7 Myths of SSI

From IIW

Myths of SSI


Day/Session:Wednesday 2A

Convener:Rouven Heck & Timothy Huff

Notes-taker(s): Heather Vescent


Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:


Link to my google docs:

https://docs.google.com/document/d/1iflXWqPGTe9wIR5hfIvS1fyluyVUDiU-qq6opF3WqXc/edit?usp=sharing


Rouven Heck, uPort (RH) & Timothy Huff, Evernym (TH)


Seven Myths of SSI

  1. Self-Sovereign Means Self-Attested
  2. SSI vs Government
  3. SSI = National ID
  4. SSI = Absolute Control of IS
  5. There’s a main issuer
  6. There’s a main method for Auth
  7. SSI vs user centric Identity

Detail discussion: #4: Do you have absolute control or not?


T. Ruff: it’s about a container. It’s a wallet, but so much more. It might have a history of your interaction with others. It’s more like a dashboard or control room for how you interact with people. Wallet is a limited word to call it.


Absolute control = if I get these credentials and I put them in my wallet, they are mine, I have the keys for them and DIDs for them, and no one can take those away from me. And I hold these in a service provider/wallet, but if I don’t like that wallet, I can go to another. The apps are no longer a platform, they are now a service provider.


The possession of that license is mine.


Driver’s License:

THe DMV is the issuer (this goes to #2). The DMV is an issuer and issue a digital driver's license. You have physical possession of the file. But then, I drive drunk (the license didn’t expire), but the credential is revoked.


Revocation is important.

They can’t take the credential out of my wallet, but it can be revoked.

I can prove that I have a revoked driver's license. But i can’t prove that I have a valid driver's license.


Revocation gives the issuer the control.


Adrian: Seems you are missing a federated identity perspective. The fact we don’t have those people up there, means we’re missing something.


TR: Yes, but that is out of scope of this conversation.


Martin: The verifiability of the credential is not in your control.


Phil: What does sovereignty mean to a nation? You don’t have control outside the border, you act as a peer. Same thing here.


RH: slightly different: as long as I have all my identifiers, I have “absolute control” over that. E.g. my ID card expires, but I am sure I can still use it in a bar, but maybe not to get on an airplane.


TR: Agreed. There are aspects of SSI that are absolute, they are mine and don’t go to others without consent.


RH: Where are the use cases where this is critical, what are those use cases?


#6: There’s a main method for authentication


Asked: do you use biometrics?


What did you mean?

TR: SSI is a set of protocols, it doesn’t dictate which method someone uses. Some assume we are an IDP offering a service, and we do it a certain way. It’s any authentication method you want to use...


MMPA = Mutually Massively Parallel Authentication


What it means, when I am interacting with my financial institution, we can be measuring credentials during the interactions - location, biometrics, email


Why do I want my bank to stop authenticating me?

And it goes both ways. No more phishing. Because I can authenticate the bank through these same methods. Out of band point to point connection - why is there any limit?


You can use any method #6 is a myth.


Question: Can you put DID Auth in context?


TR: it’s one method? DID Auth is about protocol. I am talking about a modality of doing biomentics, a certain way of doing DID Auth.


Follow-up: I’ll be more specific. Want to ensure the work we have done on authentication can be reused, and that is unclear - e.e. WebAuthN. Can that be used?


Ken: Yes, DID Auth is a protocol you can interact with. You put a translator device btwn OAUth service between that and DID Auth. So you can build a tran


Followup: DID Auth is more like DID AuthZ, instead of DID AuthN.


Ken: yes, but taken off line.


Adrian: Can a thing or a document have an SSI or just a DID.


RH: Yes…


AG: Does SSI apply to that agent?


TR: DIfferent between independent identity and SSI. Things. E.g. infant. But can’t be self-sovereign. Sovrin has guardianship works for things. Btwn a SSI individual. An organization.


HV: asking questions about corporate, NPE Identity,

Are they SSI?


RH: not in agreement that companies are self-sovereign.


PW: Mutlisource identity. All SSI is necessarily multi-source, but not vice versa.

Someone or a thing under guardianship has mutlisource… someone else is making choices bc I am under guardianship.


RH & TW do not agree w/ PW


#7: What is the difference?


RH: FB is user centric, always about the user. But it’s not under my control.

TR: I get mine from Christopher Allen - He goes into user centric identity, was supposed to be like SSI but the tech giants came in and co-opted the concept. But now user centric identity uses a 3rd party - and IDP that is involved, and it feels like its yours, but it’s the entity that is giving you your identity and it has control over it.


Follow-up: There’s no such thing as a SSI service?


TR: Yes, there is, but you can fire it.


PW: Gives the history of IIW, URI, etc. It’s not simple saying big companies corrupted it. What we got was OpenID & UMA and a boon to move people in the right direction. SSI is not a redemption of user centric, but an evolution.


Question: what is a relationship or claim that an SSI can have that a SSI can not?


If you think of SSI as a container only you have the key too, you have a place where the DMV can give you a credential. It’s giving everyone a container, and the issuers of the world have a place to give you something - to issue the digital credentials. Right now everyone has their proprietary way of doing things… e.g. Apple wallet.


Follow-up: The container is my SSI.


TR: Yes, but it’s not about the container, it’s about the relationships you can have because of the container.


Question: How does the DID fit in with your view of an SSI?

Impression is you can take the claims and move em elsewhere, but DIDs are not transportable…


RH: We want to have something to be interoperable, the work to enabling thing to build an ecosystem, it’s an enabler to build this.


Shouldn’t lose your DID when you move from Sovrin to something else. How do we make this possible. The DIDs allow you to rotate keys. I can make an update to the DID Doc with my new keys… so DID is the same, and you tell the world the new keys (after key rotation).


Andrew Hughes: It’s not a thing, it’s a philosophy. Talking about SSI as a thing in the world, is not possible, it’s an approach, a philosophy, not an implementation of anything.  


CIVIC and uPort are using the same DID method. We are all in an early stage with these wallets. But we have not done a successful move… yet.


TR: There’s an argument, take a point in time today  - it’s not SSI today … but the designs are there and we’re moving there and there are standards. “Don’t punish a freshman for not graduating yet.”


Johannes E: what is the failure mode?


TR: How do we make it sustainable?


Kyle: I think it’s economics.


JE: When I hear you explain it, that’s what I heard so many times. So I want to hear, and this is why it won’t happen this time.


PW: I don’t know I know all the failure modes. One is: platforms provide natural monopolies. One way you can see this, having a natural monopoly - there are service providers - some are better than others. But all of them are run by a single service provider? How to combat that? One way…. (disclaimer, not an announcement) is to instruct the economic incentives to disincent that kind of natural monopoly. There are thoughts about how to do that.


Martin: Question: about the relationship. Is provider specific? Who defines this relationship?


RH: We don’t know the right schema … I assume it will emerge.


Question: back to 10k rides, how does this solve from platform to platform.


TR: just an opinion, a new service gives reputation to share that.


Fragmentation?

Reputation - rabbit hole. It gets complicated.


Adrian: Why it’s not gonna slide (answer to JE)

The value of aggregating data because things are connected. The technology cost goes down.  (Moores Law).


TR: the environment for regulation is high now… there is wind in our backs to make this happen and drive adoption through business channels.


Comment: In Heathcare you have government mandate that you own your data. There is something that has to be dealt with the people holding your data. And they make it difficult to share your data…