🚀DIF Monthly #21 (Aug, 2021)

Table of contents

1. Group Updates; 2. Member Updates; 3. Funding; 4. DIF Media; 5. Members; 6. events; 7. Jobs; 8. Metrics; 9. Join DIF

🚀 Foundation News

DIF "Frequently Asked Questions" Knowledgebase

DIF has launched a massive knowledgebase, structured as a long series of frequently-asked questions and answers. This synthesizes a year of educational efforts in the interop WG, blog posts, newsletters, and many other DIF inputs in a format we hope will be useful as a reference and onboarding document throughout the decentralized identity space. Please peruse it, particularly the sections about your personal research focus and/or your company's specialty and products, opening issues or PRs on github wherever you feel a correction or addition is needed. This is intended as a community resource, so PRs are open to your input!

🍾 DIF Welcomes Chris Kelly at Comms

Hello and greetings to all! I am delighted to introduce myself as DIF's new communications director. I am originally from Dublin, Ireland, and home is now Berlin, Germany. I'm excited to get involved at DIF, support members in their documentation efforts and bring the decentralised identity conversation to a wider audience. I've spent time in the advertising and non-profit sectors, as a video producer, a sysadmin, and I cohost a comedy drag talkshow on YouTube. At DIF I'll be working on things like promoting our blog and managing our social media channels, and I have some exciting ideas in store.
Visit my drop-in office hours Tuesdays at 8pm CET (11am PT, 2pm EST) for a chat, or reach out to me directly via Slack or email.
I am always happy to hear your feedback and ideas for articles and initiatives!

🛠️ Group Updates

☂️ InterOp WG (cross-community)

• New Chairs of the Interop Group:
  • David Waite (PingIdentity)
  • Snorre Lothar von Gohren Edwin (Diwala)
• John Jordan - the ToIP vision and governance for decentralized identity
• Conversation about SSI, "eIDAS 2.0" and possible cooperation with the European Blockchain Services Infrastructure.
  • EBSI: is this about roots of trust or trust frameworks?
    • EBSI: European Blockchain Services Infrastructure
  • eIDAS 1.0 was defining eIDs in a way that allows crossborder interop
  • the EU digital ID & VC-holding wallets and EBSI should be seen as two distinct movements
  • EU member states still can chose to adopt, or fork, or ignore whatever EBSI does
    • they want to avoid potential misalignement of independent implementations across the EU
• here is the EBSI documentation homepage that gets updated regularly
  • Report from the OIDF Working Groups with David Waite and Kristina Yasuda.
    • Discussion about identity history, SIOP, WebAuthN, NFC support.
      • history of the past 12 years in identity world
        • OAuth1, Oauth2, Keybase etc.
      • "Different kind of trust, can anchor with more sources of identity."
      • With SIOP, you do self-generated and pairwise keys - ephemeral, not rooted to anything.
      • one of reasons I think that "Sign in with Google" is so attractive is that I expect their Google account to outlast my account - so I don't have to do recovery.
      • OIDF is interested in using VP as recovery scheme (e.g. drivers license).
        • If shared during registration, becomes source of registration for recovery.
        • repairing a damaged trust relationship is very time-, cost- and labor-intensive for a company. Using VP can help reestablish the trust relationship, spares asking secret questions, extra data eg. Mom's name, pets etc.
      • Discussion about OpenID Connect for Verifiable Presentation
        • Previous term: portable identifiers. For existing hosted provider, is there a way to include/assert DID ownership in challenge with other parties?
      • Aggregated and Distributed Claims.
        • upstream credentials without defined retrieval mechanism. Potential overlap with Credential Manifest

💡 Identifiers & Discovery

• New time for UR Calls: Wednesdays 2PM CET (8AM ET).
• Discussion about EBSI Ledger and Trust - List of Trusted Registries, Registry Properties, "Onboarding Service", LoA, key security, eIDAS, Current Status of EBSI
• Discussion about Historical Key Resolution.
  • A DID document could point to a hub, which contains a list of historical keys associated with the DID. This list is signed by a current DID controller key.
  • Using DID URLs, it should be possible to point to a specific historical key at a specific point in time, and it can be dereferenced publicly by anyone.
  • Discussion on implementing this in the Universal Resolver.
  • The ID WG could start a new work item which defines the data structure of historical keys, as well as the format of DID URls that point to them.
• Universal Resolver returning a key in a given format (e.g., JWK(S))
  • Discussions about transform-key DID URL parameter.
  • PoC has been implemented in Universal Resolver.
  • What are possible values? JWK, JWKS, base58, multibase, PEM, ...?
    • Discussion on this approach vs. use media types.
• Discussion about Solid and DIDs.

🛡️ Claims & Credentials

• Workitem Status: WACI-PEX.
• Workitem Status: PE (Maintenance) + Credential Manifest.
• Workitem Status: VC Marketplace.
• Discussion: COVID Vaccination Pass Story.

🔓 DID Auth

• Updates from the OIDF-DIF co-hosted work.
  • OIDC4VP draft that specifies how VPs can be transported using any OpenID Connect flow is maturing - this is an alternative to "empty VPs"
  • Main piece left in OIDC4VP is how to use DIF PE as a query language. There are few outstanding issues in DIF PE GitHub that will be discussed on a call on 4th Aug - join us if interested
  • SIOP V2 (previously known as did-siop) is also making progress. Big discussion happening now is how to secure and perform origin verification in a cross-device flow where verifier and the user wallet are on the different devices.
  • Credential Provider draft is in the process of being integrated into the Claims Aggregation draft to define how VCs can be issues from the OpenID Identity Provider

📻 DID Comm

• PRs
  • 198 - Typ/Cyt Language.
  • 200 - Threading.
  • 209 - Sequencing Extension.
  • 211 - Attachment Format Attribute.
  • 212 - ECDH 1PU Draft 4.
  • 225 - THID / PTHID.
  • 227 - Sender Key Protection.
• DIDComm v2 Library Interface Comparison.
  • DIDComm-rs - Rust - Jolocom (who?) Ivan
  • did-jwt/veramo - Typescript - Oliver
  • Go - Securekey - Baha
• SICPA Support.
  • Tracking Repo: Gemini

📦 Secure Data Storage

• EDV Dedicated Call:
  • Once a data vault has been created, can the owner/controller of the data vault be changed? 22
  • Is the Data Vault Configuration stored as a (plain text) Document/resource or aa an EncryptedDocument in its data vault? 32
  • What should the allowed action/capability for querying an index be? 37
  • All examples must include complete JSON 38
  • Is the Data Vault Configuration stored as a (plain text) Document/resource or aa an EncryptedDocument in its data vault? 63
• Identity Hub Call:
  • Attempt to form a PR-ready opinion about the associations between logical objects. Will the spec allow for both flat and tiered structures across logical objects? Can we specify it in such a way that other structures can be virtually overlayed on top?
  • How might such logical object associations determine how tracking of objects/sync works between instances?
  • Discuss top-level API work/proposals, including DID-relative URLs and object-centric normalization of invocations

🔧 KERI

• IPR boundaries are difficult to navigate and understand - substantive contributions are blocked
• Proposal to map out specifications of common tooling
  • CESR - pointers to relevant KIDs other than 001? possible subspec aligning TF work with KERI work?
    • • IIW session notes
  • How to define “KERI-specific” subset of general-purpose version of CESR-- let’s start descriptively and address that later, it is a significant problem
  • Input to the CESR spec might be this straw man
  • CESAR doesn’t work in strictly-typed languages; it was hard to implement in Rust
  • CESAR <> Sam's CDE encoding mechanism?
• Roadmap proposal

🌱 Sidetree

⚙️ Product Managers

• Specifications of eIDAS Toolbox is still early. Definition of where this toolbox will be specified seems unclear.
• The group is expanding and is looking for an additional chair.

✈️ Travel & Hospitality

• 2 major use cases
  • Share Profile Use Case - developed by Verifiable Credentials & Offers Team.
  • Discount Entitlement - developed by Verifiable Credentials & Offers Team.
• 4 Weekly sub-group meetings:
  • Verifiable Credentials & Offers.
  • Travel Change & Disruption.
  • KYC / Customer Profile / Loyalty.
  • Government Sanctioned Credentials.

🪙 Finance & Banking SIG

• Kevin Tussy, CEO @ Facetec gave a presentation and hosted the discussion.

🦄 Member Updates

• Affinidi
  • Selective disclosure, Share What You Want.
    Read more.

💰 Funding

NGI Open Calls (EU)

• Funding is allocated to projects using short research cycles targeting the most promising ideas. Each of the selected projects pursues its own objectives, while the NGI RIAs provide the program logic and vision, technical support, coaching and mentoring, to ensure that projects contribute towards a significant advancement of research and innovation in the NGI initiative.
• The focus is on advanced concepts and technologies that link to relevant use cases, and that can have an impact on the market and society overall. Applications and services that innovate without a research component are not covered by this model.
• Varying amounts of funding.

Learn more here.

🖋️ DIF Media

🎈 Events & Promotions

The Business of SSI: An IIW Special Topic
Aug 04, 2021 | Virtual Event

Thought leaders, researchers, educators, and more will come together for intensive discussion and thought-provoking dialogue on Opening Up the Learning-Earning Ecosystem, and what that means for your leadership, community, and students. Participants will hear from leaders and drivers of change and be able to engage with panels of experts as well as participate in open discussions on the latest developments within skills-based learning and hiring. Conference attendees will also benefit from learning cutting edge tools and hearing from ongoing pilot projects across the United States.

Internet Identity Workshop XXIII
October 12 - 14, 2021 | Virtual Event

You belong at IIW this Fall! You’ll acquire the real-time pulse of genuinely disruptive technologies that are the foundation of today's important Internet movements. Every IIW moves topics, code, and projects downfield. Name an identity topic and it's likely that more substantial discussion and work has been done at IIW than any other conference!

Books

Manning - 37% off on the book "Self Sovereign Identity"!

Manning is an independent publisher of computer books and video courses for software developers, engineers, architects, system administrators, managers and all who are professionally involved with the computer business. Use the code ssidif37 for the exclusive discount on all products for DIF members.

💼 Jobs

Members of the Decentralized Identity Foundation are looking for:

• Software engineer (Remote)
• Product Design (Austin)
• Fullstack engineer (Austin)

Check out the available positions here.

🔢 Metrics

Newsletter: 4.7k subscribers | 31% opening rate
Twitter: 4.6k followers | 11k impressions | 2.6k profile visits
Website: 20k unique visitors

In the last 30 days.

🆔 Join DIF!

If you would like to get involved with DIF's work, please join us and start contributing.

Can't get enough of DIF?
follow us on Twitter
join us on GitHub
subscribe on YouTube
read us on our blog
or read the archives

Got any feedback regarding the newsletter?
Please let us know - we are eager to improve.