Awesome-Mirrors/decentralized-id.github.io
1
0
Fork 0
mirror of https://github.com/Decentralized-ID/decentralized-id.github.io.git synced 2024-09-06 17:12:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/infominer33/awesome-decentralized-id

Browse Source
This commit is contained in:
infominer33 2018-12-18 01:47:35 -05:00
commit a1d40e084a
2 changed files with 83 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
self-sovereign/evolution-of-ssi.md
View File

@ -1 +1,56 @@
# The Evolution of Self Sovereign Identity
Christopher Allen's seminal work, [The Path to Self Sovereign Identity](https://github.com/WebOfTrustInfo/self-sovereign-identity/blob/master/ThePathToSelf-SovereignIdentity.md) continues to be an important and influential document for the Self Sovereign Identity community and movement. Rightly so, Allen does a superb job of outlining where digital identity has come from and where its going. However, Christopher intended for the [Principles of SSI]([Principles of Self Sovereign Identity](https://github.com/WebOfTrustInfo/self-sovereign-identity/blob/master/self-sovereign-identity-principles.md)), gathered from the leading thought on digital identity, to be the start of a conversation.
In order to stimulate the discussion, I've been going through /WebOfTrustInfo/self-sovereign-identity, and adding my own thoughts. So what I'd like to do is gather up some of the best thought on SSI since Christopher's 2016 post, and figure out which parts of it should be fleshed out in an organized and thoughtful mannar.
That October, [Joe Andrieu](https://github.com/jandrieu) submitted [A TechnologyFree Definition of SelfSovereign Identity](https://github.com/jandrieu/rebooting-the-web-of-trust-fall2016/raw/master/topics-and-advance-readings/a-technology-free-definition-of-self-sovereign-identity.pdf) to the third Rebooting the Web of Trust Design Workshop. Within it, he describes the Characteristics of SSI: **Control**, **Acceptance**, and **Zero Cost**.
>1 No disrespect to Christopher Allens opening to the conversation, The Path to Self Sovereign Identity [...] It gets a lot right, but leaves a few requirements out, e.g., recoverability and zero cost, and conflates “identities” and claims in an ambiguous manner.
I decided to put the **10 Principles of SSI** up next to Joe Andrieu's **Characteristics of SSI**
* [SSI Principles vs. Characteristics](https://github.com/infominer33/awesome-decentralized-id/blob/master/self-sovereign/ssi-principles-vs-characteristics.md)
I think these two frameworks should be joined, but further consideration is required, and I hope to get some feedback from the community.
The idea, however, is to come up with list of phinciples, or characteristics, or rights, that is as complete as possible, while also as concise as possible. There are a few 10 pointed lists, I'm ok with combining them as necessary and if it turns into 19, for example, I'm ok w that. I'd rather err on the side of too many and pare it down gradually, than not include enough.
* Next, there are the [7 Myths of SSI](https://github.com/infominer33/self-sovereign-identity/blob/master/7-myths-of-self-sovereign-identity.md) from Timothy Ruff's recent blog post. I've extracted them from his two part series into a concise document. There are surely other myths, it would be great to get feedback on that topic as well.
* A gentle introduction to self-sovereign-identity by @antonylewis has a great section, [How would self-sovereign identity work for the user?](https://github.com/infominer33/awesome-decentralized-id/blob/master/self-sovereign/user-experience.md) that I've extracted into github, in order to make a suitable document based upon it. I need to check on certain specifics, basically I want to re-write that section so I saved it here for that purpose.
Other content highlighted in [/WebOfTrustInfo/self-sovereign-identity](https:github.com/WebOfTrustInfo/self-sovereign-identity) that I haven't had a chance to fully review, yet:
* [Identity and Digital Self-Sovereignty](https://medium.com/learning-machine-blog/identity-and-digital-self-sovereignty-1f3faab7d9e3#.3jcgvnbok) - Blog post by [Natalie Smolenski](https://medium.com/@nsmolenski)
* [Self-Sovereign Bill of Rights](self-sovereign-identity-bill-of-rights.md) - lifeID (founded by [Chris Boscolo](https://github.com/cboscolo)) adapted the 10 Principles of Self-Sovereign Identity into a [Bill of Rights](https://medium.com/@lifeID_io/lifeid-self-sovereign-identity-bill-of-rights-d2acafa1de8b) that all self-sovereign identity solution should uphold.
* [SSI: A Roadmap for Adoption](https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust-spring2018/blob/master/final-documents/a-roadmap-for-ssi.md) from Rebooting the web of trust, Spring 2018.
> This document proposes the formation of a short-term team to develop consistent messaging for the Self-Sovereign Identity (SSI) market.
* [How to Convince Dad* of the Importance of Self-Sovereign Identity](https://github.com/WebOfTrustInfo/rwot7/blob/master/final-documents/convincing-dad.md)
\* and your sister and your daughter and your best friend and your nephew (SSI Use-Cases)
* [Schutte's Take](https://github.com/infominer33/self-sovereign-identity/blob/master/Schutte-on-SSI.md) which offers criticism on the 10 principles.
### What I'm hoping for:
This is a modular breakdown of SSI documentation I would like to facilitate:
1. "How SSI works for the User" something along the line of how Antony Lewis described
2. "Principles of SSI" whatever you wanna call it, a complete, concise, and "exhaustive" list of foundational SSI principles or movement in that direction.
3. SSI Why Blockchain? (yes, we know why, but is it written somewhere in a concicse ~800 word document?)
4. Myths of SSI
5. SSI Use Cases. (a'la "how to convince dad")
That's not exhaustive, but those are 5 goals. We have the foundations of some core SSI content\documentation that I think will improve SSI education\onboarding.
I can see that I'll need to spend a lot more time with this content, am just learning my way around it right now.
I'm not the most qualified, I just have time and motivation.

28
self-sovereign/user-experience.md Normal file
View File

@ -0,0 +1,28 @@
# How would self-sovereign identity work for the user?
Adapted from [A gentle introduction to self-sovereign-identity](https://bitsonblocks.net/2017/05/17/gentle-introduction-self-sovereign-identity/) by [@antonylewis](https://github.com/antonylewis). I think this could use some polishing, but this is a good start, and a good example of a basic necessary SSI explainer.
You would have an app on a smartphone or computer, some sort of “identity wallet” where identity data would be stored on the hard drive of your device, or with an agent of your choosing, but crucially not stored in a central repository.
Your identity wallet would start off empty with only a self-generated Decentralized identifier (DID).
At this stage, no one else in the world knows about this identification number. No one issued it to you. You created it yourself. It is self-sovereign. The laws of big numbers and randomness ensure that no one else will generate the same identification number as you.
You then use this identification number, along with your identity claims, and get attestations from relevant authorities.
You can then use these attested claims as your identity information.
Claims would be stored by typing text into standardised text fields, and saving photos or scans of documents.
Proofs would be stored by saving scans or photos of proof documents. However this would be for backward compatibility, because digitally signed attestations remove the need for proofs as we know them today.
Attestations and heres the neat bit would be stored in this wallet too. These would be machine readable, digitally signed pieces of information, valid within certain time windows. The relevant authority would need to sign these with digital signatures for example, passport agencies, hospitals, driving licence authorities, police, etc.
Need to know, but not more: Authorities could provide “bundles” of attested claims, such as “over 18”, “over 21”, “accredited investor”, “can drive cars” etc, for the user to use as they see fit. The identity owner would be able to choose which piece of information to pass to any requester. For example, if you need to prove you are over 18, you dont need to share your date of birth, you just need a statement saying you are over 18, signed by the relevant authority.
Sharing this kind of data is safer both for the identity provider and the recipient. The provider doesnt need to overshare, and the recipient doesnt need to store unnecessarily sensitive data for example, if the recipient gets hacked, they are only storing “Over 18” flags, not dates of birth.
Even banks themselves could attest to the person having an account with them. We would first need to understand what liability they take on when they create these attestations. I would assume it would be no more than the liability they currently take on when they send you a bank statement, which you use as a proof of address elsewhere.
Data sharing
Data would be stored on the persons device (as pieces of paper are currently stored at home today), and then when requested, the person would approve a third party to collect specific data, by tapping a notification on their device, We already have something similar to this if you have ever used a service by “linking” your Facebook or LinkedIn account, this is similar but instead of going to Facebooks servers to collect your personal data, it requests it from your phone, and you have granular control over what data is shared.