Making a Map of all the Working Groups Working on SSI/Decntralized ID + how it fits together + making a weekly/monthly + yearly calendar

From IIW

Making A Map of All The Working Groups Working On SSI/Decentralized ID + How It Fits Together & Making a Weekly/Monthly/Yearly Calendar (Part 1)


Wednesday 7I

Convener: Kaliya Young & Pam Dingle

Notes-taker(s): Kaliya Young


Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:


We started out brainstorming all the groups we could think of and clustering them.


DIF


Identifiers Names and Discovery

https://identity.foundation/working-groups/identifiers-names-discovery.html

-> SideTree protocol

-> Universal Resolver

Members of the Working Group are engaged in development of protocols and systems that enable creation, resolution, and discovery of decentralized identifiers and names across underlying decentralized systems, like blockchains and distributed ledgers.


DIF Storage and Compute

https://identity.foundation/working-groups/storage-compute.html

Secure, encrypted, privacy-preserving storage and computation of data is a critical component of decentralized identity systems. As with identifiers and names must be self-sovereign to the owning entity, a user's identity data must remain private, only accessible to the entities they allow. DIF members are actively developing specs and reference implementations for provider-agnostic, run-anywhere solutions that provides these features.


DIF Claims and Credentials

BiWeekly on Thursday

https://identity.foundation/working-groups/claims-credentials.html

Join this group to contribute to the standards and technology that create, exchange, and verify claims and credentials in a decentralized identity ecosystem. For example, a cryptographically verifiable credential that proves an individual has a college degree or is of a certain age. Our members focus on specs that are vendor agnostic and based on industry standards.


DIF Security <- New


DIDAuth

We will have the DIF DID Auth WG page soon. Meetings are bi-weekly: Next meeting is May 23th, 7-8 pm (CEST) - In the meantime, the group agreed to have the following charter and scope:


The purpose of this working group is to design, recommend and implement a universal authentication protocol that relies upon open standards and cryptographic protocols, including DIDs and DID Documents.

Recommendations and development of specifications, protocols, and formats for data structures used for authentication. The Working Group’s areas of activity may include, but are not limited to, the following: 

- Define the formats and protocols necessary for authentication using DIDs and DID Documents which we intend to recognize as formally DIF-approved

- Implement DIF-approved DID Auth proposal

- Develop tools for validation and programmatic interaction with DID Auth.


Interop Project


Indy

https://github.com/hyperledger/indy-node#about-indy-node

Hyperledger Indy is a distributed ledger, purpose-built for decentralized identity. It provides tools, libraries, and reusable components for creating and using independent digital identities rooted on blockchains or other distributed ledgers so that they are interoperable across administrative domains, applications, and any other “silo.”


AREIS (Indy Agent) -

https://github.com/hyperledger/indy-agent

Agents come in all varieties. Some are simple and static; these might be appropriate for IoT use cases that are hard-wired for a single connection. Others are complex and cloud-based, suitable for enterprise use. Still others run on mobile devices for individual users.

Wednesday Noon Pacific


Indy SDK

Wednesday 7am


Peer/Pariwise


W3C


Credentials Community Group

https://www.w3.org/community/credentials/

The mission of the W3C Credentials Community Group is to explore the creation, storage, presentation, verification, and user control of credentials. We focus on a verifiable credential (a set of claims) created by an issuer about a subject—a person, group, or thing—and seek solutions inclusive of approaches such as: self-sovereign identity; presentation of proofs by the bearer; data minimization; and centralized, federated, and decentralized registry and identity systems. Our tasks include drafting and incubating Internet specifications for further standardization and prototyping and testing reference implementations.


Part of this Group meets in

DID Spec and DID Resolution Spec

Weekly Meetings

https://docs.google.com/document/d/1qYBaXQMUoB86Alquu7WBtWOxsS8SMhp1fioYKEGCabE/edit#

Will become the DID Working Group

Verifiable Credentials Working Group

https://www.w3.org/TR/verifiable-claims-data-model/

Credentials are a part of our daily lives; driver's licenses are used to assert that we are capable of operating a motor vehicle, university degrees can be used to assert our level of education, and government-issued passports enable us to travel between countries. This specification provides a mechanism to express these sorts of credentials on the Web in a way that is cryptographically secure, privacy respecting, and machine-verifiable.


WebAuthN

Standard: https://www.w3.org/TR/webauthn/

Working Group Page: https://www.w3.org/Webauthn/

The Web Authentication Working Group published Web Authentication: An API for accessing Public Key Credentials Level 1 (WebAuthn) as a W3C Recommendation on March 4, 2019. This specification defines an API enabling the creation and use of strong, attested, scoped, public key-based credentials by web applications, for the purpose of strongly authenticating users. As a core component of the FIDO Alliance’s FIDO2 set of specifications,


Activity Streams 2.0

https://www.w3.org/TR/activitystreams-core/

This specification details a model for representing potential and completed activities using the JSON format. It is intended to be used with vocabularies that detail the structure of activities, and define specific types of activities.


OpenID

OpenIDConnect Self-Issued

https://openid.net/specs/openid-connect-core-1_0.html#SelfIssued

OpenID Connect supports Self-Issued OpenID Providers - personal, self-hosted OPs that issue self-signed ID Tokens. Self-Issued OPs use the special Issuer Identifier https://self-issued.me.

The messages used to communicate with Self-Issued OPs are mostly the same as those used to communicate with other OPs. Specifications for the few additional parameters used and for the values of some parameters in the Self-Issued case are defined in this section.


Kantara


Consent & Information Sharing Work Group

https://kantarainitiative.org/groups/ciswg/

Project VRM and other related parties wish to build a framework around which a new type of personal information can be enabled to flow, and in doing so improve the relationship between demand and supply. Our contention is that when individuals are forced to sign organization-centric privacy policies/ terms of use then this places limitations on the information that will be shared. If such constraints were removed, and capabilities built on the side of the individual, then new, rich information will flow – including actual demand data (as opposed to derived/ predicted demand). The goal of this working group is to identify and document the use cases and scenarios that illustrate the various sub-sets of user driven information, the benefits therein, and specify the policy and technology enablers that should be put in place to enable this information to flow.


Consent Management

https://kantarainitiative.org/confluence/display/consentmanagement/WG+-+Consent+Management+Solutions+Home - Consent Management Solutions are used to manage the full lifecycle of an individual’s consent for the processing of their personal data. That consent needs to be: freely given, specific, informed and unambiguous.


Consent Receipt Standard

https://kantarainitiative.org/confluence/display/infosharing/Consent+Receipt+Specification

A Consent Receipt is record of authority granted by a Personally Identifiable Information (PII) Principal to a PII Controller for processing of the Principal's PII. The record of consent is human-readable and can be represented as standard JSON. This specification defines the requirements for the creation of a consent record and the provision of a human-readable receipt. The standard includes requirements for links to existing privacy notices & policies as well as a description of what information has been or will be collected, the purposes for that collection as well as relevant information about how that information will be used or disclosed. This specification is based on current privacy and data protection principles as set out in various data protection laws, regulations and international standards.


IEEE

Blockchain for Healthcare https://transmitter.ieee.org/blockchain-in-healthcare/


IEEE Data Governance 7000 series

P7002 Data Privacy Process

https://standards.ieee.org/project/7002.html

This standard defines requirements for a systems/software engineering process for privacy oriented considerations regarding products, services, and systems utilizing employee, customer or other external user's personal data. It extends across the life cycle from policy through development, quality assurance, and value realization. It includes a use case and data model (including metadata). It applies to organizations and projects that are developing and deploying products, systems, processes, and applications that involve personal information. By providing specific procedures, diagrams, and checklists, users of this standard will be able to perform a conformity assessment on their specific privacy practices. Privacy impact assessments (PIAs) are described as a tool for both identifying where privacy controls and measures are needed and for confirming they are in place.


P7004 Child and Student Data Governance

https://standards.ieee.org/project/7004.html

The standard defines specific methodologies to help users certify how they approach accessing, collecting, storing, utilizing, sharing, and destroying child and student data. The standard provides specific metrics and conformance criteria regarding these types of uses from trusted global partners and how vendors and educational institutions can meet them.


P7005 Employment

https://standards.ieee.org/project/7005.html

The standard defines specific methodologies to help employers to certify how they approach accessing, collecting, storing, utilizing, sharing, and destroying employee data. The standard provides specific metrics and conformance criteria regarding these types of uses from trusted global partners and how vendors and employers can meet them.


P7006 Personal Data AI Agent

https://standards.ieee.org/project/7006.html - This standard describes the technical elements required to create and grant access to a personalized Artificial Intelligence (AI) that will comprise inputs, learning, ethics, rules and values controlled by individuals.

P7012 Machine Readable Privacy Terms

https://standards.ieee.org/project/7012.html

The standard identifies/addresses the manner in which personal privacy terms are proffered and how they can be read and agreed to by machines.


ISO

TC 307 Blockchain Process Policy

- Blockchain and distributed ledger technologies -- Terminology

- Blockchain and distributed ledger technologies -- Privacy and personally identifiable information protection considerations

- Blockchain and distributed ledger technologies -- Security risks, threats and vulnerabilities

- Blockchain and distributed ledger technologies -- Overview of identity management using blockchain and distributed ledger technologies


Other Things


JLINC (JSON-LD Link Contracts) for Data Sharing Governance

https://jlinc.org - The protocol is open (anyone can use it) but it is not at a standards body.

JLINC is an open protocol for sharing data protected by an agreement on the terms under which the data is being shared. The agreement is known as an Information Sharing Agreement, and can be a reference to a standardized agreement (a Standard Information Sharing Agreement or SISA) or a one-off specialized contract. The base profile is HTTP-based, but any protocol that affords methods for initiating and responding to data transactions, along with metadata (headers) accompanying those interactions could be adapted.


NIST 800-63-3


ERC 725


FIDO


Then we organized it into a map of where the different groups and their work fit in a map of the ecosystem.


IIW28 WED 7I Making a Map of All Working Groups (SSI,Decentralized ID...).jpg


Events:

Interop-a-thon proposed

Internet Identity Workshop

MyData

Rebooting Web of Trust


We also named many companies in the space.

Transmute

Veres One

Trusted Key

Ockam

Consensus

Sovrin

Jolocom

Civic

Bloom

Yubico


digi.me

Inonyom

Sphere Identity

SelfKey

CULedger

BCGov

Blockstack

Inrupt

Lifescope

Evernym


Map of the Agents and Hubs


Common amongst all of them are these things


DID Communication

- Base Encryption (Wallet People Port Civic)

- Message Typing

- Routing

- Alignment w/ crypto key types (secret management)


Increase compatibility in future w/o hair pulling in the future.


Things in play in decentralized web land include the

Fediverse https://fediverse.party

Activity Streams - https://www.w3.org/TR/activitystreams-core/


Agents

based on ARIES at Hyperledger

  • Key Management
  • Credentials
  • Protocol Support

https://wiki.hyperledger.org/display/ARIES/Hyperledger+AriesIM


Projects/Companies based on Aries

- IDRamp - https://idramp.com

- Mattr (SparkNZ) - http://www.sparknz.co.nz/

- StreetCred

- connect.me http://www.connect.me

- T-Mobile (Axel)

- Germen Credentials @University

- NL Bank Consortium

- BlockPass - https://blockpass.org

- Some Banks are folding into existing applications

- IBM - https://www.ibm.com/blockchain/solutions/identity

- ATT


HUBS

Personal Data Stores

  • Can store encrypted things at Rest
  • Actions -> Meta Protocol
  • Synchronization between Hubs

MSFT and WorkDay


Other Projects

Transmute - Workflows approach - https://www.transmute.industries

digi.me waiting for the - https://digi.me

LifeScope - SOLID - https://lifescope.io - https://solid.inrupt.com

3Box [Ethereum] - https://medium.com/uport/announcing-3box-and-ethereum-profiles-dba9841e0952

Privony - Michael Becker’s Company - https://privowny.com

HIEofOne -http://hieofone.org

Wault for Health - https://wault.wymsical.com

Blockstack - https://blockstack.org


PICO Labs aligned with ARIES - https://picolabs.atlassian.net


WALLETS

  • narrowly defined around holding credentials

uPort - https://www.uport.me

Civic - https://www.civic.com

JoloCom - https://jolocom.io

BlockchainCommons key recovery airgap- https://www.blockchaincommons.com

Sphere - https://www.sphereidentity.com

VeresOne Web Profile - https://veres.one


Just Crypto

- electron

- Pillare