4B/ 101 Session: Self Sovereign & Decentralized Identity

101 Session: Self Sovereign & Decentralized Identity

Tuesday 4B

Convener: Karyl Fowler & Juan Caballero

Notes-taker(s): Karyl Fowler & Juan Caballero

Tags for the session - technology discussed/ideas considered:

https://www.uschamberfoundation.org/sites/default/files/media-uploads/Applying%20SSI%20Principles%20to%20ILRs%20Report.pdf

Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps: 

Links:

• Video from last IIW

• Slides from this session Karyl Fowler (Transmute) and Juan Caballero (DIF) present Intro to SSI at #IIW31, Oct 2020

ZOOM CHAT

From Peter Mackinnon to Everyone: (3:01 PM)


caffeinated
really informative, I'm brand new to all this. Both @ juan


From Matt Domsch - SailPoint to Everyone: (3:02 PM)


Learning for work @ SailPoint


From Erica Connell to Everyone: (3:02 PM)


personal


From Antony Wang to Everyone: (3:02 PM)


personal


From Mihai Chiorean to Everyone: (3:02 PM)


Personal interest but might be able to use it professionally


From Benjarat to Everyone: (3:25 PM)


Can we record this session pls?


From Juan Caballero (DIF/Spruce) to Everyone: (3:25 PM)


oh shucks


From Andrea Reginato to Everyone: (3:25 PM)


Yes, it would be helpful


From Juan Caballero (DIF/Spruce) to Everyone: (3:26 PM)


we recorded it last time. let's record Q&A


From Radu Popovici to Everyone: (3:27 PM)


Can we have the slides?


From Juan Caballero (DIF/Spruce) to Everyone: (3:27 PM)


one sec i'll get you both links
More on data portability later :D
Rebase CG starts up soon, a project I'm involved with on that front
slides and video from last time in the notes, btw


From Juan Caballero (DIF/Spruce) to Everyone: (3:32 PM)


https://docs.google.com/document/d/1L74mjPN-ydwoyH-zQaLB1eZ2q6Pb24Vgt-ObrH3Gxzc/edit
can't figure out how to claim host tho for cloud-recording :/
selective disclosure is an architecture/UX primitive; ZKP is a kind of math


From Kimberly Duffy to Everyone: (3:36 PM)


Is doge listed there yet?


From Juan Caballero (DIF/Spruce) to Everyone: (3:36 PM)


https://github.com/spruceid/did-doge


From Juan Caballero (DIF/Spruce) to Everyone: (3:36 PM)


errr https://spruceid.github.io/did-doge/index.html


From Kimberly Duffy to Everyone: (3:36 PM)


Thanks, which use cases does did:doge solve? :)


From Juan Caballero (DIF/Spruce) to Everyone: (3:37 PM)


rude


From Kimberly Duffy to Everyone: (3:37 PM)


Sorry


From Kaan Uzdogan to Everyone: (3:38 PM)


What could be an example for a different did methods on same blockchain network, or why there might be a need for that


From Kimberly Duffy to Everyone: (3:39 PM)


Kaan - there are at least 2 diff BTC-based methods


From Andrea Reginato to Everyone: (3:39 PM)


Could we have a link about the project working on VC and education?


From Juan Caballero (DIF/Spruce) to Everyone: (3:39 PM)


https://w3c-ccg.github.io/vc-ed/
Kaan - Doge is a BTC fork too, so might count as a BTC-based method if you squint a little
and Kim - DOGE knows no "use value", it descends from the labor theory of value


From Kimberly Duffy to Everyone: (3:40 PM)


Kaan - As for why, one addresses scaling better than the other. But it requires 2nd layer solutions and some might view it as less “self-sovereign"
YES
Did:doge solves the meme problem


From Juan Caballero (DIF/Spruce) to Everyone: (3:41 PM)


until DID:Doge, memes didn't scale


From Kimberly Duffy to Everyone: (3:41 PM)


correct


From Kimberly Duffy to Everyone: (3:41 PM)


But there is also a did:mem
Did:meme


From Juan Caballero (DIF/Spruce) to Everyone: (3:42 PM)


did:mlem will serve the little-known finnish mlem community that forked dogecoin in 2018


From Kimberly Duffy to Everyone: (3:43 PM)


Things get less fun as you go to the right :(


From Kimberly Duffy to Everyone: (3:49 PM)


W3C CCG is a good way to get an intro; it’s free and open to the public: https://w3c-ccg.github.io/


From Kimberly Duffy to Everyone: (3:49 PM)


There is a CCG 101 work item that’s trying to make all of these more accessible. Joining that is a great way to get up to speed and contribute to a CCG work item at the same time
If you are interested in education, check out https://w3c-ccg.github.io/vc-ed/


From Juan Caballero (DIF/Spruce) to Everyone: (3:54 PM)


https://docs.google.com/document/d/1L74mjPN-ydwoyH-zQaLB1eZ2q6Pb24Vgt-ObrH3Gxzc/edit


From Kimberly Duffy to Everyone: (3:54 PM)


Great job Karyl and Juan!


From Sandeep Bajjuri to Everyone: (3:55 PM)


Thank you Karyl and Juan :)


From Quang Tu LE to Everyone: (3:56 PM)


Thanks for the talk!


From Me to Everyone: (3:56 PM)


<3 thanks Kim! And thanks Sandeep!


From Me to Everyone: (3:56 PM)


thanks for attending all!


From Erica Connell to Everyone: (3:56 PM)


Thank you, Karyl and Juan. I appreciate your presentation!


From Kimberly Duffy to Everyone: (3:56 PM)


Juan I can hem and haw around this


From Me to Everyone: (3:57 PM)


The Kim speaking is one of the two Kim’s we referenced a few times in our presentation :) Very cool to have her at the intro sash!


From Simin Ghesmati to Everyone: (3:58 PM)


Could you please go over privacy issues that may arise using the technology?


From Juan Caballero (DIF/Spruce) to Everyone: (3:58 PM)


absolutely
ack they traded in the leafblower for a weed whacker


From Kimberly Duffy to Everyone: (4:01 PM)


I might have a couple of things


From Juan Caballero (DIF/Spruce) to Everyone: (4:02 PM)


https://www.amazon.com/Domains-Identity-Understanding-Contemporary-Collection/dp/1785274910


From Me to Everyone: (4:04 PM)


add literature links to the session notes if you’ve got any!


From Juan Caballero (DIF/Spruce) to Everyone: (4:04 PM)


https://en.wikipedia.org/wiki/Contextual_Integrity


From Kimberly Duffy to Everyone: (4:05 PM)


https://www.uschamberfoundation.org/sites/default/files/media-uploads/Applying%20SSI%20Principles%20to%20ILRs%20Report.pdf


From Marius Scurtescu to Everyone: (4:05 PM)


getting 404 for above


From Ian Culp to Everyone: (4:06 PM)


worked for me


From Kimberly Duffy to Everyone: (4:06 PM)


What’s the link to the session notes?


From Juan Caballero (DIF/Spruce) to Everyone: (4:06 PM)


https://docs.google.com/document/d/1L74mjPN-ydwoyH-zQaLB1eZ2q6Pb24Vgt-ObrH3Gxzc/edit


From dsearls to Everyone: (4:10 PM)


We worked out privacy in the physical world thousands of years ago, which started with the technologies called clothing and shelter. The connected digital world is still new: decades old at the most. .This world also came without privacy tech, which we have still barely invented.


From Juan Caballero (DIF/Spruce) to Everyone: (4:11 PM)


"forward privacy"


From dsearls to Everyone: (4:11 PM)


Meanwhile we have, in the absence of personal privacy tech, had massive amounts of privacy-violating tech deployed, which we have addressed mostly with regulation.
Which amounts at most telling those incentivized to spy on naked people to stop doing that. Which they haven't.


From Andrea Reginato to Everyone: (4:13 PM)


I’ve a question: how can I trust an issuer? Or better, why should a verifier trust a credential? I’m working in a project where we want to generate VC that are connected to impact. One way (the one we see today) is to pass through an auditor and get a certification. We are working on a community based approach where different stakeholders (community members, investors, trusted parties, travellers, AI), but we are new to this. Any direction for “issuer trust” topic?


From Kimberly Duffy to Everyone: (4:15 PM)


@Andrea — right, there are many layers of deciding whether to accept a credential. We are currently dividing it into the 3 V: https://github.com/w3c-ccg/vc-http-api/blob/main/docs/verification.md
Oh that’s scary — Daniel?


From dsearls to Everyone: (4:15 PM)


Look up https://www.google.com/search?q=gdpr+compliance and you'll get >200 million results, nearly all of which are about obeying the letter of the law while screwing its spirit to the wall.


From Simin Ghesmati to Everyone: (4:15 PM)


Perfect, thanks


From dsearls to Everyone: (4:16 PM)


ProjectVRM and Customer Commons, which started here, have a privacy manifesto on a wiki: https://cyber.harvard.edu/projectvrm/Privacy_Manifesto


From Riley Hughes to Everyone: (4:17 PM)


In fact I just held an entire session on this question 😂


From Juan Caballero (DIF/Spruce) to Everyone: (4:17 PM)


There is also a conversation/thought experiment around Andreas's question happening in the ESSIF-LAB program in Europe:

https://gataca-io.github.io/verifier-apis/


From Juan Caballero (DIF/Spruce) to Everyone: (4:17 PM)


Oh! And get the recording of Riley's session!
Highly decentralized allow lists :D


From Andrea Reginato to Everyone: (4:22 PM)


Thanks a lot (can’t speak as people are sleeping)


From Michael Black1 to Everyone: (4:22 PM)


Thank you!


From Peter Mackinnon to Everyone: (4:22 PM)


thanks!


From Simin Ghesmati to Everyone: (4:22 PM)


Really useful and nice presentation. thanks all.


From Ian Culp to Everyone: (4:22 PM)


thanks for the knowledge!


From Kimberly Duffy to Everyone: (4:22 PM)


Thanks!!