16 KiB
date | title | layout | permalink | canonical_url | redirect_from | categories | tags | last_modified_at | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
2019-03-03 | DID Related Web Standards | single | specs-standards/ | https://decentralized-id.com/specs-standards/ |
|
|
|
2020-01-11 |
I've begun exploring and becoming more familiar with the decentralized nature of digital identity. Open processes for standardization, are critical components for enabling a system for identification that's both decentralized and widely interoperable.
- A Taxonomic Approach to Understanding Emerging Blockchain Identity Management Systems NIST CYBERSECURITY WHITE PAPER (DRAFT) BLOCKCHAIN IDENTITY MANAGEMENT APPROACHES
JULY 9, 2019
Identity management systems (IDMSs) are widely used to provision user identities while managing authentication, authorization, and data sharing both within organizations as well as on the Internet more broadly. Traditional identity systems typically suffer from single points of failure, lack of interoperability, and privacy issues such as encouraging mass data collection and user tracking. Blockchain technology has the potential to support novel data ownership and governance models with built-in control and consent mechanisms, which may benefit both users and businesses by alleviating these concerns; as a result, blockchain-based IDMSs are beginning to proliferate. This work categorizes these systems into a taxonomy based on differences in architecture, governance models, and other salient features. We provide context for the taxonomy by describing related terms, emerging standards, and use cases, while highlighting relevant security and privacy considerations.
Hyperledger Identity Working Group - Identity Standards
The Self-Sovereign Identity Stack by Oliver Terbu OSI
This page requires a lot of attention.
I will begin with a listing of standards bodies, organizations and open processes, to which I'm paying attention (in addition to those previously gathered). From there, I can integrate and expand, as able.
- ISSA (Information Systems Security Association)
- ISAO Standards
- IETF
- NIST
- ISO
- IEEE
- DIF - GitHub
- Fido Alliance
- Hyperledger - Wiki
- Kantara
- OpenID
- Sovrin - Forum
- Me2B Alliance
- Ethereum Enterprise Alliance
too many people complain about problems but don’t step to Fix It!. There are certainly a lot of flawed standards – but they make interoperability possible – not perfect – but possible. If you haven’t used them then you have no right to complain that they are too complex, too simple (even in the same standard) or too domain specific – or any of the other rants and raves that go on.
If you’re willing to put up with a lot of work for incremental improvements then step up and join a standard. Whether that is a (relatively) fast moving standard group like OASIS (www.oasis-open.org) or a slower but more international group like ISO you will learn. You’ll also benefit from working with experts. These experts donate their time and are more than happy to provide ideas, guidance, and leadership.
Who Are the Identerati? - ForgeRock
You’re familiar with digital identity standards like OpenID Connect, OAuth, and User-Managed Access, fundamental elements of privacy and security on the internet. But have you ever wondered how they came to be? A lot of work on these protocols went on (and goes on) behind t...
Building Blocks for a New Architecture
After looking at the many different digital platforms and mechanisms: centralized, decentralized, proof-of-work, proof-of-stake, the list goes on, I have concluded that all of these new platforms boil down to fulfilling three core societal functions: value, identity, and status, underpinned by consensus.
W3C
- World Wide Web Consortium(W3C) [T] [G]
The World Wide Web Consortium (W3C) is an international community where Member organizations, a full-time staff, and the public work together to develop Web standards. Led by Web inventor and Director Tim Berners-Lee and CEO Jeffrey Jaffe, W3C's mission is to lead the Web to its full potential.
- [w3c-dvcg/w3c-dvcg.github.io - Landing site for W3C Digital Verification Community Group. W]
- JSON-LD 1.0, W3C Recommendation
- W3C Workshop on Strong Authentication & Identity
The Story of Open SSI Standards - Drummond Reed/Evernym SSIMeetup.org[ϟ]
Credentials Community Group
- Credentials Community Group[B]
- Public mailing list for the Credentials Community Group (and archives) - Anyone may read or write to this list.
DID the Decentralized Identifier
- DID Whitepaper
A DID architecture should focus on the set of components that Mr. Gupta refers to as "the minimum required for people to be able to do business (or other critical functions) together".
A Decentralized Identifier (DID) Registry and Discovery Service
This "minimum required" is defined by a union of the proposed requirements identified by the W3C Credential Community Group, the XDI.org Registry Working Group, and the Rebooting the Web of Trust group. It consists of three functions that can be addressed by a combination of blockchain and DHT technology:
- A DID registration function
- A discovery function that enables looking up a registered DID in the blockchain
- A master key recovery function
- A Universally Unique IDentifier (UUID) URN Namespace <-DID's modeled after
- w3c- Decentralized Identifiers (DIDs) v0.11
- Understanding Decentralized IDs (DIDs)
- DID Primer [ϟ]
- Decentralized IDentifers (DIDs)
- Requirements for DIDs
- DIDs in DPKI
- What is a DID?
- The Path from an id (DID) to a Real-Life Something
Verifiable Credentials
- Verifiable Claims Working Group
- Verifiable Claims Data Model 1.0 [G] [D]
- Verifiable Claims WG - Mailing List (and archives)
- Verifiable Credentials 101 for SSI – Tyler Ruff – Webinar 11
DIF
DID Auth
http://ssimeetup.org/introduction-did-auth-markus-sabadello-webinar-10
Decentralized Key Management-Agents
- Decentralized Key Management (DKMS): An Essential Missing Piece of the SSI Puzzle - Drummond Reed
- Recommendations for Decentralized Key Management Systems
- Agent to Agent Communication: Daniel Hardman explains the goals of agent to agent communication
DKMS - An Essential Missing Piece of the SSI Puzzle. Drummond Reed. SSIMeetup.org
Ethereum ERC-EIP
- ERC: Lightweight Identity #1056 —This ERC describes a standard for creating and updating identities with a limited use of blockchain resources. An identity can have an unlimited number of delegates and attributes associated with it. Identity creation is as simple as creating a regular key pair ethereum account, which means that it's fee (no gas costs) and all ethereum accounts are valid identities. Furthermore this ERC is fully DID compliant.
- ERC1056 ❤ ERC780 — an open identity and claims protocol for Ethereum
- EIP-780 Ethereum Claims Registry
- EIP712 - This is a standard for hashing and signing of typed structured data
- ERC-1484 Digital Identity Aggregator —A protocol for aggregating digital identity information that's broadly interoperable with existing, proposed, and hypothetical future digital identity standards.
- EIP-1078 - This presents a method to replace the usual signup/login design pattern with a minimal ethereum native scheme, that doesn’t require passwords, backing up private keys nor typing seed phrases.
- ERC-1077 and ERC-1078: The magic of executable signed messages
- ERC-EIP on GitHub >>
ERC725-735
- ERC725
- The following describes standard functions for a unique identifiable proxy account to be used by humans, groups, organisations, objects and machines
- ERC735 - The following describes standard functions for adding, removing and holding of claims.
- These claims can attested from third parties (issuers) or self attested.
- Origin partners on ERC725
- Managing Identity with a UI—ERC-725
- Ethereum ERC725 Blockchain Based, Self-Sovereign Identity Management
- erc725alliance.org
- ERC: Lightweight Identity #1056 —This ERC describes a standard for creating and updating identities with a limited use of blockchain resources. An identity can have an unlimited number of delegates and attributes associated with it. Identity creation is as simple as creating a regular key pair ethereum account, which means that it's fee (no gas costs) and all ethereum accounts are valid identities. Furthermore this ERC is fully DID compliant.
Blockcerts
- Learning Machine
- Academic Credentialing and the Blockchain
- Blockcerts, developed by learning machine is an open standard for issuing and verifying blockchain-based official records; The project offers open-source libraries, tools, and mobile apps. MIT has issued digital certificates based on this standard.
Schema
- Schema — a collaborative, community activity with a mission to create, maintain, and promote schemas for structured data on the Internet. Schema.org vocabulary can be used with many different encodings, including RDFa, Microdata and JSON-LD. These vocabularies cover entities, relationships between entities and actions, and can easily be extended through a well-documented extension model. Over 10 million sites use Schema.org to markup their web pages and email messages. Many applications from Google, Microsoft, Pinterest, Yandex and others already use these vocabularies to power rich, extensible experiences."