* [It’s time for digital self-sovereign identity](https://gcn.com/emerging-tech/2022/08/its-time-digital-self-sovereign-identity/375285/) 2022-08GCN
> But while digital IDs may offer residents convenience, they also open the flood gates for fraud and identity theft. That’s because to verify an individual’s information, agencies and businesses must collect, validate and store massive amounts of personal information. These large caches of personal information are prime targets for cyberattacks.
* [Why Self-Sovereign Identity is a Game Changer for Government-Resident Interactions](https://www.gcomsoft.com/blog/why-self-sovereign-identity-game-changer-government-resident-interactions) 2022-06-13
* [Why Self-Sovereign Identity is a Game Changer for Government-Resident Interactions](https://www.gcomsoft.com/blog/why-self-sovereign-identity-game-changer-government-resident-interactions) 2022-06-13 GComSoft
> As government organizations look to build and maintain trusted relationships with residents, agencies would do well to explore SSI as an option. With SSI, they can provide residents with secure, fast, and friction-free access to an array of government services while allowing them to maintain full control of their data and privacy. It’s not about trusting the government with their data; it’s about trusting the technology.
* [Impacts from a new reality drive the need for an enhanced digital identity framework](https://bankautomationnews.com/allposts/risk-security/impacts-from-a-new-reality-drive-the-need-for-an-enhanced-digital-identity-framework/) 2022-02-28Bank Automation News
> While US-based entities are adhering to an enhanced regulatory framework, these mandates are particularly applicable in Europe, where there is necessary compliance with enacted standards (such as the General Data Protection Regulation—commonly known as GDPR—and the Payment Service Providers Directive 2—referred to as PSD2. A clear need for a true and persistent digital identity as a solution to the ancillary—and sometimes unforeseen—challenges that have arisen.
> The key differences between federated and decentralized identity systems - An analysis of a few notable government-led projects, such as Aadhaar (India), Verify (UK), eIDAS (EU), and the Ontario Digital Identity Program (Canada) - What decentralization means for portability, scalability, flexibility, and privacy - How governments and commercial organizations can enhance existing federated identity systems with verifiable credentials
* [Self-Sovereign Identity (SSI) schemes and the public sector](https://www.impulse-h2020.eu/2021/11/05/self-sovereign-identity-ssi-schemes-and-the-public-sector/)Impulse H20 2021-11-05
> While the structural difference between SSI approaches and conventional centralised or federated eID schemes is, on one level, profound (full control over data and identity with the user; no third-party intermediary between the user and the service provider), on another level, these differences may also appear highly abstract to ordinary users. What societal and economic consequences they may unfold remains, so far, little understood, also because research on the real social and economic effects of SSI solutions is only beginning.
> While the structural difference between SSI approaches and conventional centralised or federated eID schemes is, on one level, profound (full control over data and identity with the user; no third-party intermediary between the user and the service provider), on another level, these differences may also appear highly abstract to ordinary users.
* [Verifying documents & identity in the public services and beyond](https://www.openaccessgovernment.org/w3c-verifiable-credentials-verifying-documents-identity/123049/) 2021-10-25OpenAccessGovernment•David Chadwick
> A particularly useful aspect of the Verifiable Credentials standard is that the parties undertake the specific roles of Issuer, Holder or Verifier, but they are not constrained in how many roles, or when, they can employ them. Each party can be a device, a person or an institution, meaning that verifications can take place directly between automated systems, even verifying that each other is genuine before establishing a connection to share data
* [Digital Identity Around the World: Why Some Countries are Embracing Self Sovereign Identity Quicker](https://hackernoon.com/digital-identity-around-the-world-why-some-countries-are-embracing-self-sovereign-identity-quicker) 2021-09-03Hackernoon
> Each government moves at its own pace for as many reasons as there are countries, and digital identity/SSI will only become a reality once governments voice their support, regulations, and standards are adopted, infrastructure is created or upgraded, and interoperability, inclusion, and education are all addressed.
* [Navigating Digital Identity in Political Economies RxC Panel](https://identitywoman.net/navigating-digital-identity-in-political-economies-rxc-talk/) 2021-08-25IdentityWoman.net
> Most digital identity systems are centralized (e.g., in big government or technology organizations) or individualistic (e.g., in most blockchain projects). However, being in the world is fundamentally social and intersectional — we are all part of networks. So how might we formalize digital identity in a way that better reflects this complex reality? This panel with leading social technology and computer researchers explores more robust digital identity approaches and potential application areas in political economies.
* [The Policymaker’s Guide to Respectful Technology in Legislation](https://me2ba.org/the-policymakers-guide-to-respectful-technology-in-legislation/) 2021-05-14 Me2BA
> What most people want but don’t have the terms to describe is respectful digital relationships. In the same way there is an unspoken code for respectful behavior in physical-realm relationships, this same type of behavior is just as essential when engaging with an online service or website.
* [Self-sovereign identity](https://www.researchgate.net/publication/351078806_Self-sovereign_identity/link/608391b6907dcf667bbd9fb9/download) 2021-04 Alexandra GiannopoulouInternet Policy Review
> The concept of self-sovereign identity (SSI) describes an identity management system created to operate independently of third-party public or private actors, based on decentralised technological architectures, and designed to prioritise user security, privacy, individual autonomy and self-empowerment.
* [Verifiable Credentials: Mapping to a Generic Policy Terminology](https://trbouma.medium.com/verifiable-credentials-mapping-to-a-generic-policy-terminology-bce84a039bb) 2021-03-26
> Why is this useful? When writing policy, you need a succinct model which is clear enough for subsequent interpretation. To do this, you need conceptual buckets to drop things into. Yes, this model is likely to change, but it’s my best and latest crack at it to synthesize the complex world of digital credentials with an abstraction that might be useful to help us align existing solutions while adopting exciting new capabilities.
> being in the world is fundamentally social and intersectional — we are all part of networks. So how might we formalize digital identity in a way that better reflects this complex reality? This panel with leading social technology and computer researchers explores more robust digital identity approaches and potential application areas in political economies.
* [Self-Sovereign Identity and Government – Data Exchange](https://cyber.ee/resources/case-studies/self-sovereign-identity-and-government-identity/)2021-03-23 Cybernetica
> This is often achieved with ID cards or passports that we have in our possession with a photo to prove that we are the person this card belongs to, and therefore the person that ID number refers to. In digital identity terms, PKI takes the place of ID cards and offers public and private key pairs.
* [SELF-SOVEREIGN IDENTITY: LEGAL COMPLIANCE AND THE INVOLVEMENT OF GOVERNMENTS](https://ssi-ambassador.medium.com/self-sovereign-identity-legal-compliance-and-the-involvement-of-governments-467acdd32e88) 2021-02-16SSI AMBASSADOR
> When it comes to identity management the involvement of the government can be a tricky topic. It needs to be involved to enable access to public services, adapt legislature and guarantee equal access for its citizens. However, it should not be able to control or monitor all aspects and activities of its citizens. Self-sovereign identity (SSI) might for some imply, that a citizen is suddenly able to issue his own ID-card, which isn’t the case. Governments are still the primary source of foundational identities."
* [Self-sovereign identity: Legal compliance and the involvement of governments](https://ssi-ambassador.medium.com/self-sovereign-identity-legal-compliance-and-the-involvement-of-governments-467acdd32e88) 2021-02-16SSI Ambassador
> When it comes to identity management the involvement of the government can be a tricky topic. It needs to be involved to enable access to public services, adapt legislature and guarantee equal access for its citizens. However, it should not be able to control or monitor all aspects and activities of its citizens.
* [Data: Governance and Geopolitics](https://www.mydigitalfootprint.com/2021/01/data-governance-and-geopolitics.html) 2021-01-16 Tony Fish
> How data is governed can be thought of along several lines of activity: legislating privacy and data use, regulating content, using antitrust laws to dilute data monopolies, self-regulating by the tech giants, regulating digital trade, addressing intellectual property rights (IPR) infringement, assuring cybersecurity, and practicing cyber diplomacy. Of these, antitrust, regulation, and privacy are most immediately in the spotlight, and are the focus of this commentary, but it will also touch briefly on the connections with other issues.
* [Do we really need (or want) the State to provide us with digital identification?](https://www.libertarianism.org/articles/self-sovereign-identity-blockchain-age) 2020-07-20 Libertarianism
> Just as the State still manages our “analog” identities, the online giants have vast power to manage the online data and identity of their users. Internet users are now both consumer and product: by using free online services, users feed companies with data, which those companies in turn process and monetize.
* [It’s time for governments to get serious about digital identities](https://www2.deloitte.com/global/en/pages/risk/articles/solving-the-public-sector-identity-crisis.html?id=global:2sm:3tw:4dcom_share:5awa:6dcom:risk) 2020-02-25 Deloitte
> While the tools may already exist to solve the government’s identity crisis, real progress will only be made if governments significantly evolve their legacy approaches to digital identity.
* [The ‘Digital Identity Crisis’ and what it means for Governments and individuals](https://procivis.ch/2019/11/18/the-digital-identity-crisis-and-what-it-means-for-governments-and-individuals/) 2019-11-18 ProCivis
> In my thesis, I explored the potential use of Blockchain technology and the features it offers within digital identity management to understand whether there is a case for using this technology based on an improvement in public sector efficiency and perceived trust. The thesis also aimed at understanding the key motivations for the public sector to build an ecosystem or infrastructure for blockchain based digital identity vs. their existing systems (or lack thereof). Thus, the viewpoint of state actors, along with a perception of citizens towards current systems and future acceptability of developing solutions was also considered.
* [Decentralized Identity For Government](https://www.evernym.com/government/) 2019-07-01 Evernym
> Create trusted digital relationships between citizens and government services.\
> With a surge of new regulations, including GDPR and KYC, governments have been the catalysts for redefining how organizations handle issues of trust and privacy. Over the last several years, we’ve seen pioneers emerge from local and federal governments alike, and we’ve created our Early-Access Packages as a way to help them leverage decentralized capabilities to unlock economic growth and enable new citizen relationships.
* [Video] [Governments and Decentralized Identity -- Presentation](https://www.youtube.com/watch?v=qlQNahzjJVw) 2018-12-06 New America
> Shailee Adinolfi (Director, Government Blockchain Solutions, ConsenSys) argues that government adoption of self-sovereign identity is necessary for any widespread implementation of the technology. Through use of blockchain, SSI could provide oversight, transparency, and security while smart contracts could automate government processes, reducing costs and improving efficiency.
* [Identity Validation as a Public Sector Digital Service?](https://blog.aniljohn.com/2014/07/identity-validation-as-a-public-sector-digital-service.html) 2014-07
> I’ve written before about the role that the public sector currently has in identity establishment, but not in identity validation. This absence has led to an online ecosystem in the U.S. that depends on non-authoritative information for identity validation. These are some initial thoughts on what an attribute validation service, which provides validation of identity attributes using authoritative public sector sources, could look like.
## Policy
* [The Policymaker’s Guide to Respectful Technology in Legislation](https://me2ba.org/the-policymakers-guide-to-respectful-technology-in-legislation/) 2021-05-14 Me2BA
> What most people want but don’t have the terms to describe is respectful digital relationships. In the same way there is an unspoken code for respectful behavior in physical-realm relationships, this same type of behavior is just as essential when engaging with an online service or website.
* [Verifiable Credentials: Mapping to a Generic Policy Terminology](https://trbouma.medium.com/verifiable-credentials-mapping-to-a-generic-policy-terminology-bce84a039bb) 2021-03-26
> Why is this useful? When writing policy, you need a succinct model which is clear enough for subsequent interpretation. To do this, you need conceptual buckets to drop things into. Yes, this model is likely to change, but it’s my best and latest crack at it to synthesize the complex world of digital credentials with an abstraction that might be useful to help us align existing solutions while adopting exciting new capabilities.
* [SELF-SOVEREIGN IDENTITY: LEGAL COMPLIANCE AND THE INVOLVEMENT OF GOVERNMENTS](https://ssi-ambassador.medium.com/self-sovereign-identity-legal-compliance-and-the-involvement-of-governments-467acdd32e88) 2021-02-16SSI AMBASSADOR
> When it comes to identity management the involvement of the government can be a tricky topic. It needs to be involved to enable access to public services, adapt legislature and guarantee equal access for its citizens. However, it should not be able to control or monitor all aspects and activities of its citizens. Self-sovereign identity (SSI) might for some imply, that a citizen is suddenly able to issue his own ID-card, which isn’t the case. Governments are still the primary source of foundational identities."
* [Data: Governance and Geopolitics](https://www.mydigitalfootprint.com/2021/01/data-governance-and-geopolitics.html) 2021-01-16 Tony Fish
> How data is governed can be thought of along several lines of activity: legislating privacy and data use, regulating content, using antitrust laws to dilute data monopolies, self-regulating by the tech giants, regulating digital trade, addressing intellectual property rights (IPR) infringement, assuring cybersecurity, and practicing cyber diplomacy. Of these, antitrust, regulation, and privacy are most immediately in the spotlight, and are the focus of this commentary, but it will also touch briefly on the connections with other issues.
* [Self Sovereign Identity & Decentralized Identity: Control Your Data](https://dragonchain.com/blog/decentralized-identity-self-sovereign-identity-explained/#toc_15) 2019-08-27 DragonChain
* Health Insurance Portability and Accountability Act of 1996 (HIPAA)
* The California Consumer Privacy Act (CCPA)
@ -66,19 +71,27 @@ toc_sticky: false
* Singapore Personal Data Protection Act 2012 (PDPA)
* Japan's Act on Protection of Personal Information (APPI)
* Data breach notification laws
* [Decentralized Identity For Government](https://www.evernym.com/government/) 2019-07-01
> Create trusted digital relationships between citizens and government services.
> With a surge of new regulations, including GDPR and KYC, governments have been the catalysts for redefining how organizations handle issues of trust and privacy. Over the last several years, we’ve seen pioneers emerge from local and federal governments alike, and we’ve created our Early-Access Packages as a way to help them leverage decentralized capabilities to unlock economic growth and enable new citizen relationships.
## Literature
* [Self-sovereign identity](https://www.researchgate.net/publication/351078806_Self-sovereign_identity/link/608391b6907dcf667bbd9fb9/download) 2021-04 Alexandra GiannopoulouInternet Policy Review
> The concept of self-sovereign identity (SSI) describes an identity management system created to operate independently of third-party public or private actors, based on decentralised technological architectures, and designed to prioritise user security, privacy, individual autonomy and self-empowerment.
* [Blockchain for digital government](https://joinup.ec.europa.eu/sites/default/files/document/2019-04/JRC115049%20blockchain%20for%20digital%20government.pdf) 2019-04
> This report looks at the ongoing exploration of blockchain technology by governments. The analysis of a group of pioneering developments of public services shows that blockchain technology can reduce bureaucracy, increase the efficiency of administrative processes and increase the level of trust in public recordkeeping. Based on the state-ofart developments, blockchain has not yet demonstrated to be either transformative or even disruptive innovation for governments as it is sometimes portrayed. Ongoing projects bring incremental rather than fundamental changes to the operational capacities of governments. Nevertheless some of them propose clear value for citizens.
> This report looks at the ongoing exploration of blockchain technology by governments. The analysis of a group of pioneering developments of public services shows that blockchain technology can reduce bureaucracy, increase the efficiency of administrative processes and increase the level of trust in public recordkeeping.
* [Private-Sector Digital Identity in Emerging Markets](https://www.cariboudigital.net/wp-content/uploads/2019/01/Caribou-Digitial-Omidyar-Network-Private-Sector-Digital-Identity-In-Emerging-Markets.pdf) 2019-01 Caribou Digital
> Digitization in the public sector is moving much more slowly, but the transition away from analog is well underway. Smart identity cards, NFC-enabled passports, and digitally stored biometrics are being used by states around the world as they upgrade legacy identity systems. The benefits of digitization for governments— increased efficiencies, lower costs, reduced fraud and corruption, easier surveillance, better data sharing within government—are clear and significant. And for those countries who haven’t yet been able to establish a highly successful analog identity program, the potential of leapfrogging to a fully digital infrastructure is very appealing. Most importantly, the advantages of digital systems have the potential to expand access to identity for otherwise marginalized and vulnerable populations. The benefits of a legal identity for these groups can be tremendous, and the U.N. formally recognized these advantages in 2015 by codifying them into Sustainable Development Goal 16.9: “By 2030, provide legal identity for all, including birth registration.”
* [Video] [Governments and Decentralized Identity -- Presentation from Shailee Adinolfi](https://www.youtube.com/watch?v=qlQNahzjJVw) 2018-12-06
> Shailee Adinolfi (Director, Government Blockchain Solutions, ConsenSys) argues that government adoption of self-sovereign identity is necessary for any widespread implementation of the technology. Through use of blockchain, SSI could provide oversight, transparency, and security while smart contracts could automate government processes, reducing costs and improving efficiency.
> Digitization in the public sector is moving much more slowly, but the transition away from analog is well underway. Smart identity cards, NFC-enabled passports, and digitally stored biometrics are being used by states around the world as they upgrade legacy identity systems. The benefits of digitization for governments— increased efficiencies, lower costs, reduced fraud and corruption, easier surveillance, better data sharing within government—are clear and significant. And for those countries who haven’t yet been able to establish a highly successful analog identity program, the potential of leapfrogging to a fully digital infrastructure is very appealing. Most importantly, the advantages of digital systems have the potential to expand access to identity for otherwise marginalized and vulnerable populations.
* [Digital Identity: Towards Shared Principles for Public and Private Sector Cooperation](http://documents.worldbank.org/curated/en/600821469220400272/pdf/107201-WP-PUBLIC-WB-GSMA-SIADigitalIdentity-WEB.pdf) 2016-07 World Bank Group, GSMA, Secure Identity Alliance
> The ability to prove one’s identity is increasingly recognized as the basis for participation in social, political, economic, and cultural life. Yet at least a billion people in developing countries lack any form of officially recognized ID. This problem disproportionally impacts rural residents, poor people, women, children, and other vulnerable groups in Africa and Asia. Digital identity, combined with the extensive use of mobile devices in the developing world, offers a transformative solution to this global challenge and provides public and private sector entities with efficient ways to reach the poorest and most disadvantaged. This discussion paper, divided into three parts, explores the connection between digital identity and sustainable development. Part I illustrates how the use of digital identity promotes efficiency gains, financial savings, social inclusion and access to basic services and rights, with examples from countries that have adopted digital identity systems. The paper then outlines some of the key risks and challenges that must be overcome, specifically in the areas of political commitment, data protection and privacy, cost, and sustainable business models. Part II of the paper lays out the digital identity lifecycle and the roles of public and private sector players, and suggests some key considerations in the design of business models. Finally, Part III of the paper suggests some common principles—including universal coverage, appropriate and effective design, and privacy and data protection—and enablers for maximizing the potential of digital identity to contribute to sustainable development.
* [Identity Validation as a Public Sector Digital Service?](https://blog.aniljohn.com/2014/07/identity-validation-as-a-public-sector-digital-service.html) 2014-07
> I’ve written before about the role that the public sector currently has in identity establishment, but not in identity validation. This absence has led to an online ecosystem in the U.S. that depends on non-authoritative information for identity validation. These are some initial thoughts on what an attribute validation service, which provides validation of identity attributes using authoritative public sector sources, could look like.
> This discussion paper, divided into three parts, explores the connection between digital identity and sustainable development. Part I illustrates how the use of digital identity promotes efficiency gains, financial savings, social inclusion and access to basic services and rights, with examples from countries that have adopted digital identity systems. The paper then outlines some of the key risks and challenges that must be overcome, specifically in the areas of political commitment, data protection and privacy, cost, and sustainable business models. Part II of the paper lays out the digital identity lifecycle and the roles of public and private sector players, and suggests some key considerations in the design of business models. Finally, Part III of the paper suggests some common principles—including universal coverage, appropriate and effective design, and privacy and data protection—and enablers for maximizing the potential of digital identity to contribute to sustainable development.
> MetaMUI SSID is the world’s first true Self-Sovereign Identity Application that enables running Blockchain-Based E-Government System, and CBDC payments on top of MetaMUI Blockchain.
* [Video] [Dividing the Movement w. Alison McDowell (Separating Signal from Noise)](https://www.youtube.com/watch?v=awCcnstfhLY) 2022-03-08Doom&GloomHQ
> Something that i found on some of the research that we were doing on the international bank of settlements (BIS). I don't like them, but I like the way that they present information sometimes. But CBDC 2.0 since we're moving toward that direction um they kind of called it a like a money flower. It has like four different sections which is: your accessibility, what kind of money, who issues that money, and then the technology that it
* [Why CBDCs will likely be ID-based](https://www.ft.com/content/88f47c48-97fe-4df3-854e-0d404a3a5f9a) 2021-05-05 Financial Times
> Central banks are realising CBDCs will have to be intimately linked to identity to deal with illicit finance and bank disintermediation risk
* [A Brief Introduction to How SSI Infrastructure Can Integrate Digital Fiat Currency (DFC)](https://www.itu.int/en/ITU-T/Workshops-and-Seminars/20180718/Documents/D_Reed.pdf) 2018-07-18 Drummond Reed ITU
> Conclusion: SSI and DFC were made for each other—and the Sovrin Foundation’s mission is to help with this integration
> While the DID Authn pattern is simple, it is not as flexible as we need in some situations. For more complicated scenarios, we can use verifiable credentials. The first scenario we’ll consider is where the same organization is issuing and verifying the credential.
* [Introduction to DID Auth for SSI with Markus Sabadello](https://www.slideshare.net/SSIMeetup/introduction-to-did-auth-with-markus-sabadello) 2018-07-04 [SSI-Meetup](https://ssimeetup.org/introduction-did-auth-markus-sabadello-webinar-10/)
> Markus Sabadello, CEO of Danube Tech, will talk about DID Auth, an emerging building block in the SSI ecosystem. Although the technical details of DID Auth are not well-defined at this point, its general concept is clear: With self-sovereign identity infrastructure, the most trivial and straightforward functionality for identity owners should be the ability to authenticate, i.e. to prove control of a DID in some relationship or during a transaction. This could take place using a number of different data formats, protocols, and flows. DID Auth includes the ability to authenticate to web sites and applications, and to establish mutually authenticated communication channels. In this webinar, we will discuss the current state of the DID Auth concept, and how it relates to other efforts such as Verifiable Credentials and agent protocols.
* [DID Auth and the Little I-am-Me](https://medium.com/@markus.sabadello/did-auth-and-the-little-i-am-me-ec14d757ff09) 2018-09-04
Community collaboration and project management on interoperability goal to seek the greatest interoperability in the greater good, not to pick winners. Provide feedback, input documents, members, and guidance to working groups producing standards, specifications, reference implementations and demonstrations hosted by community organizations including but not limited to IETF, W3C, W3C CCG, Hyperledger, Trust over IP.
* [A Brief Introduction to How SSI Infrastructure Can Integrate Digital Fiat Currency (DFC)](https://www.itu.int/en/ITU-T/Workshops-and-Seminars/20180718/Documents/D_Reed.pdf)
MetaMUI SSID is the world’s first true Self-Sovereign Identity Application that enables running Blockchain-Based E-Government System, and CBDC payments on top of MetaMUI Blockchain.
* [Video] [Dividing the Movement w. Alison McDowell (Separating Signal from Noise)](https://www.youtube.com/watch?v=awCcnstfhLY) 2022-03-08Doom&GloomHQ
> Something that i found on some of the research that we were doing on the international bank of settlements (BIS). I don't like them, but I like the way that they present information sometimes. But CBDC 2.0 since we're moving toward that direction um they kind of called it a like a money flower. It has like four different sections which is: your accessibility, what kind of money, who issues that money, and then the technology that it
- aggregate well-known-did-1-of-a 1 of a (intermediate)
- aggregate did-spec-registries-1-of-a Signature Implementations 1 of many (intermediate)
- aggregate did-spec-registries-1-of-b did-method 1 of many (intermediate)
### W3C
Decentralized Identifier ✓
- Explainer ✓
- Literature +
- Methods ✓
- Tools \ Services
- Critique ✓
Verifiable Credential
- Explainer ✓
- Comparisons ✓
- Varieties
- JSON-LD
- JSON-LD ZKP BBS+
- JSON-JWT
- ZKP-CL - [IIA] Indy Aries AnnonCreds
- JWP
JSON-LD
- [Complementary] JSON-LD ✓ (W3C)
### Credentials Community Group
- [Exchange] CHAPI ✓ (CCG)
- [Complementary] Cryptography > BBS ✓ (CCG)
- [Authorization] oCap/zCap ✓ (CCG)
### IETF
- [Complementary] (IETF)
- [Authorization] GNAP ✓ (IETF)
- [Authorization] OAuth ✓ (IETF)
- [ID-Non-SSI] OAuth (IETF)
- [ID-Non-SSI] SCIM (IETF)
### OASIS
- [ID-Non-SSI] SAML (OASIS)
- [ID-Non-SSI] KMIP (OASIS)
- [ID-Non-SSI] Secure QR Code (OASIS)
### ISO/IEC
- mDL 18013-5 ✓ (ISO)
- 22030 ?
- Working Group 3 - Travel Documents
### OpenID Foundation
- [Exchange] OIDC ✓ (OpenID)
- [ID-Non-SSI] OpenID (OpenID)
### ISO
- [Exchange] mDL ✓ (ISO)
- [Blockchain] ISOTC 307 ✓ (ISO)
### CEN/CENTLIC
- [Blockchain] CEN/CENTLIC ✓ (CEN)
- [Blockchain] ERC 725 (ERC-EIP)
### FIDO
- [ID-Non-SSI] FIDO (FIDO)
## VC
* [New search engine, mobile wallet, verifiable credentials and delivery technologies.](https://twitter.com/HUMBLPay/status/1574454647384813568)via Twitter ([ANN](https://www.globenewswire.com/en/news-release/2022/04/13/2421969/0/en/HUMBL-Selected-To-Pilot-Digital-Wallet-Program-On-Behalf-of-The-County-of-Santa-Cruz-California.html) 2022-04-13 HUMBL @HUMBLPay
*using verifiable credentials in their wallet.*
> #HUMBL x GF2GO - San Diego, CA - [Pilot Program](https://www.youtube.com/watch?v=H_HAFEzmkWU)
## DIDs
W3C Press Release - [Decentralized Identifiers (DIDs) v1.0 becomes a W3C Recommendation](https://www.w3.org/2022/07/pressrelease-did-rec)worth reading to see who contributed comments (and notice who didn’t)
For individuals in particular, DIDs can put them back in control of their personal data and consent, and also enable more respectful bi-directional trust relationships where forgery is prevented, privacy is honored, and usability is enhanced.
> While the DID Authn pattern is simple, it is not as flexible as we need in some situations. For more complicated scenarios, we can use verifiable credentials. The first scenario we’ll consider is where the same organization is issuing and verifying the credential.
* [The Time for Self-Sovereign Identity is Now](https://medium.com/learning-machine-blog/the-time-for-self-sovereign-identity-is-now-222aab97041b)Kim Hamilton Duffy, Learning Machine (Now Hyland Credentials)
Oldie but Goodie by Kim Hamilton Duffy from when she worked at Learning Machines
> Technically, Verifiable Claims are claims made about a “subject” (identified by a digital identifier such as a DID) that are rendered tamper proof through digital signatures. The authenticity of digital signatures may, in turn, be established through issuer identifiers, which may also be expressed as DIDs.
> At the core of every self-sovereign identity (SSI) use case is what we call the verifiable credentials model. This simple yet effective model helps conceptualize how verifiable credentials are exchanged between people and organizations.
* [According to](https://www.w3.org/TR/vc-data-model/)W3: "Verifiable credentials represent statements made by an issuer in a tamper-evident and privacy-respecting manner."
* [Decentralized identity: What it is, why it matters](https://www.scmagazine.com/resource/identity-and-access/infographic-key-stats-on-the-passwordless-future) 2022-09-15SC Magazine
* [The Journey of Decentralized Identity: Where It’s Been and Where It’s Going](https://trinsic.id/the-journey-of-decentralized-identity-where-its-been-and-where-its-going/) 2022-07-14Trinsic
> Our goal has been to completely abstract away the complexity of the ever-changing landscape so organizations can focus on the important stuff—what product to build, and how to take it to market. Teams shouldn’t have to “pick winners” and wager what to build on. Their products should be interoperable with multiple ecosystems. That’s what Trinsic is providing, out-of-the-box.
* [https://lists.w3.org/Archives/Public/public-did-wg/](https://lists.w3.org/Archives/Public/public-did-wg/)- LIst Archives
W3C Press Release - [Decentralized Identifiers (DIDs) v1.0 becomes a W3C Recommendation](https://www.w3.org/2022/07/pressrelease-did-rec)worth reading to see who contributed comments (and notice who didn’t)
For individuals in particular, DIDs can put them back in control of their personal data and consent, and also enable more respectful bi-directional trust relationships where forgery is prevented, privacy is honored, and usability is enhanced.
* [DID, in short for Decentralized Identifier, is basically a unique string of random numbers and letters](https://twitter.com/fennykyun/status/1564249472053514240)fennykyun
> tldr\
> :: DID is just an URI\
> :: VC is a cryptographically verifiable credential using DID\
> :: SSI is a self-sovereign and privacy-preserving identity
> :: Non-human (Machines, Bots, Goods, anything) also able to have DID, VC, and SSIs
> The value of verifiable credentials and the critical role they will play to our future digital identities is undeniable. As we enter a new era of online representation, trust in the internet will need to be vigorously robust.
* [Video] [Identity Insights - Basics of Verifiable Credentials](https://www.youtube.com/watch?v=RCCatllgNv4)Indicio, Youtube
> What are verifiable credentials? In this episode we are joined by Indicio software engineer Char Howland for an introduction to what this technology is and what it can do.
* [Decentralized identity: What it is, why it matters](https://www.scmagazine.com/resource/identity-and-access/infographic-key-stats-on-the-passwordless-future) 2022-09-15SC Magazine
* [The Journey of Decentralized Identity: Where It’s Been and Where It’s Going](https://trinsic.id/the-journey-of-decentralized-identity-where-its-been-and-where-its-going/) 2022-07-14Trinsic
> Our goal has been to completely abstract away the complexity of the ever-changing landscape so organizations can focus on the important stuff—what product to build, and how to take it to market. Teams shouldn’t have to “pick winners” and wager what to build on. Their products should be interoperable with multiple ecosystems. That’s what Trinsic is providing, out-of-the-box.
* <ahref="https://github.com/decentralized-identity/did-common-typescript"/>/decentralized-identity/did-common-typescript</a> - A common bundle of shared code and modules for working with DIDs, DID Documents, and other DID-related activities
Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sovereign Identity (SSI) Drummond Reed, Chief Trust Officer at Evernym, will explain in our second Webinar "Decentralized Identifiers (DIDs) - Building Block of Self-Sovereign Identity (SSI)" giving us the background on how DIDs work, where they come from and why they are important for Blockchain based Digital Identity. https://www.slideshare.net/SSIMeetup/decentralized-identifiers-dids-the-fundamental-building-block-of-selfsovereign-identity-ssi 2018-05-09
* [decentralized-identity/did-common-typescript](https://github.com/decentralized-identity/did-common-typescript) 2019-05-20 - A common bundle of shared code and modules for working with DIDs, DID Documents, and other DID-related activities
* [decentralized-identity/did-security-csharp](https://github.com/decentralized-identity/did-security-csharp) 2020-07-31 - C# implementation of DID security and privacy controls
* [decentralized-identity/did-common-java](https://github.com/decentralized-identity/did-common-java) 2023-05-13 - Shared DID Java library.
* [decentralized-identity/ua-web-extension](https://github.com/decentralized-identity/ua-web-extension) 2018-10-23 - Basic web extension version of a DID User Agent
* [decentralized-identity/did-recovery](https://github.com/decentralized-identity/did-recovery) - Various methods for DID recovery
* [decentralized-identity/web-polyfills](https://github.com/decentralized-identity/web-polyfills) - Polyfills for proposed or emerging DID-centric Web APIs
* [decentralized-identity/http-did-auth-proxy](https://github.com/decentralized-identity/http-did-auth-proxy) - Forked from bcgov/http-did-auth-proxy
DID Auth HTTP proxy.
* [Public profile - Machine-readable, cryptographially-verifiable imprint linked to a DID](https://hackmd.io/4oZOgwFOQDSFUuu3ruN-_g)
> a simple mechanism to provide public information concerning an entity by advertising a public profile service in the DID document of a public DID. A good analogy for this public identity information would be a machine-readable and cryptographically-verifiable imprint.
### Verifiable Credentials
* [What Are Verifiable Credentials? And How Can They Build Digital Trust?](https://www.salesforce.com/blog/verifiable-credentials/) 2022-02-01Salesforce
> Verifiable credentials and verifiable credential management technology offer a direct and secure channel between an organization and its stakeholders. Learn how they bring control over digital identity and build trust with organizations – from health credentials to college degrees.
* [What are Verifiable Credentials? Why do they matter?](https://flur.ee/2022/01/10/what-are-verifiable-credentials-why-do-they-matter/) 2022-01-10 Fluree
> Authority Does Not Require Centralized Power
>
> As mentioned in my previous article, the trouble with centralization is that data is stored in a database. Once breached, a database can yield a treasure chest of information to be sold on the dark web.
* [Essential Services Delivery coordination using Digitally Verifiable Credentials](https://github.com/bcgov/essential-services-delivery)
> This repository contains the build, deployment, and application configurations needed to pull a number of separate applications into a single environment and deploy them as a group of interrelated services.
* [Verifiable Credential Authentication with OpenID Connect (VC-AuthN OIDC)](https://github.com/bcgov/vc-authn-oidc)
> The integration this document defines is how holders of verifiable credentials can leverage these to authenticate with parties. Note, how the holder became in possession of supported verifiable credentials is out of scope for this integration.
>
> Like any new technology there is adoption required of new concepts, this particular integration aims to provide an easy integration path that allows parties to start leveraging the power of verifiable credentials for user authentication in a non-disruptive fashion. This is achieved by extending the vastly popular OpenID Connect family of specifications.
[Verifiable Credentials 101 for SSI and Decentralized Digital Identity - Tyler Ruff](https://www.slideshare.net/SSIMeetup/verifiable-credentials-101-for-ssi-and-decentralized-digital-identity-tyler-ruff)
> At the core of every self-sovereign identity (SSI) use case is what we call the verifiable credentials model. This simple yet effective model helps conceptualize how verifiable credentials are exchanged between people and organizations.
* [According to](https://www.w3.org/TR/vc-data-model/)W3: "Verifiable credentials represent statements made by an issuer in a tamper-evident and privacy-respecting manner."
> The value of verifiable credentials and the critical role they will play to our future digital identities is undeniable. As we enter a new era of online representation, trust in the internet will need to be vigorously robust.
* [New search engine, mobile wallet, verifiable credentials and delivery technologies.](https://twitter.com/HUMBLPay/status/1574454647384813568)via Twitter ([ANN](https://www.globenewswire.com/en/news-release/2022/04/13/2421969/0/en/HUMBL-Selected-To-Pilot-Digital-Wallet-Program-On-Behalf-of-The-County-of-Santa-Cruz-California.html) 2022-04-13 HUMBL @HUMBLPay
*using verifiable credentials in their wallet.*
> #HUMBL x GF2GO - San Diego, CA - [Pilot Program](https://www.youtube.com/watch?v=H_HAFEzmkWU)
### WebAuthn
* [W3C WebAuthn V2 Now a Standard](https://self-issued.info/?p=2160)Mike Jones
> While remaining compatible with the original standard, this second version adds additional features, among them for user verification enhancements, manageability, enterprise features, and an Apple attestation format. ([Recommendation](https://www.w3.org/TR/2021/REC-webauthn-2-20210408/))([CTAP also approaching standardization](https://self-issued.info/?p=2155).
* [Web Authentication: An API for accessing Public Key Credentials Level 2](https://www.w3.org/TR/2021/PR-webauthn-2-20210225/). This specification defines an API enabling the creation and use of strong, attested, scoped, public key-based credentials by web applications, for the purpose of strongly authenticating users.
* [Second Version of W3C Web Authentication (WebAuthn) advances to Proposed Recommendation (PR)](https://self-issued.info/?p=2149)
> The World Wide Web Consortium (W3C) has published this [Proposed Recommendation (PR)](https://www.w3.org/TR/2021/PR-webauthn-2-20210225/) Level 2 specification, bringing the second version of WebAuthn one step closer to becoming a completed standard. While remaining compatible with the original standard, this second version adds additional features, among them for user verification enhancements, manageability, enterprise features, and an Apple attestation format.
* [Near-Final Second W3C WebAuthn and FIDO2 CTAP Specifications](https://self-issued.info/?p=2143)
> The [W3C WebAuthn](https://www.w3.org/blog/webauthn/) and [FIDO2](https://fidoalliance.org/fido2/) working groups have been busy this year preparing to finish second versions of the W3C Web Authentication (WebAuthn) and FIDO2 Client to Authenticator Protocol (CTAP) specifications
* [Public profile - Machine-readable, cryptographially-verifiable imprint linked to a DID](https://hackmd.io/4oZOgwFOQDSFUuu3ruN-_g)
> a simple mechanism to provide public information concerning an entity by advertising a public profile service in the DID document of a public DID. A good analogy for this public identity information would be a machine-readable and cryptographically-verifiable imprint.
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
⧉ infominer