# Non SSI Identity Standards ## Contents - OpenID - FIDO - OAuth - SCIM - SAML - KMIP - Secure QR Code ## OpenID * [OpenID Foundation Publishes Whitepaper on Open Banking](https://openid.net/2022/03/18/openid-foundation-publishes-whitepaper-on-open-banking/) OpenID > The paper documents the international movement towards Open Banking, Open Finance, and secure, consent driven access to all user data. It describes the OpenID Foundation and in particular the Financial-Grade API (FAPI) Working Group’s experience with Open Banking ecosystems internationally. * [OpenID Foundation Publishes Whitepaper on Open Banking](https://openid.net/2022/03/18/openid-foundation-publishes-whitepaper-on-open-banking/) The OpenID Foundation is pleased to share its new whitepaper, “[Open Banking, Open Data and Financial-Grade APIs](https://openid.net/wordpress-content/uploads/2022/03/OIDF-Whitepaper_Open-Banking-Open-Data-and-Financial-Grade-APIs_2022-03-16.pdf)”. The paper documents the international movement towards Open Banking, Open Finance, and secure, consent driven access to all user data. It describes the OpenID Foundation and in particular the Financial-Grade API (FAPI) Working Group’s experience with Open Banking ecosystems internationally. * [The 7 Laws of Identity Standards](https://openid.net/2021/04/10/the-7-laws-of-identity-standards/) OpenID 1. A identity standard’s adoption is driven by its value of the reliability, repeatability and security of its implementations. 2. A standard’s value can be measured by the number of instances of certified technical conformance extant in the market. 3. Certified technical conformance is necessary but insufficient for global adoption. 4. Adoption at scale requires widespread awareness, ongoing technical improvement and a open and authoritative reference source. 5. When Libraries/Directories/ Registries act as authoritative sources they amplify awareness, extend adoption and promote certification. 6. Certified technical conformance importantly complements legal compliance and together optimize interoperability. 7. Interoperability enhances security, contains costs and drives profitability. * [Security Event Tokens, Subject Identifiers, and SSE/CAEP/RISC Java implementation](https://domsch.com/IIW32/IIW32-openid-sse-model.pdf) Matt Domsch, VP & Engineering Fellow > • Security Event Tokens – RFC 8417 > • Subject Identifiers – Internet Draft RFC > • Shared Signals & Events – OpenID Foundation WG > • Includes RISC, CAEP, and Oauth event profiles * [Introducing the Global Assured Identity Network (GAIN) Proof of Concept Community Group](https://openid.net/2022/03/02/introducing-the-global-assured-identity-network-gain-proof-of-concept-community-group/) > The OpenID Foundation is pleased to announce the launch of the Global Assured Identity Network (GAIN) Proof of Concept Community Group, which aims to test the technical hypotheses underlying the [“GAIN Digital Trust”](https://gainforum.org/GAINWhitePaper.pdf) white paper. * [2021 OpenID Foundation Board Update](https://openid.net/2021/02/09/2021-openid-foundation-board-update/) > Nat Sakimura and John Bradley were re-elected to new two-year terms as community member representatives. Nat and John’s well-known technical expertise and global thought leadership ensures continuity across working groups and as the Foundation transitions to new leadership in 2021. * [OpenID Foundation is Hiring a new Executive Director](https://openid.net/2020/11/17/openid-foundation-executive-director-job-description/) > The OpenID Foundation is seeking an Executive Director with the experience, skills, strategic vision, and commitment to advancing the Foundation’s open standards initiatives. This is a unique opportunity to lead a well-respected, member-driven, vendor-neutral, international standardization organization. * [How GAIN Happens, Slowly Then All at Once](https://openid.net/2022/06/03/how-gain-happens-slowly-then-all-at-once/) OpenID GAIN is marked by a cross sector, crowd sourced, open, global due diligence. GAIN’s self organized participants are actively seeking evidence that disconfirms the GAIN hypothesis. * [2022 OpenID Foundation Kim Cameron Award Recipients Announced](https://openid.net/2022/04/29/2022-openid-foundation-kim-cameron-award-recipients-announced/) > This was the first IIW without Kim Cameron. This was a very fitting announcement. > > The OpenID Foundation is pleased to announce the first cohort of awardees for inaugural launch of the Kim Cameron Award Program. We first must thank the many well-qualified applicants who presented compelling interest in user-centric identity. * [Kim Cameron Award Winner Reflects on EIC](https://openid.net/2022/07/05/rachelle-sellung-2022-kim-cameron-award/) Rachelle Sellung > In a matter of a few days, I heard many inspiring presentations, had many interesting conversations, and met many wonderful people in this field at the Conference. It has already led to multiple conversations of working together regarding future stakeholder research that will hopefully be useful and support the identity community. * [OpenID Foundation Publishes “Open Banking and Open Data: Ready to Cross Borders?”](https://openid.net/2022/07/29/whitepaper-open-banking-and-open-data/) OpenID * [OpenID Foundation Publishes “The Global Open Health Movement: Empowering People and Saving Lives by Unlocking Data” Whitepaper](https://openid.net/2022/07/22/the-global-open-health-movement-empowering-people-and-saving-lives-by-unlocking-data-whitepaper/) OpenID * [Passing the Torch at the OpenID Foundation](https://self-issued.info/?p%3D2170) Mike Jones > Today marks an important milestone in the life of the OpenID Foundation and the worldwide digital identity community. Following [Don Thibeau’s decade of exemplary service to the OpenID Foundation as its Executive Director](https://openid.net/2021/02/19/resolution-thanking-don-thibeau-for-his-service/), today we [welcomed Gail Hodges as our new Executive Director](https://openid.net/2021/04/28/welcoming-gail-hodges-as-our-new-executive-director/). * [Announcing the 2022 OpenID Foundation Individual Community Board Member Election](https://openid.net/2021/12/30/announcing-the-2022-openid-foundation-individual-community-board-member-election/) Board participation requires a substantial investment of time and energy. It is a volunteer effort that should not be undertaken lightly. Should you be elected, expect to be called upon to serve both on the board and on its committees. You should have your employer’s agreement to attend two or more in-person board meetings a year, which are typically collocated with important identity conferences around the world. * [The OpenID Foundation Welcomes Visa to the Board of Directors](https://openid.net/2021/12/07/the-openid-foundation-welcomes-visa-to-the-board-of-directors/) OpenID > Visa’s leadership in global payments and identity services as well as their longstanding commitment to standards will be of great value as we tailor our strategy to this moment. * [Okta Joins the OpenID Foundation Board to Further Advance Open Identity Standards](https://openid.net/2021/12/10/okta-joins-the-openid-foundation-board-to-further-advance-open-identity-standards/) OpenID > “OpenID Connect is one of the most adopted identity standards, providing essential functionality to core solutions across the industry,” said Vittorio Bertocci, Principal Architect, Auth0. * [Registration - OpenID Foundation Virtual Workshop](https://openid.net/2021/03/01/registration-open-for-openid-foundation-virtual-workshop-april-29-2021/) April 29, 2021 > updates on all active OpenID Foundation Working Groups as well the OpenID Certification Program * [Public Review Period for Second Proposed RISC Profile Implementer’s Draft](https://openid.net/2022/07/05/public-review-period-for-second-proposed-risc-profile-implementers-draft/) This specification defines event types and their contents based on the [SSE Framework](https://openid.net/specs/openid-risc-profile-specification-1_0-02.html%23SSE-FRAMEWORK) that are required to implement Risk Incident Sharing and Coordination. * [Global Assured Identity Network White Paper](https://openid.net/2021/09/20/global-assured-identity-network-white-paper/) * [Announcing the 2022 OpenID Foundation Kim Cameron Scholarship](https://openid.net/2022/04/08/announcing-the-2022-openid-foundation-kim-cameron-scholarship/) OpenID > Scholarship recipients will be studying, researching, interning or working in a field relevant to one or more [OpenID Foundation working groups](https://openid.net/wg/) and consistent with Foundation’s Mission. The scholarship recipients will also be invited to participate in Foundation breakout meetings at the European Identity Conference and Identiverse which will provide exposure to both the Foundation’s business as well as leading technologists. * [Security Event Tokens, Subject Identifiers, and SSE/CAEP/RISC Java implementation](https://iiw.idcommons.net/13A/_Security_Event_Tokens,_Subject_Identifiers,_and_SSE/CAEP/RISC_Java_implementation) by Matt Domsch > Matt presented an overview of the OpenID Foundation Shared Signals and Events Working Group, and his implementation of the object model in an open source Java library at [https://github.com/sailpoint-oss/openid-sse-model/](https://github.com/sailpoint-oss/openid-sse-model/)* [Shared Signal and Events (SSE) working group](https://openid.net/wg/sse/) in the OpenID Foundation. ## OAuth ## SCIM ## SAML ## KMIP ## Secure QR Code ## RDF ## RDF * [Technical Report on the Universal RDF Dataset Normalization Algorithm](https://lists.w3.org/Archives/Public/public-credentials/2021Apr/att-0032/Mirabolic_Graph_Iso_Report_2020_10_19.pdf) - [Bill Bradley](https://lists.w3.org/Archives/Public/public-credentials/2021Apr/0032.html) > The goal of this technical report is to review the Universal RDF Dataset Normalization Algorithm (URDNA2015) for correctness and to provide satisfactory evidence that possible issues with URDNA2015 have been considered and dismissed. We do not lay out the algorithm in its considerable technical detail here, but refer the reader to the proposed technical specification 1 [Longley], a set of proofs by Rachel Arnold and Dave Longely [Arnold], and a reference implementation in Python [DigitalBazaar] * [Importing Verifiable Data as Labeled Property Graphs](https://lists.w3.org/Archives/Public/public-credentials/2022Jun/0022.html)  Orie Steele (Wednesday, 15 June) I think what happens is that a first blank node is created for the proof, and since that node has `@container` `@graph`, instead of being able to trace the relationships directly from credential to proof to verification method... Each proof is being treated as a disjoint subgraph, and the relationship is not being preserved during import… [...] I suspect this is solvable with a more complicated graph config: [https://neo4j.com/labs/neosemantics/4.0/config/](https://neo4j.com/labs/neosemantics/4.0/config/) But I wonder if we might correct this behavior in VC Data Model 2.0, such that RDF representations don't have this odd behavior when imported as labeled property graphs. [...] answer on the github issue for the standard, I raised it here: [](https://github.com/w3c/vc-data-model/issues/881)[https://github.com/w3c/vc-data-model/issues/881](https://github.com/w3c/vc-data-model/issues/881) * [Proposed W3C Charter: RDF Dataset Canonicalization and Hash Working Group](https://lists.w3.org/Archives/Public/public-credentials/2022May/0033.html)  Manu Sporny (Tuesday, 17 May) The goal of this group is to standardize the way many of us digitally sign Verifiable Credentials. This working group has been about decade in the making (some would say two decades) and is important for achieving things like BBS+ selective disclosure as well as standardizing the way we format Verifiable Credentials before they are digitally signed. The [announcement](https://lists.w3.org/Archives/Public/public-new-work/2022May/0005.html) is here The [proposed charter](https://www.w3.org/2022/05/04-proposed-rch-wg-charter/) is here * [URDNA2015 Implementation Question](https://lists.w3.org/Archives/Public/public-credentials/2022Jul/0017.html)  Daniel Petranek (Thursday, 7 July) I've instrumented the rdf-canonicalize library so I can inspect the order of execution, and it appears that what differs between my implementation and the Javascript one is the order of the permutations. The spec doesn't say how the permutations should be ordered, and my intuition is that the order does indeed matter - though I'm happy to be corrected if I'm wrong. So, here is my question(s): - Does the order of the permutations matter? - If so, what order should they be in? * [In Praise of Kim Cameron](https://openid.net/2021/12/04/in-praise-of-kim-cameron/) OpenID Foundation > Not only did Kim “inject his 7 laws of identity into Microsoft’s DNA”, but did so throughout today’s growing global digital identity ecosystem. > > Kim was crafty. He not only injected his thinking into Microsoft; as a champion of the Identity Standards Community, Kim embedded his thinking into the standards that inform many of the identity systems operating at scale today. * [OIDF Workshop at EIC 2022 — Tuesday, May 10, 2022](https://openid.net/workshops/workshop-at-eic-2022/) > The OpenID Foundation hosted a workshop at [EIC 2022 in Berlin](https://www.kuppingercole.com/events/eic2022/) that was part of the pre-conference workshops on Tuesday, May 10, 2022.\ > The Foundation was thrilled to welcome and introduce two of the 2022 Kim Cameron Award winners, Rachelle Sellung and Alen Horvat at the workshop. The Foundation will soon publish blogs from Rachelle and Alen describing their experiences at EIC 2022.- * [Download workshop presentations](http://openid.net/wordpress-content/uploads/2022/05/OIDF_Workshop-at-EIC_FINAL_2022-05-11.pptx) * [Announcing the 2022 OpenID Foundation Kim Cameron Award](https://openid.net/2022/04/08/announcing-the-2022-openid-foundation-kim-cameron-scholarship/) OpenID Award recipients will be studying, researching, interning or working in a field relevant to one or more [OpenID Foundation working groups](https://openid.net/wg/) and consistent with Foundation’s Mission. The recipients will also be invited to participate in Foundation breakout meetings at the European Identity Conference and Identiverse which will provide exposure to both the Foundation’s business as well as leading technologists. GAIN was a big topic of discussion * [Nat Sakimura @_nat_en · May 12](https://twitter.com/_nat_en/status/1524654753917153280) GAIN: The Global Assured Identity Network [@OIX_Nick](https://twitter.com/OIX_Nick) and [@gailhodges](https://twitter.com/gailhodges) on the main stage. ![https://www.notion.soimages/image4.png](https://www.notion.soimages/image4.png) * [Protocols, Standards, Alliances: How to Re-GAIN the Future Internet from the Big Platforms](https://www.kuppingercole.com/watch/eic2022-panel-gain-future-internet) Kuppinger Cole just like trade unions helped the working class during the industrial revolution to fight for their rights. In this panel session, we will discuss about the enablers of such a different approach and the requirements to actually be successfull. * [Shared Signals: An Open Standard for Webhooks](https://openid.net/2021/08/24/shared-signals-an-open-standard-for-webhooks/) OpenID The OpenID Foundation formed the “[Shared Signals and Events](https://openid.net/wg/sse/)” (SSE) Working Group as a combination of the previous OpenID RISC working group and an informal industry group that was focused on standardizing [Google’s CAEP proposal](https://cloud.google.com/blog/products/identity-security/re-thinking-federated-identity-with-the-continuous-access-evaluation-protocol). These represented two distinct applications of the same underlying mechanism of managing asynchronous streams of events. Therefore the [SSE Framework](https://openid.net/specs/openid-sse-framework-1_0-01.html) is now proposed to be a standard for managing such streams of events for any application, not just CAEP and RISC. In effect, it is a standard for generalized Webhooks. * [Proof-of-possession (pop) AMR method added to OpenID Enhanced Authentication Profile spec](https://self-issued.info/?p%3D2198) Mike Jones I’ve defined an Authentication Method Reference (AMR) value called “pop” to indicate that Proof-of-possession of a key was performed. Unlike the existing “hwk” (hardware key) and “swk” (software key) methods [...] Among other use cases, this AMR method is applicable whenever a [WebAuthn](https://www.w3.org/TR/2021/REC-webauthn-2-20210408/) or [FIDO](https://fidoalliance.org/specs/fido-v2.1-ps-20210615/fido-client-to-authenticator-protocol-v2.1-ps-20210615.html) authenticator are used. - [https://openid.net/specs/openid-connect-eap-acr-values-1_0-01.html](https://openid.net/specs/openid-connect-eap-acr-values-1_0-01.html) - [https://openid.net/specs/openid-connect-eap-acr-values-1_0.html](https://openid.net/specs/openid-connect-eap-acr-values-1_0.html) * [OpenID Foundation is Hiring a new Executive Director](https://openid.net/2020/11/17/openid-foundation-executive-director-job-description/) > The OpenID Foundation is seeking an Executive Director with the experience, skills, strategic vision, and commitment to advancing the Foundation’s open standards initiatives. This is a unique opportunity to lead a well-respected, member-driven, vendor-neutral, international standardization organization. > > extension the semantics, of the set of claims comprising a Verifiable Credential. A shared Credential Schema allows all parties to reference data in a known way * [Vote for First Implementer’s Drafts of OIDConnect SIOPV2 and OIDC4VP Specifications](https://openid.net/2022/01/18/notice-of-vote-for-first-implementers-drafts-of-openid-connect-siopv2-and-oidc4vp-specifications/) OpenID The official voting period will be between Tuesday, February 1, 2022 and Tuesday, February 8, 2022, following the [45-day review](https://openid.net/2021/12/17/first-public-review-period-for-openid-connect-siopv2-and-oidc4vp-specifications-started/) of the specifications. * [OpenID for Verifiable Credentials](http://openid.net/wordpress-content/uploads/2022/05/OIDF-Whitepaper_OpenID-for-Verifiable-Credentials_FINAL_2022-05-12.pdf) [...] The goal of this whitepaper is to inform and educate the readers about the work on the OpenID for Verifiable Credentials (OpenID4VC) specifications family. It addresses use-cases referred to as Self-Sovereign Identity, Decentralized Identity, or User-Centric Identity.