My Identiverse: The Evolution of Digital Identity and Openness

Plenary #3: Digital Identity and Embodied Practice
What is Universe?
University of Oregon, Portland
April 19, 2018
My Identiverse:
The Evolution of Digital Identity and Openness
Kaliya “Identity Woman” Young

What really makes it work?
Protocol

Protocol is a universalism achieved
through negotiation, meaning that in the
future protocol can and will be different.
From Alexander Gallway’s book Protocol

The goal of protocol is totality. It must
accept everything, not matter what source,
sender, or destination. It consumes
diversity, aiming instead for university.

Protocol’s virtues include robustness,
contingency, inter-operability, ﬂexibility,
heterogeneity, an pantheism.

Protocol is a system of distributed
management that facilitates peer-to-peer
relationships between autonomous
entities.

Protocol is a type of controlling logic that
operates largely outside institutional,
government and corporate power.

Protocol is synonymous with possibility.

Internet protocols allow for
inter-operation between computers.

Protocol is a language that regulates ﬂow,
directs netspace, codes relationships, and
connects life forms. It is etiquette for
autonomous agents.

The Protocol displaying Websites

Protocol for 2nd Factor
Authentication

How can people
control their
own identities?

BE IN SOMEONE
ELSE’s NAME SPACE

Long Time Ago in a Far Far away
Planetwork convened 50
Environmental Groups
at the Presidio in SF in1999
They asked how can we use the internet
to work together to solve
our environmentalcrises.

There were two answers - neither one was good.

Global Ecology and
Information Technology
2000

At the Time we had these choices
for social presence online

These entities were going to give us digital identities??? Really?

Building Identity and
Trust into the Next
Generation Internet

Underlying this report is the assumption that every individual ought
to have the right to control his or her own online identity. You should
be able to decide what information about yourself is collected as part
of your digital profile, and of that information, who has access to
different aspects of it. Certainly, you should be able to read the
complete contents of your own digital profile at any time. An online
identity should be maintained as a capability that gives the user many
forms of control. Without flexible access and control, trust in the
system of federated network identity will be minimal.

A digital profile is not treated [by corporations who host
them] as the formal extension of the person it represents.
But if this crucial data about you is not owned by you,
what right do you have to manage its use?
A civil society approach to persistent identity is a
cornerstone of the Augmented Social Network project.

Organizations would have identities
People would have identities

They would be able to connect on their own terms
Each being ﬁrst class nodes on the network

People can connect directly to each other co-owining the connection
NOT through a social network.

LInkedIn OWNS the social graph

This is a meeting of the Identity Gang

Internet Identity Workshop 2005

Sessions get Posted
on the Board

We gather together at the end of the
day and share about what happened

Who is here? This map was made by the community gathered.
Their are 450 groups in this map.

We have been really innovative. Here is a protocol family tree.

Lots of Open Standards
XRI/XDI
SAML
Information
Cards

OpenID,
Working Groups and Standards

IETF
Working Groups
and Neighbors

FIDO Alliance Connection to W3C

W3C and
Internet
Technical
Advisory
Committee
of the OECD

We collect notes from all of the sessions.

Opening
Closing
Unconference Day
5-6 breakout sessions

Conventional Facilitation holds
the space in the center of the Torus

With Open Space Technology
the space is held at the edge.

Shifting Metaphors Slightly
We are a Bowl

CREEPY NSA (and others) SPYING
Rules for Lawful Intercept
IN THIS BIGYELLOW BOX
What did NSTIC focus on?

CREEPY NSA (and others) SPYING
Rules for Lawful Intercept
NORMATIVE RULES
BUSINESS PRACTICES
TECHNOLOGIES
FOR EVERY DAY LIFE
Business - Business
Business - Consumer
Business - Government
Citizen/Person - Gov

I was there representing
IIW this Bowl Shape

There were all these pyramid shaped
organizations with a very clear hierarchy.

They were VERY confused by IIW’s shape/form
They wanted to know who was
in charge and could put them on
the “schedule” of the conference.

Abrahamic
Cultural Frame
Relational
Cultural
Frame
It also goes to deeper philosophical
differences about where identity comes from.

Identity along with all things
ﬂows down from GOD.Identity and all things are present in
the world and relate to each other.

There is a whole community gathering to
co-create user-centric/self-sovereign identity.

There is NO “Great Man”
creating this technology

There is a whole community building these
protocols and getting these technologies to work.

What protocols are we building?

Decentralized IDentiﬁer - DID
did:sov:3k9dg356wdcj5gf2k9bw8kfg7a
Method
Scheme
Method-Specific Identifier

Decentralized IDentiﬁer - DID
DID Document
1) DID (self-describing)
2) List of public keys (For the owner)
3) List of controlling DIDs (for key recovery)
4) List of service endpoints (for interaction)
5) Timestamps (for audit history)
6) Signature (for integrity)

Public-Private Cryptographic Keys
Public Key Infrastructure = PKI

did:sov:3k9dg356wdcj5gf2k9bw8kfg7a
047d599d4521480d9e1919481b024f29d2693f2
72d19473dbef971d7d529f6e9
Private 
Key
Public
Key
cc2cd0ffde594d278c2d9b432f4748506a7f9f2
5141e485eb84bc188382019b6

Smart Phones and Cloud Services

DID Layer
The decentralized identity “stack”
Identity Owners
Cloud Layer
Cloud Wallet Cloud Wallet
Cloud Agent Cloud Agent
Edge Layer
Edge Wallet Edge Wallet
Edge Agent Edge Agent
Encrypted P2P verifiable claims exchange

W3C Verifiable Claims Ecosystem
HolderIssuer Verifier
Issues  
Claim
Presents 
Claim
Decentralized Identifiers (DIDs)
Public Blockchain or other Decentralized Network
Signs
Claim
Countersigns
Claim
Verifies
Signatures
Wallet

Sovrin Verifiable Claims Ecosystem
Issues  
Claim
Presents 
Claim
Signs
Claim
Countersign
s Claim
Verifies
Signatures
Wallet
Pairwise
Unique 
DID
Pairwise
Unique 
DID

Sovrin Verifiable Claims Ecosystem
Issues  
Claim
Presents 
Claim
Signs
Claim
Countersign
s Claim
Verifies
Signatures
Wallet
Zero
Know-
ledge
Claim
Zero
Know-
ledge
Proof
Does not reveal pairwise
unique DID of Holder with
Issuer
Supports selective
disclosure

HOW DO YOU KNOW ITS TRUE?
Without…

HOW CAN YOU RESOLVE FOR THEM?
They are Distributed right?

Decentralized Identity Foundation

My Identiverse
has changed….

I question the path
of its evolution
AND our openness

Protocol:
How Control Exists
after Decentralization

It is essential that we change the culture around
how technology is built now:
• to put humanness ﬁrst,
• to center communities that have been
marginalized in its creation to date
• to design with awareness of threat models
that have often been ignored until it’s too late.

Internet Identity Workshop
#27 October 23-25

My Identiverse: The Evolution of Digital Identity and Openness

More Related Content

What's hot

Similar to My Identiverse: The Evolution of Digital Identity and Openness

More from Kaliya "Identity Woman" Young

Recently uploaded

My Identiverse: The Evolution of Digital Identity and Openness