SlideShare a Scribd company logo

Self-Sovereign Identity: Ideology and Architecture with Christopher Allen

SSIMeetup
SSIMeetup

https://ssimeetup.org/self-sovereign-identity-why-we-here-christopher-allen-webinar-51/ Internet cryptography and Self-sovereign identity (SSI) pioneer Christopher Allen talks about essential insights and reflections around historical, technological and ethical aspects of Self-Sovereign Identity at the 51st SSIMeetup.org webinar in collaboration with Rebooting the Web of Trust (RWOT) and Alianza Blockchain Iberoamérica as part of the events that took place at RWOT in Buenos Aires (Argentina). Christopher is an entrepreneur and technologist who specializes in collaboration, security, and trust. As a pioneer in internet cryptography, he’s initiated cross-industry collaborations and co-created industry standards that influence the entire internet. Christopher’s focus on internet trust began as the founder of Consensus Development where he co-authored the IETF TLS internet-draft that is now at the heart of all secure commerce on the World Wide Web. Christopher is co-chair of the W3C Credentials CG working on standards for decentralized identity. Christopher has also been a digital civil liberties and human-rights privacy advisor, was part of the team that led the first UN summit on Digital Identity & Human Rights, and was the producer of a half-dozen iPhone and iPad games, and of Infinite PDF, a non-linear media app.

1 of 85
Download to read offline
Self-Sovereign Identity
Ideology & Architecture
Christopher Allen — Decentralized Identity & Blockchain Architect,
Co-Chair W3C Credentials Community Group
CC BY-SA 4.0
1. Empower global SSI communities
2. Open to everyone interested in SSI
3. All content is shared with CC BY SA
Alex Preukschat @SSIMeetup @AlexPreukschat
Coordinating Node SSIMeetup.org
SSIMeetup objectives
SSIMeetup.orgssimeetup.org · CC BY-SA 4.0 International
3
Christopher Allen | Executive Director | Blockchain Commons
▪ Co-Chair W3C Credentials CG
▪ Co-Inventor & Architect of
Decentralized Identifiers
▪ Author Design Principles of
Self-Sovereign Identity
▪ Co-Author SSL/TLS
▪ Former Principal Architect, Blockstream
▪ Former CTO Certicom
▪ Former CEO Consensus Development
▪ Former Faculty Pinchot.edu
Email: ChristopherA@LifeWithAlacrity.com
Twitter: @ChristopherA
https://www.linkedin.com/in/ChristopherA/
SSIMeetup.orgssimeetup.org · CC BY-SA 4.0 International
Ideology Architecture
SSIMeetup.orgssimeetup.org · CC BY-SA 4.0 International
5
is both:
● an to reclaim human dignity & authority in
the digital world, and
● an emerging of technology designed
to enable that movement. SSIMeetup.orgssimeetup.org · CC BY-SA 4.0 International
Ideology
SSIMeetup.orgssimeetup.org · CC BY-SA 4.0 International

Recommended

Decentralized Identifier (DIDs) fundamentals deep dive
Decentralized Identifier (DIDs) fundamentals deep diveDecentralized Identifier (DIDs) fundamentals deep dive
Decentralized Identifier (DIDs) fundamentals deep diveSSIMeetup
 
Introduction to Self Sovereign Identity
Introduction to Self Sovereign IdentityIntroduction to Self Sovereign Identity
Introduction to Self Sovereign IdentityHeather Vescent
 
Overview of Decentralized Identity
Overview of Decentralized IdentityOverview of Decentralized Identity
Overview of Decentralized IdentityJim Flynn
 
What are Decentralized Identifiers (DIDs)?
What are Decentralized Identifiers (DIDs)?What are Decentralized Identifiers (DIDs)?
What are Decentralized Identifiers (DIDs)?Evernym
 
Verifiable Credentials, Self Sovereign Identity and DLTs
Verifiable Credentials, Self Sovereign Identity and DLTs Verifiable Credentials, Self Sovereign Identity and DLTs
Verifiable Credentials, Self Sovereign Identity and DLTs Vasiliy Suvorov
 
Verifiable Credentials in Self-Sovereign Identity (SSI)
Verifiable Credentials in Self-Sovereign Identity (SSI)Verifiable Credentials in Self-Sovereign Identity (SSI)
Verifiable Credentials in Self-Sovereign Identity (SSI)Evernym
 
Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sove...
Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sove...Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sove...
Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sove...SSIMeetup
 
What is self-sovereign identity (SSI)?
What is self-sovereign identity (SSI)?What is self-sovereign identity (SSI)?
What is self-sovereign identity (SSI)?Evernym
 

More Related Content

What's hot

Introduction to Self Sovereign Identity - IIW October 2019
Introduction to Self Sovereign Identity - IIW October 2019Introduction to Self Sovereign Identity - IIW October 2019
Introduction to Self Sovereign Identity - IIW October 2019Heather Vescent
 
Digital Guardianship in Self-Sovereign Identity
Digital Guardianship in Self-Sovereign IdentityDigital Guardianship in Self-Sovereign Identity
Digital Guardianship in Self-Sovereign IdentityEvernym
 
Self-Sovereign Identity for the Decentralized Web Summit
Self-Sovereign Identity for the Decentralized Web SummitSelf-Sovereign Identity for the Decentralized Web Summit
Self-Sovereign Identity for the Decentralized Web SummitKaliya "Identity Woman" Young
 
The Shift from Federated to Decentralized Identity
The Shift from Federated to Decentralized IdentityThe Shift from Federated to Decentralized Identity
The Shift from Federated to Decentralized IdentityEvernym
 
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...Torsten Lodderstedt
 
Hyperledger Aries: Open Source Interoperable Identity Solution – Nathan George
Hyperledger Aries: Open Source Interoperable Identity Solution – Nathan GeorgeHyperledger Aries: Open Source Interoperable Identity Solution – Nathan George
Hyperledger Aries: Open Source Interoperable Identity Solution – Nathan GeorgeSSIMeetup
 
OpenID 4 Verifiable Credentials + HAIP (Update)
OpenID 4 Verifiable Credentials + HAIP (Update)OpenID 4 Verifiable Credentials + HAIP (Update)
OpenID 4 Verifiable Credentials + HAIP (Update)Torsten Lodderstedt
 
OpenID for Verifiable Credentials @ IIW 36
OpenID for Verifiable Credentials @ IIW 36OpenID for Verifiable Credentials @ IIW 36
OpenID for Verifiable Credentials @ IIW 36Torsten Lodderstedt
 
Digital Identity Wallets: What They Mean For Banks
Digital Identity Wallets: What They Mean For BanksDigital Identity Wallets: What They Mean For Banks
Digital Identity Wallets: What They Mean For BanksEvernym
 
OpenID Connect 4 SSI (DIFCon F2F)
OpenID Connect 4 SSI (DIFCon F2F)OpenID Connect 4 SSI (DIFCon F2F)
OpenID Connect 4 SSI (DIFCon F2F)Torsten Lodderstedt
 
OpenID for Verifiable Credentials
OpenID for Verifiable CredentialsOpenID for Verifiable Credentials
OpenID for Verifiable CredentialsTorsten Lodderstedt
 
Zero-Knowledge Proofs in Light of Digital Identity
Zero-Knowledge Proofs in Light of Digital IdentityZero-Knowledge Proofs in Light of Digital Identity
Zero-Knowledge Proofs in Light of Digital IdentityClare Nelson, CISSP, CIPP-E
 
Verifiable Credentials for Travel & Hospitality
Verifiable Credentials for Travel & HospitalityVerifiable Credentials for Travel & Hospitality
Verifiable Credentials for Travel & HospitalityEvernym
 
Decentralized Key Management (DKMS): An Essential Missing Piece of the SSI Pu...
Decentralized Key Management (DKMS): An Essential Missing Piece of the SSI Pu...Decentralized Key Management (DKMS): An Essential Missing Piece of the SSI Pu...
Decentralized Key Management (DKMS): An Essential Missing Piece of the SSI Pu...SSIMeetup
 
OpenID for Verifiable Credentials
OpenID for Verifiable CredentialsOpenID for Verifiable Credentials
OpenID for Verifiable CredentialsTorsten Lodderstedt
 
Peer DIDs: a secure and scalable method for DIDs that’s entirely off-ledger –...
Peer DIDs: a secure and scalable method for DIDs that’s entirely off-ledger –...Peer DIDs: a secure and scalable method for DIDs that’s entirely off-ledger –...
Peer DIDs: a secure and scalable method for DIDs that’s entirely off-ledger –...SSIMeetup
 
Blockchain, Self-Sovereign Identity and Credentials
Blockchain, Self-Sovereign Identity and CredentialsBlockchain, Self-Sovereign Identity and Credentials
Blockchain, Self-Sovereign Identity and CredentialsStrategyWorks
 

What's hot (20)

Introduction to Self Sovereign Identity - IIW October 2019
Introduction to Self Sovereign Identity - IIW October 2019Introduction to Self Sovereign Identity - IIW October 2019
Introduction to Self Sovereign Identity - IIW October 2019
 
Digital Guardianship in Self-Sovereign Identity
Digital Guardianship in Self-Sovereign IdentityDigital Guardianship in Self-Sovereign Identity
Digital Guardianship in Self-Sovereign Identity
 
Self-Sovereign Identity for the Decentralized Web Summit
Self-Sovereign Identity for the Decentralized Web SummitSelf-Sovereign Identity for the Decentralized Web Summit
Self-Sovereign Identity for the Decentralized Web Summit
 
The Shift from Federated to Decentralized Identity
The Shift from Federated to Decentralized IdentityThe Shift from Federated to Decentralized Identity
The Shift from Federated to Decentralized Identity
 
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
 
Hyperledger Aries: Open Source Interoperable Identity Solution – Nathan George
Hyperledger Aries: Open Source Interoperable Identity Solution – Nathan GeorgeHyperledger Aries: Open Source Interoperable Identity Solution – Nathan George
Hyperledger Aries: Open Source Interoperable Identity Solution – Nathan George
 
OpenID 4 Verifiable Credentials + HAIP (Update)
OpenID 4 Verifiable Credentials + HAIP (Update)OpenID 4 Verifiable Credentials + HAIP (Update)
OpenID 4 Verifiable Credentials + HAIP (Update)
 
Decentralized Identifiers
Decentralized IdentifiersDecentralized Identifiers
Decentralized Identifiers
 
OpenID for Verifiable Credentials @ IIW 36
OpenID for Verifiable Credentials @ IIW 36OpenID for Verifiable Credentials @ IIW 36
OpenID for Verifiable Credentials @ IIW 36
 
Digital Identity Wallets: What They Mean For Banks
Digital Identity Wallets: What They Mean For BanksDigital Identity Wallets: What They Mean For Banks
Digital Identity Wallets: What They Mean For Banks
 
OpenID Connect 4 SSI (DIFCon F2F)
OpenID Connect 4 SSI (DIFCon F2F)OpenID Connect 4 SSI (DIFCon F2F)
OpenID Connect 4 SSI (DIFCon F2F)
 
OpenID for Verifiable Credentials
OpenID for Verifiable CredentialsOpenID for Verifiable Credentials
OpenID for Verifiable Credentials
 
Zero-Knowledge Proofs in Light of Digital Identity
Zero-Knowledge Proofs in Light of Digital IdentityZero-Knowledge Proofs in Light of Digital Identity
Zero-Knowledge Proofs in Light of Digital Identity
 
Verifiable Credentials for Travel & Hospitality
Verifiable Credentials for Travel & HospitalityVerifiable Credentials for Travel & Hospitality
Verifiable Credentials for Travel & Hospitality
 
Decentralized Key Management (DKMS): An Essential Missing Piece of the SSI Pu...
Decentralized Key Management (DKMS): An Essential Missing Piece of the SSI Pu...Decentralized Key Management (DKMS): An Essential Missing Piece of the SSI Pu...
Decentralized Key Management (DKMS): An Essential Missing Piece of the SSI Pu...
 
OpenID for Verifiable Credentials
OpenID for Verifiable CredentialsOpenID for Verifiable Credentials
OpenID for Verifiable Credentials
 
OIDC4VP for AB/C WG
OIDC4VP for AB/C WGOIDC4VP for AB/C WG
OIDC4VP for AB/C WG
 
OpenID for SSI
OpenID for SSIOpenID for SSI
OpenID for SSI
 
Peer DIDs: a secure and scalable method for DIDs that’s entirely off-ledger –...
Peer DIDs: a secure and scalable method for DIDs that’s entirely off-ledger –...Peer DIDs: a secure and scalable method for DIDs that’s entirely off-ledger –...
Peer DIDs: a secure and scalable method for DIDs that’s entirely off-ledger –...
 
Blockchain, Self-Sovereign Identity and Credentials
Blockchain, Self-Sovereign Identity and CredentialsBlockchain, Self-Sovereign Identity and Credentials
Blockchain, Self-Sovereign Identity and Credentials
 

Similar to Self-Sovereign Identity: Ideology and Architecture with Christopher Allen

Identity of the Blockchain: Perils and Promise
Identity of the Blockchain: Perils and PromiseIdentity of the Blockchain: Perils and Promise
Identity of the Blockchain: Perils and PromiseChristopher Allen
 
Forging Self-Sovereign Identity in the Age of the Blockchain - Christopher Al...
Forging Self-Sovereign Identity in the Age of the Blockchain - Christopher Al...Forging Self-Sovereign Identity in the Age of the Blockchain - Christopher Al...
Forging Self-Sovereign Identity in the Age of the Blockchain - Christopher Al...Christopher Allen
 
01 Introduction atala prism.pdf
01 Introduction atala prism.pdf01 Introduction atala prism.pdf
01 Introduction atala prism.pdfDuongNguyenNgoc10
 
Blockchain law and governance: General Conclusion -- Milan, October 2019
Blockchain law and governance: General Conclusion -- Milan, October 2019Blockchain law and governance: General Conclusion -- Milan, October 2019
Blockchain law and governance: General Conclusion -- Milan, October 2019Tony Lai
 
Iot privacy vs convenience
Iot privacy vs  convenienceIot privacy vs  convenience
Iot privacy vs convenienceDon Lovett
 
Identity Management for Web Application Developers
Identity Management for Web Application DevelopersIdentity Management for Web Application Developers
Identity Management for Web Application DevelopersWSO2
 
The Future is Decentralized - Block Chains, Distributed Ledgers & The Future ...
The Future is Decentralized - Block Chains, Distributed Ledgers & The Future ...The Future is Decentralized - Block Chains, Distributed Ledgers & The Future ...
The Future is Decentralized - Block Chains, Distributed Ledgers & The Future ...Sergio Fernandez de Cordova
 
Shibboleth: Open Source Distributed Authentication and Authorization
Shibboleth: Open Source Distributed Authentication and AuthorizationShibboleth: Open Source Distributed Authentication and Authorization
Shibboleth: Open Source Distributed Authentication and AuthorizationGlen Newton
 
Bramble Tsinghua Presentation
Bramble Tsinghua PresentationBramble Tsinghua Presentation
Bramble Tsinghua PresentationYale Law School
 
Corso pisa-7 dh-2017
Corso pisa-7 dh-2017Corso pisa-7 dh-2017
Corso pisa-7 dh-2017Luca De Biase
 
Blockchain technology.pptx
 Blockchain technology.pptx Blockchain technology.pptx
Blockchain technology.pptxARNAV PATEL
 
Commonification, Sharing and CC: Towards Platforms of Digital Dignity
Commonification, Sharing and CC: Towards Platforms of Digital DignityCommonification, Sharing and CC: Towards Platforms of Digital Dignity
Commonification, Sharing and CC: Towards Platforms of Digital DignityAlexandros Nousias
 
Commonification Sharing and Creative Commons. Alexandros Nousias
Commonification Sharing and Creative Commons. Alexandros Nousias Commonification Sharing and Creative Commons. Alexandros Nousias
Commonification Sharing and Creative Commons. Alexandros Nousias zabej
 
Meetup symbotic sept21_en_v1.0_hc
Meetup symbotic sept21_en_v1.0_hcMeetup symbotic sept21_en_v1.0_hc
Meetup symbotic sept21_en_v1.0_hcHenk van Cann
 
Legal, Policy & the Blockchain
Legal, Policy & the BlockchainLegal, Policy & the Blockchain
Legal, Policy & the BlockchainTudor Stanciu
 
Let the trust evolve itself
Let the trust evolve itselfLet the trust evolve itself
Let the trust evolve itselfSanjeev Azad
 
Your digital identity - are you feeling lucky?
Your digital identity - are you feeling lucky?Your digital identity - are you feeling lucky?
Your digital identity - are you feeling lucky?Kirsten Thompson
 
John Clippinger - Internet of Living Things
John Clippinger - Internet of Living ThingsJohn Clippinger - Internet of Living Things
John Clippinger - Internet of Living ThingsMassTLC
 

Similar to Self-Sovereign Identity: Ideology and Architecture with Christopher Allen (20)

Identity of the Blockchain: Perils and Promise
Identity of the Blockchain: Perils and PromiseIdentity of the Blockchain: Perils and Promise
Identity of the Blockchain: Perils and Promise
 
Forging Self-Sovereign Identity in the Age of the Blockchain - Christopher Al...
Forging Self-Sovereign Identity in the Age of the Blockchain - Christopher Al...Forging Self-Sovereign Identity in the Age of the Blockchain - Christopher Al...
Forging Self-Sovereign Identity in the Age of the Blockchain - Christopher Al...
 
01 Introduction atala prism.pdf
01 Introduction atala prism.pdf01 Introduction atala prism.pdf
01 Introduction atala prism.pdf
 
Blockchain law and governance: General Conclusion -- Milan, October 2019
Blockchain law and governance: General Conclusion -- Milan, October 2019Blockchain law and governance: General Conclusion -- Milan, October 2019
Blockchain law and governance: General Conclusion -- Milan, October 2019
 
Iot privacy vs convenience
Iot privacy vs  convenienceIot privacy vs  convenience
Iot privacy vs convenience
 
Identity Management for Web Application Developers
Identity Management for Web Application DevelopersIdentity Management for Web Application Developers
Identity Management for Web Application Developers
 
The Future is Decentralized - Block Chains, Distributed Ledgers & The Future ...
The Future is Decentralized - Block Chains, Distributed Ledgers & The Future ...The Future is Decentralized - Block Chains, Distributed Ledgers & The Future ...
The Future is Decentralized - Block Chains, Distributed Ledgers & The Future ...
 
Shibboleth: Open Source Distributed Authentication and Authorization
Shibboleth: Open Source Distributed Authentication and AuthorizationShibboleth: Open Source Distributed Authentication and Authorization
Shibboleth: Open Source Distributed Authentication and Authorization
 
Bramble Tsinghua Presentation
Bramble Tsinghua PresentationBramble Tsinghua Presentation
Bramble Tsinghua Presentation
 
Corso pisa-7 dh-2017
Corso pisa-7 dh-2017Corso pisa-7 dh-2017
Corso pisa-7 dh-2017
 
Gov tech undesa undp david lee 5_april2018
Gov tech undesa undp david lee 5_april2018Gov tech undesa undp david lee 5_april2018
Gov tech undesa undp david lee 5_april2018
 
Blockchain technology.pptx
 Blockchain technology.pptx Blockchain technology.pptx
Blockchain technology.pptx
 
Commonification, Sharing and CC: Towards Platforms of Digital Dignity
Commonification, Sharing and CC: Towards Platforms of Digital DignityCommonification, Sharing and CC: Towards Platforms of Digital Dignity
Commonification, Sharing and CC: Towards Platforms of Digital Dignity
 
Commonification Sharing and Creative Commons. Alexandros Nousias
Commonification Sharing and Creative Commons. Alexandros Nousias Commonification Sharing and Creative Commons. Alexandros Nousias
Commonification Sharing and Creative Commons. Alexandros Nousias
 
Meetup symbotic sept21_en_v1.0_hc
Meetup symbotic sept21_en_v1.0_hcMeetup symbotic sept21_en_v1.0_hc
Meetup symbotic sept21_en_v1.0_hc
 
Hope x talk
Hope x talkHope x talk
Hope x talk
 
Legal, Policy & the Blockchain
Legal, Policy & the BlockchainLegal, Policy & the Blockchain
Legal, Policy & the Blockchain
 
Let the trust evolve itself
Let the trust evolve itselfLet the trust evolve itself
Let the trust evolve itself
 
Your digital identity - are you feeling lucky?
Your digital identity - are you feeling lucky?Your digital identity - are you feeling lucky?
Your digital identity - are you feeling lucky?
 
John Clippinger - Internet of Living Things
John Clippinger - Internet of Living ThingsJohn Clippinger - Internet of Living Things
John Clippinger - Internet of Living Things
 

More from SSIMeetup

ZKorum: Building the Next Generation eAgora powered by SSI
ZKorum: Building the Next Generation eAgora powered by SSIZKorum: Building the Next Generation eAgora powered by SSI
ZKorum: Building the Next Generation eAgora powered by SSISSIMeetup
 
Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...
Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...
Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...SSIMeetup
 
Value proposition of SSI tech providers - Self-Sovereign Identity
Value proposition of SSI tech providers - Self-Sovereign IdentityValue proposition of SSI tech providers - Self-Sovereign Identity
Value proposition of SSI tech providers - Self-Sovereign IdentitySSIMeetup
 
SSI Adoption: What will it take? Riley Hughes
SSI Adoption: What will it take? Riley HughesSSI Adoption: What will it take? Riley Hughes
SSI Adoption: What will it take? Riley HughesSSIMeetup
 
Web5 - Open to Build - Block-TBD
Web5 - Open to Build - Block-TBDWeb5 - Open to Build - Block-TBD
Web5 - Open to Build - Block-TBDSSIMeetup
 
Portabl - The state of open banking, regulations, and the intersection of SSI...
Portabl - The state of open banking, regulations, and the intersection of SSI...Portabl - The state of open banking, regulations, and the intersection of SSI...
Portabl - The state of open banking, regulations, and the intersection of SSI...SSIMeetup
 
PharmaLedger: A Digital Trust Ecosystem for Healthcare
PharmaLedger: A Digital Trust Ecosystem for HealthcarePharmaLedger: A Digital Trust Ecosystem for Healthcare
PharmaLedger: A Digital Trust Ecosystem for HealthcareSSIMeetup
 
Cheqd: Making privacy-preserving digital credentials fun
Cheqd: Making privacy-preserving digital credentials funCheqd: Making privacy-preserving digital credentials fun
Cheqd: Making privacy-preserving digital credentials funSSIMeetup
 
PolygonID Zero-Knowledge Identity Web2 & Web3
PolygonID Zero-Knowledge Identity Web2 & Web3PolygonID Zero-Knowledge Identity Web2 & Web3
PolygonID Zero-Knowledge Identity Web2 & Web3SSIMeetup
 
Building SSI Products: A Guide for Product Managers
Building SSI Products: A Guide for Product ManagersBuilding SSI Products: A Guide for Product Managers
Building SSI Products: A Guide for Product ManagersSSIMeetup
 
Solving compliance for crypto businesses using Decentralized Identity – Pelle...
Solving compliance for crypto businesses using Decentralized Identity – Pelle...Solving compliance for crypto businesses using Decentralized Identity – Pelle...
Solving compliance for crypto businesses using Decentralized Identity – Pelle...SSIMeetup
 
The Pan-Canadian Trust Framework (PCTF) for SSI
The Pan-Canadian Trust Framework (PCTF) for SSIThe Pan-Canadian Trust Framework (PCTF) for SSI
The Pan-Canadian Trust Framework (PCTF) for SSISSIMeetup
 
Identity-centric interoperability with the Ceramic Protocol
Identity-centric interoperability with the Ceramic ProtocolIdentity-centric interoperability with the Ceramic Protocol
Identity-centric interoperability with the Ceramic ProtocolSSIMeetup
 
The SSI Ecosystem in South Korea
The SSI Ecosystem in South KoreaThe SSI Ecosystem in South Korea
The SSI Ecosystem in South KoreaSSIMeetup
 
Introducing the SSI eIDAS Legal Report – Ignacio Alamillo
Introducing the SSI eIDAS Legal Report – Ignacio AlamilloIntroducing the SSI eIDAS Legal Report – Ignacio Alamillo
Introducing the SSI eIDAS Legal Report – Ignacio AlamilloSSIMeetup
 
Learn about the Trust Over IP (ToIP) stack
Learn about the Trust Over IP (ToIP) stackLearn about the Trust Over IP (ToIP) stack
Learn about the Trust Over IP (ToIP) stackSSIMeetup
 
How to avoid another identity nightmare with SSI? Christopher Allen
How to avoid another identity nightmare with SSI? Christopher AllenHow to avoid another identity nightmare with SSI? Christopher Allen
How to avoid another identity nightmare with SSI? Christopher AllenSSIMeetup
 
eIDAS regulation: anchoring trust in Self-Sovereign Identity systems
eIDAS regulation: anchoring trust in Self-Sovereign Identity systemseIDAS regulation: anchoring trust in Self-Sovereign Identity systems
eIDAS regulation: anchoring trust in Self-Sovereign Identity systemsSSIMeetup
 
Explaining SSI to C-suite executives, and anyone else for that matter
Explaining SSI to C-suite executives, and anyone else for that matterExplaining SSI to C-suite executives, and anyone else for that matter
Explaining SSI to C-suite executives, and anyone else for that matterSSIMeetup
 
The 2nd Official W3C DID Working Group Meeting (The Netherlands)
The 2nd Official W3C DID Working Group Meeting (The Netherlands)The 2nd Official W3C DID Working Group Meeting (The Netherlands)
The 2nd Official W3C DID Working Group Meeting (The Netherlands)SSIMeetup
 

More from SSIMeetup (20)

ZKorum: Building the Next Generation eAgora powered by SSI
ZKorum: Building the Next Generation eAgora powered by SSIZKorum: Building the Next Generation eAgora powered by SSI
ZKorum: Building the Next Generation eAgora powered by SSI
 
Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...
Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...
Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...
 
Value proposition of SSI tech providers - Self-Sovereign Identity
Value proposition of SSI tech providers - Self-Sovereign IdentityValue proposition of SSI tech providers - Self-Sovereign Identity
Value proposition of SSI tech providers - Self-Sovereign Identity
 
SSI Adoption: What will it take? Riley Hughes
SSI Adoption: What will it take? Riley HughesSSI Adoption: What will it take? Riley Hughes
SSI Adoption: What will it take? Riley Hughes
 
Web5 - Open to Build - Block-TBD
Web5 - Open to Build - Block-TBDWeb5 - Open to Build - Block-TBD
Web5 - Open to Build - Block-TBD
 
Portabl - The state of open banking, regulations, and the intersection of SSI...
Portabl - The state of open banking, regulations, and the intersection of SSI...Portabl - The state of open banking, regulations, and the intersection of SSI...
Portabl - The state of open banking, regulations, and the intersection of SSI...
 
PharmaLedger: A Digital Trust Ecosystem for Healthcare
PharmaLedger: A Digital Trust Ecosystem for HealthcarePharmaLedger: A Digital Trust Ecosystem for Healthcare
PharmaLedger: A Digital Trust Ecosystem for Healthcare
 
Cheqd: Making privacy-preserving digital credentials fun
Cheqd: Making privacy-preserving digital credentials funCheqd: Making privacy-preserving digital credentials fun
Cheqd: Making privacy-preserving digital credentials fun
 
PolygonID Zero-Knowledge Identity Web2 & Web3
PolygonID Zero-Knowledge Identity Web2 & Web3PolygonID Zero-Knowledge Identity Web2 & Web3
PolygonID Zero-Knowledge Identity Web2 & Web3
 
Building SSI Products: A Guide for Product Managers
Building SSI Products: A Guide for Product ManagersBuilding SSI Products: A Guide for Product Managers
Building SSI Products: A Guide for Product Managers
 
Solving compliance for crypto businesses using Decentralized Identity – Pelle...
Solving compliance for crypto businesses using Decentralized Identity – Pelle...Solving compliance for crypto businesses using Decentralized Identity – Pelle...
Solving compliance for crypto businesses using Decentralized Identity – Pelle...
 
The Pan-Canadian Trust Framework (PCTF) for SSI
The Pan-Canadian Trust Framework (PCTF) for SSIThe Pan-Canadian Trust Framework (PCTF) for SSI
The Pan-Canadian Trust Framework (PCTF) for SSI
 
Identity-centric interoperability with the Ceramic Protocol
Identity-centric interoperability with the Ceramic ProtocolIdentity-centric interoperability with the Ceramic Protocol
Identity-centric interoperability with the Ceramic Protocol
 
The SSI Ecosystem in South Korea
The SSI Ecosystem in South KoreaThe SSI Ecosystem in South Korea
The SSI Ecosystem in South Korea
 
Introducing the SSI eIDAS Legal Report – Ignacio Alamillo
Introducing the SSI eIDAS Legal Report – Ignacio AlamilloIntroducing the SSI eIDAS Legal Report – Ignacio Alamillo
Introducing the SSI eIDAS Legal Report – Ignacio Alamillo
 
Learn about the Trust Over IP (ToIP) stack
Learn about the Trust Over IP (ToIP) stackLearn about the Trust Over IP (ToIP) stack
Learn about the Trust Over IP (ToIP) stack
 
How to avoid another identity nightmare with SSI? Christopher Allen
How to avoid another identity nightmare with SSI? Christopher AllenHow to avoid another identity nightmare with SSI? Christopher Allen
How to avoid another identity nightmare with SSI? Christopher Allen
 
eIDAS regulation: anchoring trust in Self-Sovereign Identity systems
eIDAS regulation: anchoring trust in Self-Sovereign Identity systemseIDAS regulation: anchoring trust in Self-Sovereign Identity systems
eIDAS regulation: anchoring trust in Self-Sovereign Identity systems
 
Explaining SSI to C-suite executives, and anyone else for that matter
Explaining SSI to C-suite executives, and anyone else for that matterExplaining SSI to C-suite executives, and anyone else for that matter
Explaining SSI to C-suite executives, and anyone else for that matter
 
The 2nd Official W3C DID Working Group Meeting (The Netherlands)
The 2nd Official W3C DID Working Group Meeting (The Netherlands)The 2nd Official W3C DID Working Group Meeting (The Netherlands)
The 2nd Official W3C DID Working Group Meeting (The Netherlands)
 

Recently uploaded

UGBINTERNETBANKING FACILITY LAUNCHED.pptx
UGBINTERNETBANKING FACILITY LAUNCHED.pptxUGBINTERNETBANKING FACILITY LAUNCHED.pptx
UGBINTERNETBANKING FACILITY LAUNCHED.pptxRiteshsahu101
 
Augmented and Mixed Reality Solutions for Aerospace & Defense
Augmented and Mixed Reality Solutions for Aerospace & DefenseAugmented and Mixed Reality Solutions for Aerospace & Defense
Augmented and Mixed Reality Solutions for Aerospace & Defensethirdeyegen65
 
Red shadows ringing in Japan's Cyberspace
Red shadows ringing in Japan's CyberspaceRed shadows ringing in Japan's Cyberspace
Red shadows ringing in Japan's Cyberspacesttyk
 
Modern Red Teaming - subverting mature defenses on a budget
Modern Red Teaming - subverting mature defenses on a budgetModern Red Teaming - subverting mature defenses on a budget
Modern Red Teaming - subverting mature defenses on a budgetmatt806068
 
AWS Overview of AWS Clarify, Feature Store, Hyper parameter Tuning
AWS Overview of AWS  Clarify, Feature Store, Hyper parameter TuningAWS Overview of AWS  Clarify, Feature Store, Hyper parameter Tuning
AWS Overview of AWS Clarify, Feature Store, Hyper parameter TuningVarun Garg
 
[Hackersuli]Privacy on the blockchain
[Hackersuli]Privacy on the blockchain[Hackersuli]Privacy on the blockchain
[Hackersuli]Privacy on the blockchainhackersuli
 
Augmented and Mixed Reality Solutions for Frontline Medical Professionals
Augmented and Mixed Reality Solutions for Frontline Medical ProfessionalsAugmented and Mixed Reality Solutions for Frontline Medical Professionals
Augmented and Mixed Reality Solutions for Frontline Medical Professionalsthirdeyegen65
 
Obstructive jaundice is a medical condition characterized by the yellowing of...
Obstructive jaundice is a medical condition characterized by the yellowing of...Obstructive jaundice is a medical condition characterized by the yellowing of...
Obstructive jaundice is a medical condition characterized by the yellowing of...ssuser7b7f4e
 
history of tau gamma architect.1968.....
history of tau gamma architect.1968.....history of tau gamma architect.1968.....
history of tau gamma architect.1968.....josephiigo
 
Regulation is Coming - Trusted Media Summit 2023
Regulation is Coming - Trusted Media Summit 2023Regulation is Coming - Trusted Media Summit 2023
Regulation is Coming - Trusted Media Summit 2023Damar Juniarto
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPNIC
 

Recently uploaded (13)

B1 Evaluation.docx
B1 Evaluation.docxB1 Evaluation.docx
B1 Evaluation.docx
 
UGBINTERNETBANKING FACILITY LAUNCHED.pptx
UGBINTERNETBANKING FACILITY LAUNCHED.pptxUGBINTERNETBANKING FACILITY LAUNCHED.pptx
UGBINTERNETBANKING FACILITY LAUNCHED.pptx
 
Augmented and Mixed Reality Solutions for Aerospace & Defense
Augmented and Mixed Reality Solutions for Aerospace & DefenseAugmented and Mixed Reality Solutions for Aerospace & Defense
Augmented and Mixed Reality Solutions for Aerospace & Defense
 
Red shadows ringing in Japan's Cyberspace
Red shadows ringing in Japan's CyberspaceRed shadows ringing in Japan's Cyberspace
Red shadows ringing in Japan's Cyberspace
 
Modern Red Teaming - subverting mature defenses on a budget
Modern Red Teaming - subverting mature defenses on a budgetModern Red Teaming - subverting mature defenses on a budget
Modern Red Teaming - subverting mature defenses on a budget
 
AWS Overview of AWS Clarify, Feature Store, Hyper parameter Tuning
AWS Overview of AWS  Clarify, Feature Store, Hyper parameter TuningAWS Overview of AWS  Clarify, Feature Store, Hyper parameter Tuning
AWS Overview of AWS Clarify, Feature Store, Hyper parameter Tuning
 
[Hackersuli]Privacy on the blockchain
[Hackersuli]Privacy on the blockchain[Hackersuli]Privacy on the blockchain
[Hackersuli]Privacy on the blockchain
 
Augmented and Mixed Reality Solutions for Frontline Medical Professionals
Augmented and Mixed Reality Solutions for Frontline Medical ProfessionalsAugmented and Mixed Reality Solutions for Frontline Medical Professionals
Augmented and Mixed Reality Solutions for Frontline Medical Professionals
 
Obstructive jaundice is a medical condition characterized by the yellowing of...
Obstructive jaundice is a medical condition characterized by the yellowing of...Obstructive jaundice is a medical condition characterized by the yellowing of...
Obstructive jaundice is a medical condition characterized by the yellowing of...
 
history of tau gamma architect.1968.....
history of tau gamma architect.1968.....history of tau gamma architect.1968.....
history of tau gamma architect.1968.....
 
Regulation is Coming - Trusted Media Summit 2023
Regulation is Coming - Trusted Media Summit 2023Regulation is Coming - Trusted Media Summit 2023
Regulation is Coming - Trusted Media Summit 2023
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
 
Riesgos online
Riesgos onlineRiesgos online
Riesgos online
 

Self-Sovereign Identity: Ideology and Architecture with Christopher Allen

  • 1. Self-Sovereign Identity Ideology & Architecture Christopher Allen — Decentralized Identity & Blockchain Architect, Co-Chair W3C Credentials Community Group CC BY-SA 4.0
  • 2. 1. Empower global SSI communities 2. Open to everyone interested in SSI 3. All content is shared with CC BY SA Alex Preukschat @SSIMeetup @AlexPreukschat Coordinating Node SSIMeetup.org SSIMeetup objectives SSIMeetup.orgssimeetup.org · CC BY-SA 4.0 International
  • 3. 3 Christopher Allen | Executive Director | Blockchain Commons ▪ Co-Chair W3C Credentials CG ▪ Co-Inventor & Architect of Decentralized Identifiers ▪ Author Design Principles of Self-Sovereign Identity ▪ Co-Author SSL/TLS ▪ Former Principal Architect, Blockstream ▪ Former CTO Certicom ▪ Former CEO Consensus Development ▪ Former Faculty Pinchot.edu Email: ChristopherA@LifeWithAlacrity.com Twitter: @ChristopherA https://www.linkedin.com/in/ChristopherA/ SSIMeetup.orgssimeetup.org · CC BY-SA 4.0 International
  • 5. 5 is both: ● an to reclaim human dignity & authority in the digital world, and ● an emerging of technology designed to enable that movement. SSIMeetup.orgssimeetup.org · CC BY-SA 4.0 International
  • 7. Basis of Self-Sovereign Identity Self-Sovereign Identity is based on the principles of the Enlightenment, and the UN Universal Declaration of Human Rights. 7CC BY-SA 4.0
  • 8. Control of Relationships & Interactions Self-Sovereign Identity begins with the basic premise that you should control your own identity in regards to your relationships & interactions with other people, organizations and things. 8CC BY-SA 4.0
  • 9. Inherent Dignity We all have inherent dignity independent of our birth place, lineage, or labels, simply because we are human. 9CC BY-SA 4.0
  • 10. Digital Identity Today Identity platforms are administered by centralized authorities • governments • corporations • software platform providers: Each has a vested interest in managing people both on & offline because they desire to: • Enforce a social contract (citizenship, employment, trade, services) • Lock out other authorities from changing or profiting from those social contracts. 10CC BY-SA 4.0
  • 11. Why Not Centralized Authorities? Our relationships with authorities are changing: • We are more & more part of global civil society. We are increasingly part of networks, not hierarchies • Borders & nature of social contract are changing — trans-national federations (EU), nation states, regional states (Wyoming, Scotland, Swiss Cantons), indigenous/tribal/ethnic (First Nations, Kurd) city-states/megalopolii (London, SF Bay Area, BoshWash) • Corporations & employment cross borders too All of these parties are re-negotiating the nature of their sovereignty. 11CC BY-SA 4.0
  • 12. The Re-negotiation of Sovereignty Authorities ignore the voice of ordinary people in these negotiations, yet the relative risks to individuals are greater. Thus Self-Sovereignty gives individuals a voice as we renegotiate what it means to be human in the digital world. 12CC BY-SA 4.0
  • 13. Path to Self-Sovereign Identity 13 http://www.lifewithalacrity.com/2016/04/the-path-to-self-soverereign-identity.html CC BY-SA 4.0
  • 14. SSIMeetup.orgssimeetup.org · CC BY-SA 4.0 International
  • 15. 10 Principles of Self-Sovereign Identity 15 • Existence: Users have an independent existence — they are never wholly digital • Control: Users must control their identities, privacy or celebrity as they prefer • Access: Users must have access to their own data — no gatekeepers, nothing hidden • Transparency: Systems and algorithms must be open and transparent • Persistence: Identities must be long-lived — for as long as the user wishes ● Portability: Information and services about identity must be transportable by the user ● Interoperability: Identities should be as widely usable as possible; e.g. cross borders ● Consent: Users must freely agree to how their identity information will be used ● Minimization: Disclosure of claims about an identity must be as few as possible ● Protection: The rights of individual users must be protected against the powerful CC BY-SA 4.0
  • 16. SSIMeetup.orgssimeetup.org · CC BY-SA 4.0 International
  • 17. 10 Principles of Self-Sovereign Identity 17 • Existence: Users have an independent existence — they are never wholly digital • Control: Users must control their identities, privacy or celebrity as they prefer • Access: Users must have access to their own data — no gatekeepers, nothing hidden • Transparency: Systems and algorithms must be open and transparent • Persistence: Identities must be long-lived — for as long as the user wishes ● Portability: Information and services about identity must be transportable by the user ● Interoperability: Identities should be as widely usable as possible; e.g. cross borders ● Consent: Users must freely agree to how their identity information will be used ● Minimization: Disclosure of claims about an identity must be as few as possible ● Protection: The rights of individual users must be protected against the powerful CC BY-SA 4.0
  • 18. First Principle: Existence The first principle of Self-Sovereign identity is that as human beings we exist independent our digital representations. Our physical existence is our most fundamental fact, and the control over our self is our most fundamental freedom, our “Unalienable Right". This should also be true in the digital world. 18CC BY-SA 4.0
  • 19. Human Dignity Human dignity demands that individuals be treated with respect no matter which system they interact with, whether face-to-face or digitally online. Without that, we become nothing but data in the machine — entries in a ledger to be managed, problems to be solved, digital serfs. We are not. 19CC BY-SA 4.0
  • 20. SSIMeetup.orgssimeetup.org · CC BY-SA 4.0 International
  • 21. 10 Principles of Self-Sovereign Identity 21 • Existence: Users have an independent existence — they are never wholly digital • Control: Users must control their identities, privacy or celebrity as they prefer • Access: Users must have access to their own data — no gatekeepers, nothing hidden • Transparency: Systems and algorithms must be open and transparent • Persistence: Identities must be long-lived — for as long as the user wishes ● Portability: Information and services about identity must be transportable by the user ● Interoperability: Identities should be as widely usable as possible; e.g. cross borders ● Consent: Users must freely agree to how their identity information will be used ● Minimization: Disclosure of claims about an identity must be as few as possible ● Protection: The rights of individual users must be protected against the powerful CC BY-SA 4.0
  • 22. Second Principle: Control The second principle of Self-Sovereign Identity is that people must control their identities, privacy or celebrity as they prefer. You are the ultimate moral authority on your identity. You should always be able to refer to it, update it, or even hide it. 22CC BY-SA 4.0
  • 23. Source of Moral Authority As our digital representations become more and more how we engage in society, a free society demands that we be given a voice in deciding how those representations are created and used. Not because we own that data, but because individual human beings are the ONLY valid source for that moral authority. 23CC BY-SA 4.0
  • 24. Control of Self We should have the same control over our digital selves as we do over our physical selves. 24CC BY-SA 4.0
  • 25. Not Perfect Control This not perfect control. It's not complete. But it is us. As children we learn the appropriate boundaries of that control. As adults, we are expected to understand them. 25CC BY-SA 4.0
  • 26. Limits on Self-Sovereignty Self-Sovereignty doesn’t mean that you are in complete control. But it does define the borders within which you can make decisions and outside of which you negotiate with others as peers, not as a petitioner. 26 “Your right to swing your arms ends just where the other man’s nose begins.”—Unknown, Yale Book of Quotations CC BY-SA 4.0
  • 27. Take Care: Identity is Not Property “Human rights  —  in stark contrast to property rights  —  are universal, indivisible, and inalienable. They attach to each of us individually as humans, cannot be divided into sticks in a bundle, and cannot be surrendered, transferred, or sold… The property law paradigm for data ownership loses sight of these intrinsic rights that may attach to our data. Just because something is property-like, does not mean that it is  —  or that it should be  —  subject to property law.” — Elizabeth M. Renieris (@hackylawer) 27CC BY-SA 4.0
  • 28. Not “Own”, but “Control” Thus when we speak about digital identity & personal information, we shouldn’t use the words “own” or “ownership”. Instead we speak of the individual's right to control their digital identity as we do our physical selves. Largely the Self-Sovereign Identity developer & technology community is avoiding the term “own” and other property-related words. 28 CC BY-SA 4.0
  • 29. SSIMeetup.orgssimeetup.org · CC BY-SA 4.0 International
  • 30. A Caution… “These principles attempt to ensure the user control that’s at the heart of self-sovereign identity. However, they also recognize that identity can be a double-edged sword — usable for both beneficial and maleficent purposes.” — Christopher Allen (@ChristopherA) 30CC BY-SA 4.0
  • 31. Balancing Transparence & Privacy “We desire to balance the need for fairness, accountability and support of the commons in civil society against the need to prevent human rights abuses and the right to be able to freely associate. When these needs conflict, we err to preserve the freedom and rights of the individual over the needs of the group. Put another way, we believe in accountability for the powerful, and privacy for everyone else.” — Christopher Allen (@ChristopherA) 31CC BY-SA 4.0
  • 33. Where do we begin? 33SSIMeetup.orgssimeetup.org · CC BY-SA 4.0 International
  • 34. Credentials 34 Credentials are evidence of authority, status, rights, entitlement to privileges, or the like, usually written in some formal form. CC BY-SA 4.0
  • 35. Credentials 35 A credential typically consist of: ● information related to the subject of the credential (e.g., photo, name, and identification number), ● information related to the issuer (e.g., city government, national agency, or certification body), ● evidence related to how the credential was derived, ● information related to usage, such as biometrics or expiration dates CC BY-SA 4.0
  • 36. Digital Credential 36 A digital credential can represent all of the same information that a physical credential represents, but adds: ● Tamper-proof and therefore more trustworthy ● Holders can generate presentations with multiple credentials ● Both credentials and presentations can be rapidly transmitted, making them more convenient than their physical counterparts when establishing trust at a distance. CC BY-SA 4.0
  • 37. Digital Credential Ecosystem 37 Issuer (Website) Government, Employer, etc. Verifier (Website) Company, Bank, etc. Holder (Digital Wallet / Personal Data Store) Citizen, Employee, etc. Issue Credentials Send Presentation CC BY-SA 4.0
  • 38. Problems with Digital Credentials 38 ● Inappropriate use or over-use of identifiers → e.g. SSN ● Limitations of names & passwords ● Personal data & reputation locked by bigcorp.com ● Personal Identifiable Information (PII) is collected & sold ● Credentials and PII are easily stolen en-mass → Yahoo, Expedia, … ● Share password with spouse or assistant → ambient authority ● Service later shuts down → you are a digital refugee CC BY-SA 4.0
  • 39. Many Identities, Many Contexts 39 Another problem is that you have many identities, each with different contexts: ● Family (spouse’s family, ex’s family, blended families) ● Friends from different eras of your life (high school, college, early or different career) ● Different communities (church, culture, ethnic, lifestyle, neighborhood, special interests, hobbies/avocations) ● Institutions (employment, school, residency, citizenship) CC BY-SA 4.0
  • 40. Too many Contexts 40 Each of these contexts has an identifier ● Family (name, relationship “aunt”) ● Friends from different eras of your life (nickname, relationship “roommate”, Instagram account…) ● Different communities (usernames, email addresses… ) ● Institutions (employee ID, SSN, driver’s license, passport…) CC BY-SA 4.0
  • 41. Identifiers connect to us to Contexts 41 You Institutions Work Friends CC BY-SA 4.0
  • 42. Contexts connect to Contexts 42 You Institutions Work Friends Society CC BY-SA 4.0
  • 45. The Root of the Digital Credential Problem 45 ● ● <IDENTIFIER> ○ license: I1234562 ○ hair: BLK ○ name: ALEXANDER JOSEPH ○ address: 2570 24th STREET … ○ date of birth: 08/31/1977 ○ issued by: California DMV ○ digital signature: MIIB7ZueKqp... CC BY-SA 4.0
  • 46. The Identifier Problem 46 To date, every identifier you use online does not belong to you; it belongs to someone else. ● URLs are leased to you by your DNS provider, who leases them from from the gTLD, who leases them from ICANN. ● Phone numbers are loaned to you (and often ported away) ● Government-issued identifiers often misused commercially ● Management of identifiers is hard, and is being outsourced This results in problems related to cost, data portability, data privacy, and data security CC BY-SA 4.0
  • 47. Digital Identifiers Today 47 Centralized Name System (Identifiers are leased to individuals, usually from Issuer or Identity Provider) Issuer (Website) Government, Employer, etc. Verifier (Website) Company, Bank, etc. Holder (Digital Wallet / Personal Data Store) Citizen, Employee, etc. Issue Credentials Send Presentation CC BY-SA 4.0
  • 48. What is Missing? 48 The ability to… ● create many identifiers for any person, organization, or thing ● that are portable ● do not depend on a centralized authority ● are protected by cryptography ● and enable privacy and data portability. CC BY-SA 4.0
  • 49. Solution: Decentralized Identifier (DID) 49 • A new type of URL that is: – globally unique, – highly available, – cryptographically verifiable – with no central authority. X did:btcr:xyv2-xzyq-qqm5-tyke CC BY-SA 4.0
  • 50. Decentralized Identifiers 50 Decentralized Identifiers (Identifiers are owned by issuers, subject, holders, verifiers) Blockchains / DHTs (Decentralized Ledger) Bitcoin, Ethereum, Sovrin, Veres One, etc. Issuer (Website) Government, Employer, etc. Verifier (Website) Company, Bank, etc. Holder (Digital Wallet / Personal Data Store) Citizen, Employee, etc. Issue Credentials Present Credentials CC BY-SA 4.0
  • 51. What does a DID look like? 51 did:example:123456789abcdefghijk Scheme DID Method DID Method Specific String Example: did:btcr:xyv2-xzyq-qqm5-tyke CC BY-SA 4.0
  • 52. Decentralized Identifiers 52 Also… ● for individuals, organizations, things (phones, IoT). ● registered in blockchain or other decentralized network (ledger-agnostic) ● created and managed via wallet applications CC BY-SA 4.0
  • 53. Some DID/VC Implementations To Date 53 Method DID prefix Bitcoin Reference did:btcr: Blockstack did:stack: ERC725 did:erc725: Ethereum uPort did:uport: IPFS did:ipfs: IPDB did:ipdb: Sovrin did:sov: Veres One did:v1: more registered at https://w3c-ccg.github.io/did-method-registry/
  • 54. Anatomy of a Verifiable Credential 54 Verifiable Credential Issuer Signature (anti-counterfeit) Verification Process (biometric) Decentralized Identifier Credential Metadata Claims
  • 55. Some Organizations Committed to DID/VCs 55https://w3c-ccg.github.io/did-method-registry/
  • 56. 56 Source: DHS Science and Technology Directorate's Testimony before the US House of Representatives, May 8, 2018 ● Cross borders ● Improve Supply Chain Management ● Combat Counterfeit Goods Increasing Government Support CC BY-SA 4.0
  • 58. LESS Identity & Trustless Identity Two Major Tracks: LESS Identity “Legally-Enabled Self-Sovereign” Identity* Key characteristics: ● Minimum Disclosure ● Full Control ● Necessary Proofs ● Legally-Enabled 58 Trustless Identity Or more properly “Trust Minimized” Identity Key characteristics: ● Anonymity ● Web of Trust ● Censorship Resistance ● Defend Human Rights vs. Powerful Actors (nation states, multi-national corps, mafias, etc.) * Originally coined by Tim Bouma (@trbouma) https://medium.com/@trbouma/less-identity-65f65d87f56b CC BY-SA 4.0
  • 59. LESS Identity “I want my identity to be digital, good and better, but in the end, I want my identity to be less than the real me.” — Tim Bouma (@trbouma) “LESS Identity is for higher trust environments with real-world identity verification, trust frameworks, privacy with accountability and government acceptance” — Christopher Allen (@ChristopherA) 59 CC BY-SA 4.0
  • 60. Trustless Identity “1.1 billion people have no legal identity, including tens of millions of stateless refugees.” — The World Bank “And so tyranny naturally arises out of democracy, and the most aggravated form of tyranny and slavery out of the most extreme form of liberty.” — Plato, from the “The Republic” Book VIII 60 CC BY-SA 4.0
  • 61. LESS Identity & Trustless Identity Two Major Tracks: LESS Identity “Legally-Enabled Self-Sovereign” Identity* Key characteristics: ● Minimum Disclosure ● Full Control ● Necessary Proofs ● Legally-Enabled 61 Trustless Identity Or more properly “Trust Minimized” Identity Key characteristics: ● Anonymity ● Web of Trust ● Censorship Resistance ● Defend Human Rights vs. Powerful Actors (nation states, multi-national corps, mafias, etc.) * Originally coined by Tim Bouma (@trbouma) https://medium.com/@trbouma/less-identity-65f65d87f56b CC BY-SA 4.0
  • 62. LESS Identity “I want my identity to be digital, good and better, but in the end, I want my identity to be less than the real me.” — Tim Bouma (@trbouma) “LESS Identity is for higher trust environments with real-world identity verification, trust frameworks, privacy with accountability and government acceptance” — Christopher Allen (@ChristopherA) 62 CC BY-SA 4.0
  • 63. Trustless Identity “Identity is local, insecure, and labor-intensive… Identity-based access will exclude at least a third of world's future adults” — Nick Szabo (@NickSzabo4) “1.1 billion people have no legal identity, including tens of millions of stateless refugees.” — The World Bank 63 CC BY-SA 4.0
  • 64. Trustless Identity “And so tyranny naturally arises out of democracy, and the most aggravated form of tyranny and slavery out of the most extreme form of liberty.” — Plato, from the “The Republic” Book VIII “Identity can be a double-edged sword — usable for both beneficial and maleficent purposes.” — Christopher Allen (@ChristopherA) 64 CC BY-SA 4.0
  • 65. Trustless Identity “We desire to balance the need for fairness, accountability and support of the commons in civil society against the need to prevent human rights abuses and the right to be able to freely associate. When these needs conflict, we err to preserve the freedom and rights of the individual over the needs of the group. Put another way, we believe in accountability for the powerful, and privacy for everyone else.” — Christopher Allen (@ChristopherA) 65 CC BY-SA 4.0
  • 66. Why do I care about Self-Sovereign Identity? Sunday was the 75th anniversary of the Liberation of Auschwitz. I attended a moving ceremony last week in Amsterdam, where the Netherlands Prime Minister apologized. 66 https://www.bbc.com/news/world-europe-51258081 CC BY-SA 4.0
  • 67. An Apology “When authority became a threat, our government agencies failed as guardians of law and security. …Now that the last survivors are still among us, I apologize today on behalf of the government for government action then.” — Mark Rutte (@minpres), Netherlands Prime Minister on 75th Anniversary of the Liberation of Auschwitz 67 https://www.rijksoverheid.nl/documenten/toespraken/2020/01/26/toespraak-van-minister-president-mark-rutte-bij-de-nationale-auschwitzherdenking-amsterdam CC BY-SA 4.0
  • 68. What Went Wrong? Remember, more Jews died as a percentage of population in the Netherlands than in Germany, France and other countries. Part of this is because the Nazis took over civil administration. They had the data! 68 “Netherlands, Belgium and France… The percentage of Jews of the total population did not differ very much and was low in all three countries: 0.75% of the French and Belgian population, and 1.5% of the Dutch population. … Three quarters of the Dutch Jews were murdered… both in terms of percentages and in absolute numbers” https://www.annefrank.org/en/anne-frank/go-in-depth/netherlands-greatest-number-jewish-victims-western-europe/ CC BY-SA 4.0
  • 69. How did this happen? In 1932 JL Letz become the head of the “National Inspectorate of Population Registers” in the Dutch civil service. In the 1930s much of the world was in the grip of The Great Depression. The efficiency of the Dutch civil service ensured all citizens had access to basic services, and was among the best in Europe. 69 http://www.persoonsbewijzen.nl/passie/sites/index.php?mid=226952&kid=4302 CC BY-SA 4.0
  • 70. It worked! Lentz was given the task of promoting more unity in the population registers of the municipalities By 1936, he help establish a decree that every resident in the Netherlands must have a personal identity card in the civil archives, and that these cards must all be controlled from a single office in each region. Lentz won a Royal Award for this. 70 http://www.persoonsbewijzen.nl/passie/sites/index.php?mid=226952&kid=4302 CC BY-SA 4.0
  • 71. The Civil Archives These centralized civil archives were one of the first targets captured by the Nazis, and were considered a valuable asset. Almost immediately after capitulation, Lentz was asked by the Nazi’s to create difficult to forge National Identity Card. Lentz literally wrote the book on personal identity and “proof of inclusion in the population ledger” in 1940. 71 https://en.wikipedia.org/wiki/1943_bombing_of_the_Amsterdam_civil_registry_office CC BY-SA 4.0
  • 72. Forgery by the Resistance “Resistance members soon started to forge identification cards at a large scale… However, forged documents could be easily detected because they could be compared against the records in the civil registries… Some civil servants were willing to falsify records in the civil registry so that they would match up with forged identification cards. Nevertheless, the civil registries remained a potent weapon in the hands of the Nazis to identify…the population who were Jewish” — Wikipedia on “Bombing of the Amsterdam Civil Registry” 72 https://en.wikipedia.org/wiki/1943_bombing_of_the_Amsterdam_civil_registry_office 1942 Biometric Facial Authentication CC BY-SA 4.0
  • 73. Archives Become Target of the Resistance Despite the efforts by the Resistance to create forgeries, these archives were used by the Nazis to check forged identity cards using “proof of inclusion in the registry”, in particular those with the J on them against the civil records. The Dutch resistance tried destroy the civil archives on 28 March 1943. Unfortunately only 15% of the records were destroyed. 73 https://en.wikipedia.org/wiki/1943_bombing_of_the_Amsterdam_civil_registry_office After the Bombing CC BY-SA 4.0
  • 74. Meanwhile in France Like in the Netherlands, the French “Vichy” government also assisted in Nazi deportation of Jews and other “undesirables”. However, in 1942, the Vichy government refused to continue to arrest Jews on a large scale and send them for deportation. The Nazi’s did not control the civil archives as they did in the Netherlands. 74 https://en.wikipedia.org/wiki/The_Holocaust_in_France CC BY-SA 4.0
  • 76. A living history After last week’s Holocaust Memorial, I had lunch with a child of two survivors of Auschwitz, who was also very moved by the the event and the Prime Minister’s apology. His mother had been rounded up using this data in a razzia after protests & strikes by sympathetic Dutch citizens. His father fled and was hidden by the resistance in Utrecht but was ultimately betrayed, probably by Naziusing civil data as an early social network analysis. 76 CC BY-SA 4.0
  • 77. Lessons for Today Despite the trust in government today, we never know what may happen tomorrow. Centralized architectures and immutable proofs can be used for both good and evil. 77 Archives are now the Amsterdam Zoo Cafe CC BY-SA 4.0
  • 78. An opinion I believe that this living history from survivors of WWII is why Dutch citizens & Netherlands government are so supportive of the human-rights privacy aspects of GDPR, and I believe part of the reason why Self-Sovereign Identity is on the agenda here before many other countries. But Remembrance is still needed — it has been 75 years since the Holocaust. The passing of the old generations and ‘fake news’ are fading these memories. 78 https://www.nytimes.com/2016/07/18/world/europe/beyond-anne-frank-the-dutch-tell-their-full-holocaust-story.html CC BY-SA 4.0
  • 79. How can we be heroes? “Where are the false identification cards and fake baptismal certificates in a world of immutable records? How can honest to goodness hero fake an ID in a world where IDs can’t be faked?” — Thomas J Rush (@quickblocks) 79 https://thefederalist.com/2020/01/27/meet-the-man-who-saved-62000-people-during-the-holocaust/ Carl Lutz forged documents saving 62,000 Jews CC BY-SA 4.0
  • 80. Still a need for Trustless Solutions Nationalism, tribalism and xenophobia are on the rise across the world. ● In Russia (Putin) Brazil (Bolsonaro), Great Britain (Johnson), Poland (Kaczynski), Turkey (Erdogan), the USA (Trump), and more. ● Normalization of xenophobia encourages violation of human rights ● Academics, critics, journalists, Muslims, and transgender people have all been targeted. ● Facial recognition is becoming adopted worldwide ● New dangers require new ways to protect human rights 80 CC BY-SA 4.0
  • 81. But we need both! The Netherlands today is a “high-trust” society. The citizens trust the government, and the government trusts the citizens. This is good! We want this! But this is not true everywhere. And LESS Identity is where the money is — Self-Sovereign Identity has deep “trustless” roots, but almost all the major advancements in the last two years have been in projects for commerce and are to be recognized as legal by governments. But as standards emerge, don’t lock out the “trustless” solutions — they serve different needs not served by LESS Identity. 81 CC BY-SA 4.0
  • 82. An Identity Community Foremembrance I would like to see on the next 27 March that the self-sovereign and larger identity community have a moment of silence. A Forward Remembrance, a Foremberance. To remember sculptor Gerrit van der Veen who forged 80,000 Jewish civil records, and author and painter Willem Arondeus and 11 others who were found guilty of attempting to destroy the civil archives and thus were executed by the Nazis. To salute all those who died to protect the defenceless in WWII, who eased suffering in genocides past, and fought discrimination and totalitarianism. 82 CC BY-SA 4.0
  • 83. An Identity Community Foremembrance To foremember about those today at the front. The protesters in Hong Kong, those trying to discover details about the Xinjiang “re-education” concentration camps in western China, the government of Gambia taking Burmese Aung San Suu Kyi to court here in the The Hague to demand protection for the Rohingya, to those protecting immigrant children on the US Mexico border or protecting us against Cambridge Analytica-like attacks this years elections, and to all those protecting minority communities such as gays, transexuals, and more. And to salute all those defending the vulnerable. 83 CC BY-SA 4.0
  • 84. 27th of March - Sunset in Amsterdam (CET) Identity Community #Foremembrance Friday, March 27th Sunset: 19:06 CEST 1:06 pm EDT 10:06 am PDT 01:06 am March 28 in Taipei & Hong Kong 84 CC BY-SA 4.0 https://twitter.com/ChristopherA/status/1225123316916260864
  • 85. 85 Christopher Allen | Executive Director | Blockchain Commons ▪ Co-Chair W3C Credentials CG ▪ Co-Inventor & Architect of Decentralized Identifiers ▪ Author Design Principles of Self-Sovereign Identity ▪ Co-Author SSL/TLS ▪ Former Principal Architect, Blockstream ▪ Former CTO Certicom ▪ Former CEO Consensus Development ▪ Former Faculty Pinchot.edu Email: ChristopherA@LifeWithAlacrity.com Twitter: @ChristopherA https://www.linkedin.com/in/ChristopherA/ SSIMeetup.orgssimeetup.org · CC BY-SA 4.0 International