The Sovereign Web-Of-Trust Model / Dynamic Web of Trust?

From IIW
Jump to: navigation, search

The Sovereign Web-Of-Trust Model / Dynamic Web of Trust?

Thursday 5B

Convener: Drummond Reed, Jacob S

Notes-taker(s): Drummond Reed

Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:

This session was given by Drummond Reed, a trustee and Chair of the Sovrin Trust Framework Working Group at the Sovrin Foundation. 

The session started by recapitulating the basic concepts of self-sovereign identity (SSI) from the SSI 101 and 102 sessions on Tuesday and Wednesday morning, especially the roles of Issuers, Holders (Identity Owners), and Verifiers of digital credentials. See the first slide deck below.

It then reviewed the content of the second slide deck on the core concepts of the Sovrin Web of Trust model in order to explain how digital credentials can be scaled into any size trust network, from a small network for a single school, town, church, or business to a global network like Visa or MasterCard.

  • Identity owners are the core participants in the Sovrin network. They hold digital credentials issued by Issuers and then they present them to Verifiers in order to access a protected resource or authorize a transaction.
  • Trust anchors are recognized as the authoritative issuers for a particular set of digital credentials. For example, governments are trust anchors for government IDs; universities are trust anchors for degrees and transcripts; credit unions are trust anchors for credit union memberships, etc.
  • Trust hubs are "trust anchors for trust anchors", i.e., directory services that allow verifiers to efficiently verify that a trust anchor is authoritative for a particular type of credential for a particular trust network under a particular trust framework.

This was followed by a long Q&A about different aspects of this model, including how it compared to and was different than conventional hierarchical PKI models of trust (main answer: it is a superset, i.e., any number of PKI trust hierarchies could participate within the Sovrin web of trust).

Drummond invited anyone interested to join the Sovrin Trust Framework Working Group by the Sovrin Foundation contact page,, or by joining the Sovrin Slack and sending Drummond a direct message. 


  1. IIW Introduction to Self-Sovereign Identity
  2. The Sovrin Web of Trust Model
  3. The Sovrin Glossary
  4. The Sovrin Trust Framework
  5. Sovrin Trust Framework Working Group Meeting Page