decentralized-id.github.io/history.md

DID-SSI History

Contents

• Losing Control over our Personal Information '80s
• PGP - Web of Trust '91
• International Planetwork Conference '00s
• XNS Public Trust Organization
• The Augmented Social Network '03
• IDCommons '01
• Identity Gang '04
  • Kim Cameron - Laws of Identity
• Internet Identity Workshop—IIW '05
• W3C Credentials Community Group '14
• Bitnation '15
• The United Nations Sustainable Development Goals '15
• #Rebooting-Web-of-Trust (RWoT)
• Evernym
• ID2020 and the GDPR '16
• The End of 2016
• Decentralized Identity Foundation '17
• Standards History
• Resources

---

• github.com/infominer33/DIDecentralized
• infominer.id/DIDecentralized
• infominer.id

Losing Control Over our Personal Information

• Security without Identification: Transaction Systems to Make Big Brother Obsolete - David Chaum, 1985.

  • The large-scale automated transaction systems of the near future can be designed to protect the privacy and maintain the security of both individuals and organizations.

    Computerization is robbing individuals of the ability to monitor and control the ways information about them is used. As organizations in both the private and the public sectors routinely exchange such informa- tion, individ.uals have no way of knowing if the information is inaccurate, obsolete, or otherwise inap- propriate. The foundation is being laid for a dossier society, in which computers could be used to infer individuals’ life-styles, habits, whereabouts, and asso- ciations from data collected in ordinary consumer transactions. Uncertainty about whether data will re- main secure against abuse by those maintaining or tapping it can have a “chilling effect,” causing people to alter their observable activities. As computerization becomes mclre pervasive, the potential for these prob- lems will grow dramatically.

• Information Technology and Dataveillance - Roger Clarke, 1988.

  The concept of 'dataveillance' is introduced, and defined as the systematic monitoring of people's actions or communications through the application of information technology. Dataveillance's origins are traced, and an explanation provided as to why it is becoming the dominant means of monitoring individuals and populations.

  The paper identifies, classifies and describes the various dataveillance techniques. It then examines the benefits, and especially the dangers, arising from dataveillance. It considers the intrinsic and extrinsic controls that act to keep the application of dataveillance under control, and suggests some appropriate policy measures.

PGP - Web of Trust ^

Phil Zimmerman creates PGP, 1991.

• First time strong encryption widely available to general public.

• PGP’s web-of-trust provide early foundation for SSI. However, PGP is known as difficult to use and failed to reach wide adoption for personal communication\identification.

• PGP -Web of Trust -linux.com

International Planetwork Conference ^

The first International Planetwork Conference - Global Ecology and Information Technology, San Francisco, May 2000.

The community that developed around the Planetwork conferences, including Linktank, form an intellectual foundation for what became Self Sovereign Identity.

XNS Public Trust Organization ^

XNS Public Trust Organization. Founded in July 2000, shortly after Planetwork Conference. -xdi.org - History

to promote the concept of individuals owning their own digital identity and data based on a nascent technology being produced by two Technical Committees at OASIS: XRI (Extensible Resource Identifier) and XDI (Extensible Data Interchange).

Augmented Social Network ^

• The Augmented Social Network: Building Identity and Trust into the Next-Generation Internet, presented at the June 2003 Planetwork conference and published in First Monday the Peer-Reviewed Journal on the Internet 8/4/03.

  "This paper proposes the creation of an Augmented Social Network (ASN) that would build identity and trust into the architecture of the Internet"

IDCommons ^

The Identity Commons (2001-Present) was originally created by Owen Davis and Andrew Nelson in 2001 to evangelize the creation of a decentralized user-centric identity infrastructure and to address the resulting social trust issues.

• Kaliya Young began working with Identity Commons following June 2004 Planetwork Conference. Working with Social Physics team, led by Paul Trevithick and Mary Ruddy, and included Doc Searls and Phil Windley, they wove a community around user-centric id that came together at the Digital Identity World conference, of 2004.

Resuling in a mailing list:

• community@lists.idcommons.net

  The general community mailing list for Identity Commons. The list is also called the Identity Gang mailing list and was formerly idworkshop at googlegroups.

Identity Gang ^

• The original identity gang Doc Searls invited identity leaders to appear on the Gilmore Gang podcast, where the name "Identity Gang" was coined.

  At the encouragement of Doc Searls, a number of people began blogging about user-centric identity.

• The Gillmor Gang - December 31, 2004 Featuring:

• Steve Gillmor, contributing editor, ZDNet
• Doc Searls, senior editor, Linux Journal
• Craig Burton, founding member, Novell; co-founder, The Burton Group
• Kim Cameron, Microsoft's Architect of Identity and Access Systems
• Dave Winer, father of RSS and more
• Marc Canter, Broadband Mechanics
• Bryan Field-Elliot, CTO, Ping Identity Corporation
• Phil Windley, Brigham Young University
• Drummond Reed, CTO, Cordance

"Their most important contribution may have been the creation, in association with the Identity Gang, of the Internet Identity Workshop (2005-Present) working group." -Path to Self Sovereign Identity

• Paul Trevithick created the Identity Gang Lexicon -2005.

Kim Cameron - Laws of Identity ^

• Kim Cameron Identity Laws [x]
  • Laws of Identity - Whitepaper

Internet Identity Workshop ^

In 2005, Kaliya Young[T], Phil Windley[T][V][G], Drummond Reed[T][B], and Doc Searls[T][B] hosted the first Internet Identity Workshop(IIW)[T] in Berkeley to discuss "architectural and governance proposals for Internet-wide identity services and their underlying philosophies." -Announcing IIW 2005

• unconference.net

Since then, the IIW has met bi-anually, actively supporting the development of the identity software-ecosystem, including OpenID('05), OpenID 2.0('06), OAuth('10), FIDO('13) and OpenID Connect('14).

---

• Markus Sabadello began work on Project Danube, on the creation of an XDI based personal data store, always under the control of its users, as early as 2010.

---

Founded in 2011, the Personal Data Ecosystem Consortium advocates a user-centric approach to managing personal data

IIW participants began the effort towards creating a truly user centric identity, in contrast to identity solutions whos focus has been fulfilling the needs of the enterprise. The pioneers of decentralized identity have long struggled against the "identity silo paradox," that while the identerati continually work on solutions to break up these silos, the enterprise has had a strong financial incentive to retain them.

• What is IIW? [ϟ][ϟ] short film about the identirati[ϟ] (a term for those working on identity standards for the purpose of breaking up id data silos, dating back to at least 2006).
• What is Sovereign Source Authority? leads to the term Self Sovereign Identity.
• Windhover Principles for Digital Identity
  • HubID First to Deploy Windhover Principles and Framework for Digital Identity, Trust and Open Data
• WEForum - Personal Data: The Emergence of a New Asset Class

W3C Credentials Community Group ^

8/14 The Credentials Community Group[ϟ] forms, hosted by World Wide Web Consortium(W3C)[T] [G] : "to forge a path for a secure, decentralized system of credentials that would empower both individual people and organizations on the Web to store, transmit, and receive digitally verifiable proof of qualifications and achievements." —proposed by Manu Sporney[T] (of digitalbazaar.com)

• Consensys begins work on uPort -2015

Bitnation ^

9\15 Bitnation "seeks to establish the concept of 'world citizenship' via a bitcoin based identity, offering 'Blockchain Emergency IDs' to refugees. [>]

The United Nations Sustainable Development Goals ^

The same month, the UN unveiled it's Agenda for Sustainable Development:

• Promote peaceful and inclusive societies for sustainable development, provide access to justice for all and build effective, accountable and inclusive institutions at all levels
• Substantially reduce corruption and bribery in all their forms Develop effective, accountable and transparent institutions at all levels
• By 2030, provide legal identity for all, including birth registration
• Ensure public access to information and protect fundamental freedoms, in accordance with national legislation and international agreements—(emphasis mine)

• DIGITAL IDENTITY AS A BASIC HUMAN RIGHT
• AID:Tech [T] — "is a voucher and digital identity solution for refugees. A digital record of a person's identity is stored on a smart card, along with various additional information. Blockchain technology is used to distribute all resources in a highly traceable manner." (another early example of blockchain for humanitarian aide)
• World Bank - Digital IDs for Development
• Additional Info on Blockchain and the United Nations

Rebooting the Web Of Trust ^

In relation to SSI, 'Web of Trust' is a network of relationships that attest to our identity claims. Each party attesting to your identity information becomes a strand in your web of trust.

The first Rebooting Web of Trust(RWoT) workshop was held during November 2015; attracting the likes of Vitalik Buterin, Peter Todd, Gregory Maxwell, Joel Dietz, Christopher Allen, and Jon Callas, according to Andreas Antonopolis.

That workshop, produced 5 technical white papers:
5 WoT-usecases • Decentralized PKI • Smart Signatures • Creating a New World of Trust

• Opportunities Created by the Web of Trust for Controlling and Leveraging Personal Data

  "Decentralized systems that are engineered to prevent concentrating power as they grow avoid this. They can in fact increase their credibility as more users provide their assessments as input. Protocols and structures that are distributed and self-sovereign also offer significantly improved robustness, portability, and versatility than conventional centralized or escrowed processes — especially when combined with secure cryptography."

• Rebranding the Web of Trust

  The Web of Trust is a buzzword for a new model of decentralized self-sovereign identity. It’s a phrase that dates back almost twenty-five years, the classic definition derives from PGP [...] the vibrant blockchain community is also drawing new attention to the concept we aim to reboot it.

At the end of 2015, the Department of Homeland Security announced that it had funds available for the development of Blockchain Security and Identity Verification Technologies.

Evernym

• Evernym[T] originally created the Sovrin codebase, founded in 2013.
• Identity System Essentials 3/16 (Original Evernym Identity WP submitted to ID2020\RWoT workshop)
• Outlier Ventures invests in, becomes strategic partner of Evernym[ϟ]
• The Three Models of Digital Identity Relationships — How self-sovereign identity (SSI) is different, and why it’s better

ID2020 and the GDPR ^

• 4/16 the EU adopted the GDPR to be enacted as law May 2018.
• Projects aim for legal identity for everyone - ID2020, ID4D aim to bring legal, binding, digital IDs to all world's citizens
• The second RWoT workshop ran in conjunction with the UN's ID2020 Summit in New York that May; clearly a significant time for decentralized identity:

  1.1 Billion people live without an officially recognized identity — This lack of recognized identification deprives them of protection, access to services, and basic rights. ID2020 is a public-private partnership dedicated to solving the challenges of identity for these people through technology. - id2020.org

• Identity Crisis: Clear Identity through Correlation
• Christopher Allen[info] details the overarching history of internet idenitity standards in his seminal work (submitted to ID2020\RWoT workshop):
  • The Path to Self-Soverereign Identity[ϟ] details the history of identity standards leading up to self-sovereign and details the 10 principles of self-sovereign identity.

    I am part of the team putting together the first ID2020 Summit on Digital Identity at the United Nations

• Identity System Essentials 3/16 (Original Evernym Identity WP also submitted to ID2020\RWoT workshop)

Evident from the other whitepapers submitted to the second RWoT Workshop, the DID identifier had begun to emerge:

• Decentralized Identifiers (DIDs) and Decentralized Identity Management (DIDM)

  "Decentralized Identifiers (DID) stored in a permissioned blockchain enable principals to directly control their own identities with cryptographic proofs and secure, addressable network endpoints. DIDs further enable a Decentralized Identity Management (DIDM) infrastructure that will empower people and organizations to securely and confidentially manage and assert their identities."

• Requirements for DIDs

  "Respect Network is conducting a research project for the U.S. Department of Homeland Security, HSHQDC-16-C-00061, to analyze the applicability of blockchain technologies to a decentralized identifier system. Our thesis is that blockchains, or more generically distributed ledgers, are a potentially powerful new tool for “identity roots” — the starting points for an Internet identity. However “blockchain identity” may not fully address the core security and privacy principles needed in a complete identity system. In this case DIDs — Decentralized Identifiers rooted on a distributed ledger — may end up being a foundational building block for higher level identity management solutions. -

The End of 2016 ^

• News Release: DHS S&T Awards $1.3 Million to Small Businesses for Cyber Security Research and Development -2016

  • Applying Blockchain to Decentralized Identity

    Respect Network will research and develop a decentralized registry and discovery service for Decentralized Identifiers (DIDs) to integrate with the public blockchain. DIDs will allow principals to directly control their own identities with cryptographic proofs and secure, addressable network endpoints. DIDs will enable a Decentralized Identity Management (DIDM) infrastructure that will empower people and organizations to securely and confidentially manage and assert their identities. Open standards and established industry protocols will permit principals to selectively disclose identity claims, and to manage their privacy and digital relationships. Respect Network's thesis is that the combination of DIDs and DIDM architecture, using public and/or private blockchains as "identity backbones", can meet traditional information security principles of confidentiality, integrity, availability, non-repudiation and provenance. Further, our approach applies privacy-by-design principles, including user control, selective disclosure of information and pseudonymity.

  • Credentials on Public/Private Linked Ledgers

    A wide variety of applications could benefit from combining identity management technology with decentralized ledgers (aka blockchains). However, not every application uses the same data or requires the same consensus or authorization models. While a single solution is unlikely, we assert each application could benefit from a standard, configurable, decentralized ledger with flexible semantics. We will study the feasibility of this concept by building a proof-of-concept Linked Data ledger format and architecture.

• Pan Canadian Trust Framework - 2016

  The Pan-Canadian Trust Framework (PCTF) enables Canada’s full and secure participation in the global digital economy through economic sector innovation and the enablement of modernized digital service delivery. The PCTF supports open government principles.

• Phil Windley announces formation of the Sovrin Foundation charged with maintaining its, public-permissioned, distributed ledger for identity, donated by Evernym -September 2016.

  Sovrin Foundation is a private-sector, international non-profit established to govern a global public utility for self-sovereign identity.

• MyData founded to give structure to an international movement, promoting the rights of individuals to have control over our personal information - August, 2016

• Learning Machine working with MIT on an open standard for blockchain credentials for the past year. Led by Chris Jagers, Kim Hamilton Duffy, and John Papinchak their Blockcerts prototype was released in October 2016.

Decentralized Identity Foundation ^

On May 22 at Consensus 2017 the formation of the Decentralized Identity Foundation (DIF) was announced:

• Conensus 2017 - Building an Foundation for Decentralized Identity (video)
• Decentralized Identity Foundation Grows To 56 Members In Our First Year

Standards History ^

The Story of Open SSI Standards - Drummond Reed/Evernym SSIMeetup.org [ϟ]

Resources ^

• A Brief History of Digital Identity
• A Step Back in Time: The History and Evolution of Digital Identity
• Identity Commons-Wiki
• IIW-Wiki
• IIW - Past Workshops
• identitywoman.net
• windley.com/tags/identity
• WoTinfo
• The Path to Self Sovereign Identity