation](https://diacc.ca/2021/04/19/diacc-welcomes-budget-2021-investments-for-digital-transformation-and-innovation/)
> The DIACC, Canadas digital ID leader, is pleased to see the federal governments recognition that our economic future depends on digital investments. Initiatives like the investment in the Known Traveller Digital Identity pilot project and the Canada Digital Adoption Program will help Canadians, businesses and governments on this path.
* [DIACC marks year end with a slideshow detailing their accomplishments](https://diacc.ca/2020/12/09/diacc-year-end-achievements-and-milestones-2020/)
A few highlights from the report:
- [Digital Identity Laboratory](https://digidlab.ca/) - first lab of its kind for digital ID testing and certification
- launched the COVID-19 Actions Directory highlighting member initiatives.
- DIACC has joined the collaborative led by Standards Council of Canada
* [DIACC also invites input on the future of Levels of Assurance](https://diacc.ca/2020/12/09/help-define-and-design-the-future-of-canadas-levels-of-assurance-with-diacc/).
> Making sure we have a common way to evaluate and measure the integrity of that data is central to a
To realize a world-class Digital Government Canada has [set itself an ambition](https://digital.canada.ca/roadmap-2025/) of:
“Digitize all public-facing government services so they are accessible by web and mobile phone and available behind a unified login system by 2025.”
* [DIACC Industry Survey](https://diacc.ca/2021/10/25/diacc-industry-survey/)
The intent of this DIACC Industry Survey is to identify any pain points Canadian industries have that prevent the use of trusted Digital Identity frameworks. This survey will be open indefinitely with responses monitored regularly.
Access the survey [here](https://www.surveymonkey.com/r/QLRV885).
* [Canadas Community of Digital Identity Leaders Grows to Over 100 Members](https://diacc.ca/2021/05/31/canadas-community-of-digital-identity-leaders-grows-to-over-100-members/)
Today, more than ever before, our communities, our businesses, and our citizens are looking to the leaders within the DIACC to help deliver a robust, secure, trusted digital ID ecosystem that works for all Canadians. Our economy depends on it,” stated David Nikolejsin, Chair of the DIACC Board.
* [BC Governments Verifiable Credential Issuer Kit Proof of Concept Report](https://diacc.ca/2021/10/20/bc-governments-verifiable-credential-issuer-kit-proof-of-concept-report/) DIACC
* [bcgov/issuer-kit](https://github.com/bcgov/issuer-kit)
Recommendations:
- Open Collaboration
- Interoperability
- Responsive to Market Dynamics
- Responsive to Industry Needs
- Regulatory Compliance
- Invovlement with Governance of Networks and Registries
* [Be a Digital ID Champion](https://diacc.ca/champion/)
- Promote digital ID to accelerate economic recovery and secure equitable social inclusion.
- Work with DIACC and others to establish privacy-protecting digital ID that empowers individuals, businesses, the public sector and civil society.
* [DIACC White Paper: Consumer Digital Identity Leveraging Blockchain](https://diacc.ca/2021/03/18/diacc-white-paper-consumer-digital-identity-leveraging-blockchain/)
> SecureKey Technologies entered into a multiphase program with DIACC and the U.S. Department of Homeland Security (DHS) Science and Technology Directorate (S&T) to evaluate, develop, and deliver a solution for enabling distributed privacy enhanced identity ecosystems. [This paper summarizes the work done as part of Phase 3](https://diacc.ca/wp-content/uploads/2020/03/DIACC-White-Paper_Consumer-Digital-Identity-Leveraging-Blockchain_Final.pdf) of the program, concentrating on the “Commercialization of the Verified.Me project”
Phase 1 White Paper: [Architectural and Privacy Principles](https://diacc.ca/wp-content/uploads/2017/02/Consumer-Digital-Identity-Companion-Paper.pdf)
Phase 2 White Paper: [The Implementation](https://diacc.ca/wp-content/uploads/2019/03/DIACC_SecureKey_Phase2_White-Paper.pdf)

33
_posts/identosphere-dump/organizations/organization.md
View File

@ -160,9 +160,6 @@ conversations about digital identity innovation were mostly treated as a develop
* [GlobaliD](https://global.id/), USA; [Uphold](https://uphold.com/), Portugal; [ID Ramp](https://idramp.com/), USA; [Cynjatech](https://www.cynja.com/), USA; [Finclusive](https://finclusive.com/), USA; [Xertify](https://xertify.co/), Colombia; [Snowbridge Inc.](https://www.snowbridge.se/), Taiwan; Entrustient, USA; [Bot Ventures, Inc](https://botventures.io/)., Canada; [BlockSpaces](https://blockspaces.io/), USA; [Blockster Labs](https://blockster.global/), [Anonyome Labs](https://anonyome.com/), Australia; [Selfd.id](https://selfd.id/), Romania; [Liquid Avatar Technologies](https://liquidavatar.com/), Canada; [Snapper Future Tech](https://snapperfuturetech.com/), India; [Lorica Identity](https://loricaidentity.com/), USA; [BizSecure](https://bizsecure.com/), USA; [Networks Synergy](https://www.synergy.kz/), Kazakhstan; Absolutely Zero Cyber, USA; [Cysecure](https://cysecure.us/), USA; [VERSES Labs](https://www.verses.io/), USA
* [DHS SVIP - Program Overview + AMA](https://iiw.idcommons.net/index.php?title%3D21O/_DHS_SVIP_-_Program_Overview_%252B_AMA%26action%3Dedit%26redlink%3D1) by Anil John
* [Request for Comment and IPR Review: PCTF Assurance Maturity Model Draft Recommendation V1.0](https://diacc.ca/2021/06/27/comment-ipr-review-assurance-maturity-model-draft-recommendation-v1-0/) DIACC
It is essential that Participants in a digital ecosystem have a way to evaluate the robustness and trustworthiness of transactions within that ecosystem. In order to do so, Participants must share a common vocabulary that describes the level of confidence they can associate with an Entity or transaction, as well as a common way in which to determine that level of confidence.
* [GlobaliD joins the Linux Foundations Cardea Project](https://medium.com/global-id/globalid-joins-the-linux-foundations-cardea-project-22f298032240)
@ -366,9 +363,6 @@ Were not convinced that “constraint” is the right theoretical approach fo
* [PSA Today: Kaliya & Seth talk LEIs](https://anchor.fm/psatoday/episodes/PSA-Today-34-Kaliya--Seth-talk-LEIs-Legal-Entity-Identifiers-with-Simon-Wood--CEO-of-Ubisecure-eqia74)
with Simon Wood, CEO of Ubisecure (#1 issuer of Legal Entity Identifiers)
> the evolution of LEIs since the financial crisis of 2008, the difference between high assurance and low assurance, and the relationship between rights and ownership as it relates to identity management of entities.
* [Decentralized Identity and DIACC PCTF Authentication](https://diacc.ca/wp-content/uploads/2021/02/Decentralized-Identity-and-DIACC-PCTF-Authentication.pdf)
The [Authentication](https://diacc.ca/wp-content/uploads/2020/09/PCTF-Authentication-Component-Overview-Final-Recommendation_V1.0.pdf) component of the [DIACC Pan-Canadian Trust Framework](https://diacc.ca/trust-framework/)™ specifies processes and conformance criteria for service providers. Authentication and credential management services may be assessed against these criteria.
* [Self-sovereign digital identity, vLEI as identification standard for InfoCert DIZME network](https://www.digitalfuturemagazine.com/2021/01/27/self-sovereign-digital-identity-vlei-as-identification-standard-for-infocert-dizme-network/)
@ -406,13 +400,6 @@ The [DizmeID Foundation](https://www.dizme.io/) and technical project will defi
Witness orgs sit in layer 3 of the [Trust Over IP stack](https://github.com/hyperledger/aries-rfcs/blob/master/concepts/0289-toip-stack/README.md) as authoritative issuers. Witness orgs are to VCs like Dunn and Bradstreet (D&B) is to the finance world: they issue claims as a recognized authority.
* [2022 Pre-Budget Submission](https://diacc.ca/2021/08/03/2022-pre-budget-submission/) DIACC
1. That the government secure adoption of the [Pan-Canadian Trust Framework](https://diacc.ca/wp-content/uploads/2016/08/PCTF-Overview-FINAL.pdf) by businesses and governments.
2. That the government act on the [Finance Committees 2021 Pre-Budget Consultation](https://www.ourcommons.ca/Committees/en/FINA/StudyActivity?studyActivityId%3D11021772) Recommendations 128, Implement a digital identity system that empowers Canadians to control their data that is held by the federal government, and 129, Create a national data strategy.
3. That the government work with provincial and territorial partners and Immigration, Refugees and Citizenship Canada to ensure that all Canadians have access to an ISO-compliant government-issued digital ID credential with economy-wide utility by December 2022.
4. That the government make digital identity-enabled services available to all Canadians by December 2022.
5. That the government prioritizes funding and integration of digital ID as part of the [Digital Technology Supercluster](https://www.digitalsupercluster.ca/) Initiative.
* [Panel | Bringing the Global Assured Identity Network (GAIN) to Reality](https://www.kuppingercole.com/watch/eic2021-panel-gain-to-reality)
@ -495,10 +482,6 @@ any sensible WebAuthn/FIDO2 Apache module would rely on an externally running
In making the code widely accessible, Ontology is accelerating the adoption of decentralized identity (DID) in the blockchain sphere As the project that has focused on the Decentralized Identity (DID) field for over 4 years…
* [Agri-Food Product Identity Verification & Governance](https://diacc.ca/2022/04/26/agri-food-product-identity-verification-governance-diacc-special-interest-group-insights/) DIACC Special Interest Group Insights
This report discusses what the identity verification related requirements for the creation and management of agri-food products (or items) unique identifiers to enable provenance tracking, ensure traceability, facilitate agri-food data integration, enhance governance, protect privacy and confidentiality, inform policies, and improve communications.
* [ISO/IEC 18013-5 vs Self-Sovereign Identity: A proposal for an mDL Verifiable Credential](https://www.procivis.ch/post/iso-iec-18013-5-vs-self-sovereign-identity-a-proposal-for-an-mdl-verifiable-credential) Procivis
@ -540,9 +523,6 @@ GAIN is marked by a cross sector, crowd sourced, open, global due diligence. GAI
The goal of this whitepaper is to inform and educate the readers about the work on the OpenID for Verifiable Credentials (OpenID4VC) specifications family. It addresses use-cases referred to as Self-Sovereign Identity, Decentralized Identity, or User-Centric Identity.
* [DIACC 2022 Industry Survey Report](https://diacc.ca/2022/06/02/diacc-2022-industry-survey-report/) DIACC
The intent of the [DIACC Industry Survey](https://diacc.ca/wp-content/uploads/2022/05/DIACC-Industry-Survey_Final.pdf) was to identify any pain points Canadian industries have that prevent the use of trusted Digital Identity.
* [Achieving Trusted Digital Transactions Across the Globe: OIX and ToIP Align to make it Happen](https://trustoverip.org/news/2022/06/15/achieving-trusted-digital-transactions-across-the-globe-oix-and-toip-align-to-make-it-happen/) Trust over IP
@ -642,20 +622,7 @@ For businesses the world over, confidence in digital authenticity is in short su
* [eBook: The vLEI: Introducing Digital I.D. for Legal Entities Everywhere](https://www.gleif.org/en/lei-solutions/gleifs-digital-strategy-for-the-lei/introducing-the-verifiable-lei-vlei/gleif-ebook-the-vlei-introducing-digital-i-d-for-legal-entities-everywhere)
* [RFC and IPR Review: PCTF Infrastructure (Technology & Operations) Final Recommendation V1.1](https://diacc.ca/2022/09/26/request-for-comment-and-ipr-review-pctf-infrastructure-technology-operations-final-recommendation-v1-1/) DIACC (RFC Closes 10/27)
The intent of the Infrastructure (Technology & Operations) component is to identify the operational policies, plans, technology and technology operations requirements to support implementation of the principles of the PCTF Profiles in the context of a Digital Identity Ecosystem.
* [BC Digital Trust](https://digital.gov.bc.ca/digital-trust/) BCGov
Nice resources page from BCGov
- [OrgBook BC](https://digital.gov.bc.ca/digital-trust/projects-and-initiatives/orgbook-bc/) A live service providing organization-related Verifiable Credentials in BC, Canada
- [BC Wallet - Technology Overview](https://digital.gov.bc.ca/digital-trust/projects-and-initiatives/bc-wallet-technology-overview/)
- [Verifiable Credentials for People](https://digital.gov.bc.ca/digital-trust/projects-and-initiatives/credentials-for-people/) Tools and services for issuing and verifying Verifiable Credentials
- [Safe Entry BC Demo](https://digital.gov.bc.ca/digital-trust/projects-and-initiatives/safe-entry-bc-demo/) A prototype of a contactless way to manage access to a facility, using Verifiable Credentials
- [Conference Book Demo](https://digital.gov.bc.ca/digital-trust/projects-and-initiatives/conference-book-demo/) A demo showing the use of Verifiable Credentials for attending a conference
- [Chat Server Demo](https://digital.gov.bc.ca/digital-trust/projects-and-initiatives/chat-server-demo/) A demo giving access to a chat service using Verifiable Credentials
* [How to Unf*ck Your Organisation: Organisational strategy and architecture for n00bs](https://blog.weareopen.coop/how-to-unf-ck-your-organisation-b73851dbeba5) WeAreOpenCoop
Weve put together an [email-based course](https://learnwith.weareopen.coop/courses/org-strategy/) to help forward-thinking people in senior roles who might need a bit of help and orientation. Weve broken things down into actionable steps based on the resources found at our Learn with WAO site, giving you enough direction and inspiration to get started transforming your organisation for the better!

58
_posts/identosphere-dump/public_sector/canada.md
View File

@ -3,10 +3,17 @@ published: false
---
# Canadian Identity
* [BC Digital Trust](https://digital.gov.bc.ca/digital-trust/) BCGov
* [Pan-Canadian Trust Framework (PCTF) Overview](https://northernblock.io/pan-canadian-trust-framework/)
Nice resources page from BCGov
- [OrgBook BC](https://digital.gov.bc.ca/digital-trust/projects-and-initiatives/orgbook-bc/) A live service providing organization-related Verifiable Credentials in BC, Canada
- [BC Wallet - Technology Overview](https://digital.gov.bc.ca/digital-trust/projects-and-initiatives/bc-wallet-technology-overview/)
- [Verifiable Credentials for People](https://digital.gov.bc.ca/digital-trust/projects-and-initiatives/credentials-for-people/) Tools and services for issuing and verifying Verifiable Credentials
- [Safe Entry BC Demo](https://digital.gov.bc.ca/digital-trust/projects-and-initiatives/safe-entry-bc-demo/) A prototype of a contactless way to manage access to a facility, using Verifiable Credentials
- [Conference Book Demo](https://digital.gov.bc.ca/digital-trust/projects-and-initiatives/conference-book-demo/) A demo showing the use of Verifiable Credentials for attending a conference
- [Chat Server Demo](https://digital.gov.bc.ca/digital-trust/projects-and-initiatives/chat-server-demo/) A demo giving access to a chat service using Verifiable Credentials
Right now, we are alpha testing the framework with different kinds of actors, both public and private, and with assessors. Through this process, were going to learn what may need to change, and what may not need to change. Were going to get real knowledge there. I will say that what were seeing already, is that DIACC and our priorities are really driven by members.
* [Canadian Government: User-Centric Verifiable Digital Credentials Challenge](https://github.com/canada-ca/ucvdcc)
> This challenge is seeking a portable secure digital credentials (self-sovereign identity) solution held by individuals that can be independently, cryptographically and rapidly verified using emerging distributed ledger standards and an approach that may give rise to a global digital verification platform.
@ -14,25 +21,11 @@ Right now, we are alpha testing the framework with different kinds of actors, bo
- [Recorded Video of Public Demo Day April 21, 2020](https://youtu.be/644kUC9Uw-g)
- [Final Presentations Folder](https://github.com/canada-ca/ucvdcc/blob/master/final)
* [DIACC welcomes Budget 2021 investments for digital transformation and innovation](https://diacc.ca/2021/04/19/diacc-welcomes-budget-2021-investments-for-digital-transformation-and-innovation/)
> The DIACC, Canadas digital ID leader, is pleased to see the federal governments recognition that our economic future depends on digital investments. Initiatives like the investment in the Known Traveller Digital Identity pilot project and the Canada Digital Adoption Program will help Canadians, businesses and governments on this path.
* [The Public Sector Profile of the Pan-Canadian Trust Framework Working Group Close-Out Report](https://trbouma.medium.com/public-sector-profile-of-the-pan-canadian-trust-framework-version-1-2-and-next-steps-86ae7a96d6c7) Tim Bouma
> the PSP PCTF WG was an important vehicle for ensuring public sector communication and discussion across Canada
* [DIACC marks year end with a slideshow detailing their accomplishments](https://diacc.ca/2020/12/09/diacc-year-end-achievements-and-milestones-2020/)
A few highlights from the report:
- [Digital Identity Laboratory](https://digidlab.ca/) - first lab of its kind for digital ID testing and certification
- launched the COVID-19 Actions Directory highlighting member initiatives.
- DIACC has joined the collaborative led by Standards Council of Canada
* [DIACC also invites input on the future of Levels of Assurance](https://diacc.ca/2020/12/09/help-define-and-design-the-future-of-canadas-levels-of-assurance-with-diacc/).
> Making sure we have a common way to evaluate and measure the integrity of that data is central to a
To realize a world-class Digital Government Canada has [set itself an ambition](https://digital.canada.ca/roadmap-2025/) of:
“Digitize all public-facing government services so they are accessible by web and mobile phone and available behind a unified login system by 2025.”
* [Ontarios Digital ID: Technology and standards](https://www.ontario.ca/page/ontarios-digital-id-technology-and-standards)
Ontarios Digital ID will use self-sovereign identity because it gives the holder control over the credentials in their wallet. In addition, we are layering on these extra privacy-preserving features:
@ -40,6 +33,9 @@ Ontarios Digital ID will use self-sovereign identity because it gives the hol
- Consent  The verifier must ask you to approve their request to confirm your credentials.
- Data minimization  The verifier can only access what they need to confirm you are eligible for their service. For example, if you need to prove that you are old enough to buy a lottery ticket, the store clerk would only know that you are 18 or older not your actual age, birth date or anything else about you.
- Anonymity  Your credentials are not tracked or traced.
* [Canadian Provincial Party Pushes Back Against Biometric Digital ID Plan](https://findbiometrics.com/canadian-provincial-party-pushes-back-against-biometric-digital-id-plan-040705/)
Sloan invoked the specter of China while discussing the petition, suggesting that any digital identity program would be akin to a [social credit program](https://findbiometrics.com/china-jaywalkers-biometric-surveillance-503275/) that gives the government too much control over the personal lives of its citizens.
* [Ontario will launch digital ID program later this year and here's how it works](https://www.cp24.com/ontario-will-launch-digital-id-program-later-this-year-and-here-s-how-it-works-1.5578066)
@ -48,39 +44,9 @@ Ontarios Digital ID will use self-sovereign identity because it gives the hol
Canada is beginning to develop their own version of a “[Tell Us Once](https://digitalcanada.io/tell-us-once-legislation/)” Digital Identity policy, an approach pioneered in Europe by the likes of Estonia.
This is a policy where having provided your data to one government agency, youll never be asked for it again from another, defined explicitly through legislation.
* [DIACC Industry Survey](https://diacc.ca/2021/10/25/diacc-industry-survey/)
The intent of this DIACC Industry Survey is to identify any pain points Canadian industries have that prevent the use of trusted Digital Identity frameworks. This survey will be open indefinitely with responses monitored regularly.
Access the survey [here](https://www.surveymonkey.com/r/QLRV885).
* [Canadas Community of Digital Identity Leaders Grows to Over 100 Members](https://diacc.ca/2021/05/31/canadas-community-of-digital-identity-leaders-grows-to-over-100-members/)
Today, more than ever before, our communities, our businesses, and our citizens are looking to the leaders within the DIACC to help deliver a robust, secure, trusted digital ID ecosystem that works for all Canadians. Our economy depends on it,” stated David Nikolejsin, Chair of the DIACC Board.
* [BC Governments Verifiable Credential Issuer Kit Proof of Concept Report](https://diacc.ca/2021/10/20/bc-governments-verifiable-credential-issuer-kit-proof-of-concept-report/) DIACC
* [bcgov/issuer-kit](https://github.com/bcgov/issuer-kit)
Recommendations:
- Open Collaboration
- Interoperability
- Responsive to Market Dynamics
- Responsive to Industry Needs
- Regulatory Compliance
- Invovlement with Governance of Networks and Registries
* [Be a Digital ID Champion](https://diacc.ca/champion/)
- Promote digital ID to accelerate economic recovery and secure equitable social inclusion.
- Work with DIACC and others to establish privacy-protecting digital ID that empowers individuals, businesses, the public sector and civil society.
* [Digital Identity Challenge Canada - Video + Post](https://digitalcanada.io/canada-ssi-for-digital-government/) User-Centric Verifiable Digital Credentials Challenge
Canada boasts world-leading exemplar case studies for the role of Self Sovereign Identity for Digital Government scenarios, including the [ACE](https://digitalcanada.io/ace-ssi/) and [BC Orgbook](https://digitalcanada.io/bc-orgbook-tell-us-once/) projects.
* [User-Centric Verifiable Digital Credentials](https://www.ic.gc.ca/eic/site/101.nsf/eng/00068.html)
> “The Treasury Board Secretariat of Canada (TBS) and Shared Services Canada (SSC) are seeking a standardized method to issue and rapidly verify portable digital credentials across many different contexts, thereby reducing human judgement error, increasing efficiency and ensuring digital credential veracity using cryptography.”
* [/canada-ca/ucvdcc/](https://github.com/canada-ca/ucvdcc/)
* [Google Doc](https://docs.google.com/presentation/d/1rC4Lhh0ixaig4OP3cbv2q7SkL_rFrLe489PUEUIDjDQ/edit#slide=id.p).
* [DIACC White Paper: Consumer Digital Identity Leveraging Blockchain](https://diacc.ca/2021/03/18/diacc-white-paper-consumer-digital-identity-leveraging-blockchain/)
> SecureKey Technologies entered into a multiphase program with DIACC and the U.S. Department of Homeland Security (DHS) Science and Technology Directorate (S&T) to evaluate, develop, and deliver a solution for enabling distributed privacy enhanced identity ecosystems. [This paper summarizes the work done as part of Phase 3](https://diacc.ca/wp-content/uploads/2020/03/DIACC-White-Paper_Consumer-Digital-Identity-Leveraging-Blockchain_Final.pdf) of the program, concentrating on the “Commercialization of the Verified.Me project”
Phase 1 White Paper: [Architectural and Privacy Principles](https://diacc.ca/wp-content/uploads/2017/02/Consumer-Digital-Identity-Companion-Paper.pdf)
Phase 2 White Paper: [The Implementation](https://diacc.ca/wp-content/uploads/2019/03/DIACC_SecureKey_Phase2_White-Paper.pdf)

10
_posts/identosphere-dump/public_sector/policy.md
View File

@ -51,16 +51,6 @@ On March 24th, 2022, [the European Parliament and Council reached an agreement o
Canada
* [Request for Comment & IPR Review: PCTF Digital Wallet Draft Recommendation V1.0](https://diacc.ca/2022/04/10/digital-wallet-draft-recommendation-v1-0/)
a framework that Digital Identity Ecosystem Participants can use to assess the degree to which the digital wallets that are part of their respective ecosystems accomplish the following:
1. Provide Citizens and Consumers with a Digital Identity Wallet that complies with the human rights principles of preserving peoples privacy and control over their information.
2. Introduces a consistent identity metaphor and consent-driven automated experience across all Ecosystem Participants to reduce impact on users caused by Digital Transformation.
3. Contribute to a stable infrastructure with longevity and world-wide interoperability by adopting and supporting relevant standards as appropriate (e.g., W3C Standards for Verifiable Credentials and DIDs).
4. Counter cyber vulnerability and extortion by enabling Service Providers to incrementally replace existing login mechanisms, some of which may be exploitable, without suffering negative impact to business.
5. Establish an environment of trust within which the wallets owner can interact with other Ecosystem Participants such as Issuers, Verifiers, and other Relying Parties.
* [Digital Identity and Attributes Trust Framework](https://stateofidentity.libsyn.com/digital-identity-and-attributes-trust-framework) State of Identity
Do you trust technology and government to protect your data? On this week's State of Identity podcast, host, Cameron D'Ambrosi is joined by Gareth Narinesingh, Head of Digital Identity at HooYu to discuss the bridge between payments and identity wallets, the UK's next big push in adopting shared identity standards, and the foundation of decentralized identity verification across Web3 applications and the metaverse.

23
_posts/identosphere-dump/public_sector/public-sector.md
View File

@ -38,9 +38,6 @@ Omidyar Network:
The GLEIF introduce the vLEI
Taking the LEI one step further from entity identification to individuals is a huge development for the digital identity industry and one that has been supported [by our partners at RapidLEI](https://rapidlei.com/vlei/). We wrote a full blog on the story to [explain why vLEIs are important](https://managedlei.com/blog/what-is-vlei-and-what-problems-does-it-solve/) and how we expect they can add value to the industry with some solid examples such as mobile driving licenses and healthcare service delivery.
* [FIDO Alliance Supports Biden Administration EO on Cybersecurity](https://fidoalliance.org/fido-alliance-supports-biden-administration-eo-on-cybersecurity/)
There have been a number of high profile attacks against critical American infrastructure in recent months, including the Solarwinds supply chain attack that exposed much of the government to potential risk. Top of mind in recent days is the ransomware attack against Colonial Pipeline, which significantly impacted the flow of refined oil across America. These attacks expose the vulnerability of critical infrastructure in the United States, and the Biden Administration is issuing federal directives that will minimize or eliminate risk.
* [Connecting Citizens and Government for Better Designed Services](https://medium.com/mydex/connecting-citizens-and-government-for-better-designed-services-9b58205185ce) MyData
Our vision for [Inclued](https://mydex.org/platform-services/) is for it to become the de facto choice for two-way, secure citizen engagement that empowers citizens to not only access services but influence what is delivered to them, while giving governments and citizens insight and evidence into the value and impact of working with, not for citizens.
@ -508,26 +505,8 @@ The concept of digital identification is already well established, and using a s
We at Validated ID have been betting on EBSI since the beginning. We started working to become conformant wallet providers since the very first version of [Wallet Conformance Tests (WCT)](https://ec.europa.eu/digital-building-blocks/wikis/display/EBSI/EBSI%2Bwallets) was published. The process of preparing our solution to become conformant has allowed us to appreciate how remarkable EBSI's work has been.
Canadian Digital Identity
* [Budget 2022 investments for](https://diacc.ca/2022/04/07/2022-budget-statement/) [digital transformation](https://diacc.ca/2022/04/07/2022-budget-statement/) [and Canadian innovation](https://diacc.ca/2022/04/07/2022-budget-statement/) DIACC
Todays budget announcement keeps the importance of secure and privacy protecting digital ID in our windows and more work needs to be done to develop this path based on citizen consent, control, and trust. We look forward to collaborating with the government on consultations to support these imperative next steps while finding ways to combat misinformation that surrounds it.
* [Report on the Adequacy of Identity Governance Transparency DIACC Special Group Insights](https://diacc.ca/2022/03/31/adequacy-of-identity-governance-transparency/)
* [This report](https://diacc.ca/wp-content/uploads/2022/03/Report-on-the-Adequacy-of-Identity-Goverance-Transparency.pdf) looks at Transborder use of digital identity in the context of international transfer, control, and access to private/personal data between Canada and the European Union. In particular, it looks at such data transfer considering the obligation to inform individuals during data processing and investigate into the adequacy of transparency and notice for international data transfer.
* [Canadians Want user-centric Digital ID aligned with their values](https://diacc.ca/2022/04/04/privacy-security-and-choice-drive-canadians-desire-for-digital-id/) DIACC Research
* [2021 Research Report](https://diacc.ca/wp-content/uploads/2022/04/DIACC-2021-Research-Report-ENG.pdf) • [Multi-page Synopsis](https://diacc.ca/wp-content/uploads/2022/04/DIACC-2021-Research-Reppor-Multi-ENG.pdf) • [One-page Synopsis](https://diacc.ca/wp-content/uploads/2022/04/DIACC-2021-Research-Report-One-Page-ENG.pdf)
Establishing a trusted digital ID will allow people and organizations the choice to verify themselves online securely, while protecting personal information with no user traceability. It offers a decentralized, privacy-enhancing solution for both the private and public sectors.
* [Canadian Provincial Party Pushes Back Against Biometric Digital ID Plan](https://findbiometrics.com/canadian-provincial-party-pushes-back-against-biometric-digital-id-plan-040705/)
Sloan invoked the specter of China while discussing the petition, suggesting that any digital identity program would be akin to a [social credit program](https://findbiometrics.com/china-jaywalkers-biometric-surveillance-503275/) that gives the government too much control over the personal lives of its citizens.
New Zealand
## New Zealand
* [INCLUSIVE AND ETHICAL USES OF DIGITAL IDENTITY](https://digitalidentity.nz/inclusive-and-ethical-uses-of-digital-identity/) DINZ