| .. | ||
| README.md | ||
Non SSI Identity Standards
Contents
- OpenID
- FIDO
- OAuth
- SCIM
- SAML
- KMIP
- Secure QR Code
OpenID
- Registration - OpenID Foundation Virtual Workshop April 29, 2021
updates on all active OpenID Foundation Working Groups as well the OpenID Certification Program OpenID Specs Up for Review
This specification defines event types and their contents based on the SSE Framework that are required to implement Risk Incident Sharing and Coordination.
FIDO
This year’s FIDO Developer Challenge reached a successful conclusion, with a ceremonial event during Authenticate 2021 of the ceremony is available now, and we’re pleased to share more detailed stories of the three finalists as well as the rest of the teams that made it to the final stage.
-
Integrating FIDO with Verifiable Credentials (8.30 am start) by David Chadwick
-
The Use of FIDO2 and Verifiable Credentials (David Chadwick)
W3C Web Authentication (FIDO2) provides a mechanism for strong authentication whilst W3C Verifiable Credentials provide a mechanism for strong identification and authorisation. Together they make an unbeatable pair for identity management.
Prof. David Chadwick presented work on sharing W3C Verifiable Crendentials via FIDO2 key setup with issuers of credentials. In a nutshell, the holder and issuer use the WebAuthN protocol to strongly authenticate before the issuer protects the credentials with its signature. Upon providing credentials to a relying party, the issuer (acting in an IDP capacity, so they must be online) will verify the identity of the holder via FIDO2 WebAuthN so that the credentials (or selected claims in the credentials for selective disclosure) can be shared with the relying party. Ephemeral keys are created to bind the holder with such credentials shared to the relying party/verifier. The relying party/verifier can use X.509 certs to confirm that the issuer is valid by checking the signature on the derived credential from the holder.