--- published: false --- # Protocols * [Hyperledger Aries Graduates To Active Status; Joins Indy As “Production Ready”](https://www.hyperledger.org/blog/2021/02/26/hyperledger-aries-graduates-to-active-status-joins-indy-as-production-ready-hyperledger-projects-for-decentralized-identity) “This approval is further evidence that Hyperledger Aries is a breakout success for the Hyperledger community,” said Brian Behlendorf, General Manager for Blockchain, Healthcare and Identity at the Linux Foundation. “Convergence on common libraries for the exchange of credentials will help speed the development of urgently-needed solutions and systems, ranging from education to finance to the fight against the pandemic. Aries is key to that convergence.” * [Torgap architecture & products](https://github.com/BlockchainCommons/torgap) > Torgap is the Blockchain Commons security and privacy architecture model for creating gaps between connected apps and microservices. It supports privacy, service anonymity, identity psuedonymity, non-correlation, censorship-resistance, and seperation-of-interests and reduces single-points-of-failure. This emerging architecture is supported by QuickConnect and Blockchain Commons' Gordian system, while our Airgapped Wallet community and our research papers are charting its future. * [Selected Parts of the DIF SDS/CS Hub and EDV Discussion featuring Daniel Buchner’s Description of a Hub](https://hyperonomy.com/2021/03/24/transcription-of-selected-parts-of-the-dif-sds-cs-march-11-2021-zoom-call-hub-and-edv-discussion-featuring-daniel-buchners-description-of-a-hub/) Michael Herman > This is a [transcription of selected parts of the EDV-Hub conversation](https://hyperonomy.com/2021/03/24/transcription-of-selected-parts-of-the-dif-sds-cs-march-11-2021-zoom-call-hub-and-edv-discussion-featuring-daniel-buchners-description-of-a-hub/) during the DIF SDS/CS Thursday weekly Zoom call on March 11, 2021. This is the call where Daniel Buchner described (verbally) several aspects about what is and what is not a Hub. ## OpenID Connect * [OpenID Connect Presentation at IIW XXXII](https://self-issued.info/?p%3D2167) - [OpenID Connect](https://openid.net/connect/) - [Frequently Asked Questions](https://openid.net/connect/faq/) - [Working Group Mailing List](https://lists.openid.net/mailman/listinfo/openid-specs-ab) - [OpenID Certification Program](https://openid.net/certification/) - [Certified OpenID Connect Implementations Featured for Developers](https://openid.net/developers/certified/) - [Mike Jones’ Blog](https://self-issued.info/) - [Nat Sakimura’s Blog](https://nat.sakimura.org/) - [John Bradley’s Blog](https://www.thread-safe.com/) * [Decoding the Sidetree Protocol](https://academy.affinidi.com/decoding-the-sidetree-protocol-18d8bfa39257) Affinidi > Sidetree protocols are layer 2 protocols that anchor to the underlying decentralized ledger system. That said, it is ledger agnostic and its primary role is to anchor batches of signed JSON operations to the network. * [Universal Resolver Driver Policy Discussion](https://iiw.idcommons.net/21P/_Universal_Resolver_Driver_Policy_Discussion) by Bernhard Fuchs, Markus Sabadello Currently, instances of the Universal Resolver is hosted by DIF, IBM, and other companies. Danube Tech has been maintaining the project. The project has some guidelines for contributing new DID method drivers:[https://github.com/decentralized-identity/universal-resolver/blob/master/docs/driver-development.md](https://github.com/decentralized-identity/universal-resolver/blob/master/docs/driver-development.md) We have some ongoing questions on policies for Universal Resolver drivers. Proposal: We should require contact data for maintainers of drivers (could be email address or any other type of contact data). Another challenge is that there may be multiple projects claiming the same DID method name. How to decide which DID method driver to include in the Universal Resolver? Proposal: Driver implementers must get their DID method registered first in the W3C DID method registry, then they can contribute a Universal Resolver driver (this avoids ambiguities) DID test suite: [https://github.com/w3c/did-test-suite](https://github.com/w3c/did-test-suite) DID test suite is not for runtime, but the Universal Resolver could do a few simple checks on a driver's responses. But there's also a philosophical question: Should the Universal Resolver be "allowed" to check and potentially transform driver responses, or should it just "pass through" everything that comes from a driver? * [WHiSSPR- Human transparency over identity and surveillance risk](https://iiw.idcommons.net/23E/_WHiSSPR-_Human_transparency_over_identity_and_surveillance_risk) by Sal D’Agostino * [Building ActivityPub into Known](https://werd.io/2021/building-activitypub-into-known) Ben Werdmüller * [Known](https://withknown.com/) has supported [Indieweb](https://indieweb.org/) standards since the beginning, but Fediverse has been notably missing. I think that’s a big omission, but also not something I’ve had bandwidth to fix. * [ActivityPub support · Issue #2615 · idno/known · GitHub](https://github.com/idno/known/issues/2615%23issuecomment-991335313) This issue now has a funding of 3004.5068 USD (3000.0 USD @ $1.0/USD) attached to it. - If you would like to work on this issue you can 'start work' [on the Gitcoin Issue Details page](https://gitcoin.co/issue/idno/known/2615/100027300). - Want to chip in? Add your own contribution [here](https://gitcoin.co/issue/idno/known/2615/100027300). - Questions? Checkout [Gitcoin Help](https://gitcoin.co/help) or the [Gitcoin's Discord](https://discord.gg/gitcoin/) - $5,664,407.63 more funded OSS Work available on the [Gitcoin Issue Explorer](https://gitcoin.co/explorer) * [Ten Reasons to Use Picos for Your Next Decentralized Programming Project](https://www.windley.com/archives/2021/07/ten_reasons_to_use_picos_for_your_next_decentralized_programming_project.shtml) Summary: Picos are a programming model for building decentralized applications that provide significant benefits in the form of abstractions that reduce programmer effort. Here are ten eleven reasons you should use picos for your next decentralized application. Temperature Sensor Network Built from Picos I didn't start out to write a programming language that naturally supports * [Implement Client Credentials with Kong Konnect and Okta](https://developer.okta.com/blog/2021/05/25/client-credentials-kong-konnect) > The OIDC plugin enables Kong, as the API gateway, to communicate with Okta via the OAuth/OIDC flows. * [ION – We Have Liftoff!](https://techcommunity.microsoft.com/t5/identity-standards-blog/ion-we-have-liftoff/ba-p/1441555) > We are excited to share that v1 of [ION](https://identity.foundation/ion/) is complete and has been launched on Bitcoin mainnet. We have deployed an ION node to our production infrastructure and are working together with other companies and organizations to do so as well. ION does not rely on centralized entities, trusted validators, or special protocol tokens – ION answers to no one but you, the community. Because ION is an open, permissionless system, anyone can run an ION node, in fact the more nodes in operation, the stronger the network becomes. Development of ION, and the Sidetree standard ION is based on, takes place in the [Decentralized Identity Foundation](https://identity.foundation/) (DIF). Read on to learn how you can integrate ION, DIDs, and Verifiable Credentials in your applications and services. * [Identity, Unlocked... SIOP with Kristina Yasuda](https://auth0.com/blog/identity-unlocked-explained-season-2-ep-5/) > As a discovery mechanism to invoke a Self-Issued OP, the discussion on the podcast covered the usage of a custom schema 'openid://'. Alternative mechanisms to address the limitations of custom schemas are being actively explored in the WG. The conversation meanders through deeper details, from how the current [SIOP specification draft](https://bitbucket.org/openid/connect/src/master/openid-connect-self-issued-v2-1_0.md) under the OpenID Foundation picks up the mission from a [former attempt under DIF](https://identity.foundation/did-siop/) to encoding approaches for verifiable presentations (embedding in JWTs, [LD proofs](https://w3c-ccg.github.io/ld-proofs/), how to represent attributes * [Sidetree Protocol reaches V1](https://blog.identity.foundation/sidetree-protocol-reaches-v1/) DIF > This week, the DIF Steering Committee officially approved the first major release of the Sidetree Protocol specification, "v1" so to speak. This protocol has already been implemented, and four of its implementers have been collaborating intensively for over a year on expanding and extending this specification together. * [PROPOSAL: Confidential Storage Specification Refactoring 0.2 – March 24, 2021](https://lists.w3.org/Archives/Public/public-credentials/2021Mar/0245.html) > Based on the March 11 Zoom discussion where we worked hard to discern the differences between Agents, Hubs, and EDVs (and I believe were largely successful IMO), I’ve like to propose to the SDS/CS WG that we refactor the current Confidential Storage specification into 3 separable parts/specifications. ## Identity Not SSI * [The Nuts and Bolts of OAuth 2.0](https://aaronparecki.com/2020/12/22/14/oauth) Aaron Parecki - Mr. OAuth has a new course out on Udemy > 3.5 hours of video content, quizzes, as well as interactive exercises with a guided learning tool to get you quickly up to speed on OAuth, OpenID Connect, PKCE, best practices, and tips for protecting APIs with OAuth. ### Universal Resolver supports ION DID Method * [@dialtone4web](https://twitter.com/dialtone4web) shares: *"ION based[@DecentralizedID](https://twitter.com/DecentralizedID) identifiers can now be resolved by the UniversalResolver. #v0.8.1 #ownyouridentity"* * [Adds support for resolving ION DIDs #154](https://github.com/decentralized-identity/universal-resolver/pull/154) ### Grant Negotiation and Authorization Protocol (GNAP) * [GNAP Editors' Use of GitHub Issues](https://aaronparecki.com/2020/11/25/4/gnap-github-issues) > The editors met yesterday to discuss the issues that were pulled out of the previous draft text and document a process for how to resolve these and future issues. We would like to explain how we plan on using labels on GitHub issues to keep track of discussions and keep things moving. * [Genesis of the GNAP working group with Dick Hardt of SignIn.org](https://auth0.com/blog/identity-unlocked-explained-episode-6/). Auth0 Podcast *Identity Unlocked* Vittorio Bertocci > The decision was made to create a new group apart from OAuth, and Dick clarifies that the GNAP working group does not feel constrained by existing technology; GNAP does not need to be backward-compatible, but Dick still hopes that the transition to GNAP will be smooth for those who use it. * [Filling in the GNAP](https://medium.com/@justinsecurity/filling-in-the-gnap-a032453eaf8c) > Justin Richer identity protocol writer and implementer extraordinaire has a very excellent post explaining the new GNAP and all the things that lead to it, including OAuth, OpenID, TxAuth, OAuth3, and OAuth.XYZ. This protocol is a big deal and will be important. It’s just beginning the journey through IETF (Internet Engineering Task Force) the main standards body of the internet. * [ION reaches 1.0](https://github.com/decentralized-identity/ion) > ION makes it possible to anchor tens of thousands of DID/DPKI operations on a target chain (in ION's case, Bitcoin) using a single on-chain transaction. The transactions are encoded with a hash that ION nodes use to fetch, store, and replicate the hash-associated DID operation batches via IPFS. * [A Universal Resolver for self-sovereign identifiers](https://medium.com/decentralized-identity/a-universal-resolver-for-self-sovereign-identifiers-48e6b4a5cc3c) * [On any blockchain or other decentralized system](https://medium.com/decentralized-identity/a-universal-resolver-for-self-sovereign-identifiers-48e6b4a5cc3c) (Markus Sabadello) > This is a first step in fulfilling DIF’s mission to help individuals and organizations to control their digital identity, without being dependent on any intermediary party. > > This tool fulfills a similar purpose as Bind does in the DNS system: resolution of identifiers. However, instead of working with domain names, we work with self-sovereign identifiers that can be created and registered directly by the entities they refer to. * [Persistence, Programming, and Picos](https://www.windley.com/archives/2021/02/persistence_programming_and_picos.shtml) - > Picos show that image-based development can be done in a manner consistent with the best practices we use today without losing the important benefits it brings. > The project name, PICOS, is an abbreviation of “Privacy and Identity Management for Community Services”. The objective of the project is to advance the state of the art in technologies that provide privacy-enhanced identity and trust management features within complex community-supporting services that are built on Next Generation Networks and delivered by multiple communication service providers. The approach taken by the project is to research, develop, build trial and evaluate an open, privacy-respecting, trust-enabling identity management platform that supports the provision of community services by mobile communication service providers. > > Learn more about the [motivation](http://www.picos-project.eu/Motivation.181.0.html), the [objectives](http://www.picos-project.eu/Objectives.182.0.html), [tasks](http://www.picos-project.eu/Tasks.183.0.html) and [achievements](http://www.picos-project.eu/Achievements.190.0.html) of PICOS, and get to know the PICOS exemplary [communities](http://www.picos-project.eu/Communities.184.0.html). * [Announcing Pico Engine 1.0](https://www.windley.com/archives/2021/02/announcing_pico_engine_10.shtml) Windley I'm excited to announce a new, stable, production-ready pico engine. The latest release of the Pico Engine (1.X) provides a more modular design that better supports future enhancements and allows picos to be less dependent on a specific engine for operation. * [Building Decentralized Applications with Pico Networks](https://www.windley.com/archives/2021/02/building_decentralized_applications_with_pico_networks.shtml) ## Established Tech ### OpenID * [Intro to OpenID Connect at IIW XXXI](https://self-issued.info/presentations/OpenID_Connect_Introduction_20-Oct-20.pdf). It is a great overview of the key design principles of OpenID and how we got to now with the protocol * [New Badged Open Course: Decentralising Education Using Blockchain Technology](https://www.open.edu/openlearncreate/course/view.php?id%3D7981) Alexander.Mikroyannidis ([from CCG](https://lists.w3.org/Archives/Public/public-credentials/2021Oct/0044.html) Available on the Open University’s OpenLearn Create platform and is licensed under CC BY-NC-SA 4.0. Upon completion of the course, learners earn a free statement of participation. * [Getting Started with Self-Sovereign Identity](https://www.edx.org/course/getting-started-with-self-sovereign-identity) Kaliya & Lucy via Linux Foundation and EdX Gain a solid foundation on self-sovereign identity (SSI) with a 360 degree overview of its evolutionary journey, key concepts, standards, technological building blocks, use cases, real-world examples and implementation considerations.