27 KiB
layout | title | description | header | canonical_url | redirect_from | permalink | categories | published | |||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
single | History Surrounding Self-Sovereign, Decentralized, Identity. | Starting with David Chaum in the 80s, PGP, the International Planetwork Conference, Agenda for Sustainable Development, GDPR, and Bitcoin to the Present. |
|
https://decentralized-id.com/history/ | /history | /history/ |
|
true |
Losing Control Over our Personal Information
-
Security without Identification: Transaction Systems to Make Big Brother Obsolete - David Chaum, 1985.
- The large-scale automated transaction systems of the near future can be designed to protect the privacy and maintain the security of both individuals and organizations.
Computerization is robbing individuals of the ability to monitor and control the ways information about them is used. As organizations in both the private and the public sectors routinely exchange such informa- tion, individ.uals have no way of knowing if the information is inaccurate, obsolete, or otherwise inap- propriate. The foundation is being laid for a dossier society, in which computers could be used to infer individuals’ life-styles, habits, whereabouts, and asso- ciations from data collected in ordinary consumer transactions. Uncertainty about whether data will re- main secure against abuse by those maintaining or tapping it can have a “chilling effect,” causing people to alter their observable activities. As computerization becomes mclre pervasive, the potential for these prob- lems will grow dramatically.
- The large-scale automated transaction systems of the near future can be designed to protect the privacy and maintain the security of both individuals and organizations.
-
Information Technology and Dataveillance - Roger Clarke, 1988.
The concept of 'dataveillance' is introduced, and defined as the systematic monitoring of people's actions or communications through the application of information technology. Dataveillance's origins are traced, and an explanation provided as to why it is becoming the dominant means of monitoring individuals and populations.
The paper identifies, classifies and describes the various dataveillance techniques. It then examines the benefits, and especially the dangers, arising from dataveillance. It considers the intrinsic and extrinsic controls that act to keep the application of dataveillance under control, and suggests some appropriate policy measures.
PGP - Web of Trust
Phil Zimmerman creates PGP, 1991.
-
First time strong encryption widely available to general public.
-
PGP’s web-of-trust provide early foundation for SSI. However, PGP is known as difficult to use and failed to reach wide adoption for personal communication\identification.
International Planetwork Conference
The first International Planetwork Conference - Global Ecology and Information Technology, San Francisco, May 2000.
The community that developed around the Planetwork conferences, including Linktank, form an intellectual foundation for what became Self Sovereign Identity.
XNS Public Trust Organization
XNS Public Trust Organization. Founded in July 2000, shortly after Planetwork Conference. -xdi.org - History
to promote the concept of individuals owning their own digital identity and data based on a nascent technology being produced by two Technical Committees at OASIS: XRI (Extensible Resource Identifier) and XDI (Extensible Data Interchange).
Augmented Social Network
- The Augmented Social Network: Building Identity and Trust into the Next-Generation Internet, presented at the June 2003 Planetwork conference and published in First Monday the Peer-Reviewed Journal on the Internet 8/4/03.
"This paper proposes the creation of an Augmented Social Network (ASN) that would build identity and trust into the architecture of the Internet"
IDCommons
The Identity Commons (2001-Present) was originally created by Owen Davis and Andrew Nelson in 2001 to evangelize the creation of a decentralized user-centric identity infrastructure and to address the resulting social trust issues.
- Kaliya Young began working with Identity Commons following June 2004 Planetwork Conference. Working with Social Physics team, led by Paul Trevithick and Mary Ruddy, and included Doc Searls and Phil Windley, they wove a community around user-centric id that came together at the Digital Identity World conference, of 2004.
Resuling in a mailing list:
- community@lists.idcommons.net
The general community mailing list for Identity Commons. The list is also called the Identity Gang mailing list and was formerly idworkshop at googlegroups.
Identity Gang
-
The original identity gang Doc Searls invited identity leaders to appear on the Gilmore Gang podcast, where the name "Identity Gang" was coined.
At the encouragement of Doc Searls, a number of people began blogging about user-centric identity.
-
The Gillmor Gang - December 31, 2004 Featuring:
- Steve Gillmor, contributing editor, ZDNet
- Doc Searls, senior editor, Linux Journal
- Craig Burton, founding member, Novell; co-founder, The Burton Group
- Kim Cameron, Microsoft's Architect of Identity and Access Systems
- Dave Winer, father of RSS and more
- Marc Canter, Broadband Mechanics
- Bryan Field-Elliot, CTO, Ping Identity Corporation
- Phil Windley, Brigham Young University
- Drummond Reed, CTO, Cordance
"Their most important contribution may have been the creation, in association with the Identity Gang, of the Internet Identity Workshop (2005-Present) working group." -Path to Self Sovereign Identity
- Paul Trevithick created the Identity Gang Lexicon -2005.
Kim Cameron - Laws of Identity
Internet Identity Workshop
In 2005, Kaliya Young[T], Phil Windley[T][V][G], Drummond Reed[T][B], and Doc Searls[T][B] hosted the first Internet Identity Workshop(IIW)[T] in Berkeley to discuss "architectural and governance proposals for Internet-wide identity services and their underlying philosophies." -Announcing IIW 2005
Since then, the IIW has met bi-anually, actively supporting the development of the identity software-ecosystem, including OpenID('05), OpenID 2.0('06), OAuth('10), FIDO('13) and OpenID Connect('14).
- Markus Sabadello began work on Project Danube, on the creation of an XDI based personal data store, always under the control of its users, as early as 2010.
Founded in 2011, the Personal Data Ecosystem Consortium advocates a user-centric approach to managing personal data
IIW participants began the effort towards creating a truly user centric identity, in contrast to identity solutions whos focus has been fulfilling the needs of the enterprise. The pioneers of decentralized identity have long struggled against the "identity silo paradox," that while the identerati continually work on solutions to break up these silos, the enterprise has had a strong financial incentive to retain them.
- What is IIW? [ϟ][ϟ] short film about the identirati[ϟ] (a term for those working on identity standards for the purpose of breaking up id data silos, dating back to at least 2006).
- What is Sovereign Source Authority? leads to the term Self Sovereign Identity.
- Windhover Principles for Digital Identity
- WEForum - Personal Data: The Emergence of a New Asset Class
Respect Network
Around 2011, Respect Network began working to promote the idea of personal data clouds for the protection of personal information:
- Respect Network is the world's first trusted personal data network that will let customers and companies connect over direct, personal channels that are always under the customer's control. Every member of the Respect Network agrees to the award-winning Respect Trust Framework so customers can be sure that the privacy and security of their personal data will always be respected.
The foundation of the Respect Network is the Respect Trust Framework, which was listed with the Open Identity Exchange in May 2011 and honored with the Privacy Award at the 2011 European Identity Conference. This is the umbrella legal contract to which every member (person or business) of the Respect Network agrees when they join the network
- The Respect Trust Framework establishes a set of five simple yet universal principles governing the control and protection of identity and personal data—principles that operate at a higher level than conventional privacy policies. These five principles can be summed up by “the 5 p’s” in one sentence: A promise of permission, protection, portability, and proof.
W3C Credentials Community Group
8/14 The Credentials Community Group[ϟ] forms, hosted by World Wide Web Consortium(W3C)[T] [G] : "to forge a path for a secure, decentralized system of credentials that would empower both individual people and organizations on the Web to store, transmit, and receive digitally verifiable proof of qualifications and achievements." —proposed by Manu Sporney[T] (of digitalbazaar.com)
Bitnation
9\15 Bitnation "seeks to establish the concept of 'world citizenship' via a bitcoin based identity, offering 'Blockchain Emergency IDs' to refugees. [>]
United Nations Sustainable Development Goals
The same month, the UN unveiled it's Agenda for Sustainable Development:
- Promote peaceful and inclusive societies for sustainable development, provide access to justice for all and build effective, accountable and inclusive institutions at all levels
- Substantially reduce corruption and bribery in all their forms Develop effective, accountable and transparent institutions at all levels
- By 2030, provide legal identity for all, including birth registration
- Ensure public access to information and protect fundamental freedoms, in accordance with national legislation and international agreements—(emphasis mine)
- DIGITAL IDENTITY AS A BASIC HUMAN RIGHT
- AID:Tech [T] — "is a voucher and digital identity solution for refugees. A digital record of a person's identity is stored on a smart card, along with various additional information. Blockchain technology is used to distribute all resources in a highly traceable manner." (another early example of blockchain for humanitarian aide)
- World Bank - Digital IDs for Development
- Additional Info on Blockchain and the United Nations
Rebooting the Web Of Trust
In relation to SSI, 'Web of Trust' is a network of relationships that attest to our identity claims. Each party attesting to your identity information becomes a strand in your web of trust.
The first Rebooting Web of Trust(RWoT) workshop was held during November 2015; attracting the likes of Vitalik Buterin, Peter Todd, Gregory Maxwell, Joel Dietz, Christopher Allen, and Jon Callas, according to Andreas Antonopolis.
That workshop, produced 5 technical white papers:
5 WoT-usecases • Decentralized PKI • Smart Signatures • Creating a New World of Trust
-
Opportunities Created by the Web of Trust for Controlling and Leveraging Personal Data
"Decentralized systems that are engineered to prevent concentrating power as they grow avoid this. They can in fact increase their credibility as more users provide their assessments as input. Protocols and structures that are distributed and self-sovereign also offer significantly improved robustness, portability, and versatility than conventional centralized or escrowed processes — especially when combined with secure cryptography."
-
The Web of Trust is a buzzword for a new model of decentralized self-sovereign identity. It’s a phrase that dates back almost twenty-five years, the classic definition derives from PGP [...] the vibrant blockchain community is also drawing new attention to the concept we aim to reboot it.
At the end of 2015, the Department of Homeland Security announced that it had funds available for the development of Blockchain Security and Identity Verification Technologies.
Evernym
- Evernym[T] originally created the Sovrin codebase, founded in 2013.
- Identity System Essentials 3/16 (Original Evernym Identity WP submitted to ID2020\RWoT workshop)
- Outlier Ventures invests in, becomes strategic partner of Evernym[ϟ]
- The Three Models of Digital Identity Relationships — How self-sovereign identity (SSI) is different, and why it’s better
ID2020 and the GDPR
- 4/16 the EU adopted the GDPR to be enacted as law May 2018.
- Projects aim for legal identity for everyone - ID2020, ID4D aim to bring legal, binding, digital IDs to all world's citizens
- The second RWoT workshop ran in conjunction with the UN's ID2020 Summit in New York that May; clearly a significant time for decentralized identity:
1.1 Billion people live without an officially recognized identity — This lack of recognized identification deprives them of protection, access to services, and basic rights. ID2020 is a public-private partnership dedicated to solving the challenges of identity for these people through technology. - id2020.org
- Identity Crisis: Clear Identity through Correlation
- Christopher Allen[info] details the overarching history of internet idenitity standards in his seminal work (submitted to ID2020\RWoT workshop):
- The Path to Self-Soverereign Identity[ϟ] details the history of identity standards leading up to self-sovereign and details the 10 principles of self-sovereign identity.
I am part of the team putting together the first ID2020 Summit on Digital Identity at the United Nations
- The Path to Self-Soverereign Identity[ϟ] details the history of identity standards leading up to self-sovereign and details the 10 principles of self-sovereign identity.
- Identity System Essentials 3/16 (Original Evernym Identity WP also submitted to ID2020\RWoT workshop)
Evident from the other whitepapers submitted to the second RWoT Workshop, the DID identifier had begun to emerge:
- Decentralized Identifiers (DIDs) and Decentralized Identity Management (DIDM)
"Decentralized Identifiers (DID) stored in a permissioned blockchain enable principals to directly control their own identities with cryptographic proofs and secure, addressable network endpoints. DIDs further enable a Decentralized Identity Management (DIDM) infrastructure that will empower people and organizations to securely and confidentially manage and assert their identities."
- Requirements for DIDs
"Respect Network is conducting a research project for the U.S. Department of Homeland Security, HSHQDC-16-C-00061, to analyze the applicability of blockchain technologies to a decentralized identifier system. Our thesis is that blockchains, or more generically distributed ledgers, are a potentially powerful new tool for “identity roots” — the starting points for an Internet identity. However “blockchain identity” may not fully address the core security and privacy principles needed in a complete identity system. In this case DIDs — Decentralized Identifiers rooted on a distributed ledger — may end up being a foundational building block for higher level identity management solutions. -
Late 2016
-
- Applying Blockchain to Decentralized Identity
Respect Network will research and develop a decentralized registry and discovery service for Decentralized Identifiers (DIDs) to integrate with the public blockchain. DIDs will allow principals to directly control their own identities with cryptographic proofs and secure, addressable network endpoints. DIDs will enable a Decentralized Identity Management (DIDM) infrastructure that will empower people and organizations to securely and confidentially manage and assert their identities. Open standards and established industry protocols will permit principals to selectively disclose identity claims, and to manage their privacy and digital relationships. Respect Network's thesis is that the combination of DIDs and DIDM architecture, using public and/or private blockchains as "identity backbones", can meet traditional information security principles of confidentiality, integrity, availability, non-repudiation and provenance. Further, our approach applies privacy-by-design principles, including user control, selective disclosure of information and pseudonymity.
- Credentials on Public/Private Linked Ledgers
A wide variety of applications could benefit from combining identity management technology with decentralized ledgers (aka blockchains). However, not every application uses the same data or requires the same consensus or authorization models. While a single solution is unlikely, we assert each application could benefit from a standard, configurable, decentralized ledger with flexible semantics. We will study the feasibility of this concept by building a proof-of-concept Linked Data ledger format and architecture.
- Applying Blockchain to Decentralized Identity
-
Pan Canadian Trust Framework - 2016
The Pan-Canadian Trust Framework (PCTF) enables Canada’s full and secure participation in the global digital economy through economic sector innovation and the enablement of modernized digital service delivery. The PCTF supports open government principles.
-
Phil Windley announces formation of the Sovrin Foundation charged with maintaining its, public-permissioned, distributed ledger for identity, donated by Evernym -September 2016.
Sovrin Foundation is a private-sector, international non-profit established to govern a global public utility for self-sovereign identity.
-
MyData founded to give structure to an international movement, promoting the rights of individuals to have control over our personal information - August, 2016
-
Learning Machine working with MIT on an open standard for blockchain credentials for the past year. Led by Chris Jagers, Kim Hamilton Duffy, and John Papinchak their Blockcerts prototype was released in October 2016.
Identity Foundation
On May 22 at Consensus 2017 the formation of the Decentralized Identity Foundation (DIF) was announced:
- Conensus 2017 - Building an Foundation for Decentralized Identity (video)
- Decentralized Identity Foundation Grows To 56 Members In Our First Year
Standards History
The Story of Open SSI Standards - Drummond Reed/Evernym SSIMeetup.org [ϟ]