Be the first to like this
Ignacio Alamillo is a lawyer, PhD in eIDAS Regulation, CISA, CISM, and EU Commission legal expert for EBSI eSSIF and the EBSI eIDAS Bridge initiatives. Ignacio will introduce SSI solutions, using the Alastria ID reference model as an illustrative example, taking into account the need for trust management frameworks, and trust anchors. Secondly, he will introduce the eIDAS Regulation, currently the major electronic identification regulation in the European Union, supporting a pan-European identity federation system, and the legal framework for the so-called trust services.
The EU has developed some key proposals arising from the legal assessment of the EBSI ESSIF use case, oriented to extend the eIDAS Regulation to SSI solutions used with public sector bodies relationships and procedures. This results were publicly presented in the 2nd ESSIF Stakeholders Meeting that took place in Brussels mid-January 2020.
The objective of the ESSIF legal assessment is to evaluate the potential legal issues that are horizontal to an SSI solution, including:
DIDs: What is the legal nature and ownership of DIDs (asset vs a special kind of pseudonym), how should be DIDs managed in case of minors and incapable persons, if DID may be subject to seizure, when DIDs may be deactivated, what is the legal regime of keys and wallets, etc.
VCs: What are the duties and responsibilities of VCs issuers, holders and verifiers. How to model the contractual/non-contractual relations between issuers & verifiers, and set up liability models. We should pay special attention to the legal aspects of the VC lifecycle (issuance, suspension and revocation causes, etc).
Alignment of the SSI solution with the eIDAS Regulation: aligning VCs with eIDAS eID rules, but also linking VCs to eSeals or eSignatures.
Trust framework: legal input regarding LoAs, governance aspects, conformity, etc.
The use cases include:
Using eIDAS identification means (and qualified certificates?) to issue verifiable credentials.
Using qualified certificates to support verifiable claims (EBSI eIDAS bridge) and legal evidences with full legal value.
Using SSI VCs as an eIDAS identification means.
Using blockchain plus SSI as an electronic registered delivery service.
All content represent just the opinion of Ignacio Alamillo, and do not represent any official position from the EU Commission nor any of its officers