Read on Twitter
Last week I attended my first #IIW and had an absolute blast meeting a fantastic bunch of like-minded people and discussing all things decentralized identity.
Here are my Top 5 Technical Takeaways from #IIW36 🚀🚀
Here are my Top 5 Technical Takeaways from #IIW36 🚀🚀
1. The EU Architecture and Reference Framework (#EU #ARF) defines the direction for the industry credentials
Shout out to @tlodderstedt and Paul Bastian for expertly running a host of sessions on the #EU #ARF and for breaking down the difference between Type 1 and Type 2 VCs.
Shout out to @tlodderstedt and Paul Bastian for expertly running a host of sessions on the #EU #ARF and for breaking down the difference between Type 1 and Type 2 VCs.
Type 1 = #PIDs
- A higher level of assurance VC, using either MDL or SD-JWT flavours
Type 2 = Attestation VCs
- A lower LoA VC, using either MDL, SD-JWT or JSON-LD flavours
Both types will use OpenID Connect for Verifiable Credentials for the issuance and attestation exchange
- A higher level of assurance VC, using either MDL or SD-JWT flavours
Type 2 = Attestation VCs
- A lower LoA VC, using either MDL, SD-JWT or JSON-LD flavours
Both types will use OpenID Connect for Verifiable Credentials for the issuance and attestation exchange
2. SD-JWT is a good middle-ground
@kristinayasuda and Brian Campbell ran a great session diving deep into the workings of Selective Disclosure JWT.
SD-JWT is a relatively simple derivation from VC-JWT, with already a good set of libraries for identity vendors to build on.
@kristinayasuda and Brian Campbell ran a great session diving deep into the workings of Selective Disclosure JWT.
SD-JWT is a relatively simple derivation from VC-JWT, with already a good set of libraries for identity vendors to build on.
SD-JWT enables a holder to choose which claims from a particular credential they would like to share with a verifier.
It does not completely protect against verifier collusion and correlation - but it is great middle-ground, satisfying privacy requirements for the EU.
It does not completely protect against verifier collusion and correlation - but it is great middle-ground, satisfying privacy requirements for the EU.
An SD-JWT "interop profile" was also proposed and presented by @tlodderstedt and Paul Bastian to allow identity vendors to build using a common set of protocols and standards, aligning with the EU ARF.
3. Trust Management is still largely unresolved
The lack of a compelling Trust Management protocol has contributed to the EU and the associated SD-JWT interop profile proposing to stick with X.509 certificates and OpenID style IDs rather than using DIDs at this layer.
The lack of a compelling Trust Management protocol has contributed to the EU and the associated SD-JWT interop profile proposing to stick with X.509 certificates and OpenID style IDs rather than using DIDs at this layer.
There is an opportunity for the community to drive this forward a new Trust Management model which is more decentralised and equally secure.
I ended up hijacking @tlodderstedt's session on Trust Management in order to show a potential solution using DID-Linked Resources (DLRs)😄
I ended up hijacking @tlodderstedt's session on Trust Management in order to show a potential solution using DID-Linked Resources (DLRs)😄
4. DID-Linked Resources is worth understanding
@trustoverip's Andor Kesselman and myself ran a session on how DLRs can be used to store and retrieving Trust Establishment files or Trust Registries, creating a standardised protocol for referencing and retrieval of these objects.
@trustoverip's Andor Kesselman and myself ran a session on how DLRs can be used to store and retrieving Trust Establishment files or Trust Registries, creating a standardised protocol for referencing and retrieval of these objects.
Off the back of this, during @scurranC3I's session on Understanding Overlay Capture Architecture, we also discussed how we could create a far more available and extensible format for fetching Capture schemes using DLRs, rather than using short-term solutions such as GitHub pages.
The DID-Linked Resource approach even got a shout out during the closing circle of Day 2 by the one and only @drummondreed!
Our presentation can be found here: docs.google.com/presentation/d…
Our presentation can be found here: docs.google.com/presentation/d…
5. Web 15.2: Bigger is not always better
A running joke throughout the conference was people calling sessions on new Web versions, which spiralled into a discussion on Web 15.2. The point of this session was to call out the amount of marketing fluff in the industry.
A running joke throughout the conference was people calling sessions on new Web versions, which spiralled into a discussion on Web 15.2. The point of this session was to call out the amount of marketing fluff in the industry.
This narrative dovetailed well with our reveal of creds.xyz, a new user platform and interface for managing and sharing community credentials. Enabling users to port their reputation between different platforms, protocols and communities.
What resonated with those who saw our demo was the fact that none of the product was a demo theatre performance, all of the functionality was leveraging cheqd’s native identity capabilities: DIDs, DID-Linked Resources and VCs under the hood and working as intended!
If you're interested in creds.xyz, you can sign up for our beta release by visiting the website.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
