🚀DIF Monthly #22

The latest round of updates from DIF: Stay up to date on developments on our Working Groups, W3C DIDCore standards specs, our new Decentralized Identity Knowledgebase and much more.

· 6 min read
🚀DIF Monthly #22

Table of contents

  1. Group Updates; 2. Member Updates; 3. Funding; 4. DIF Media; 5. Members; 6. events; 7. Jobs; 8. Metrics; 9. Join DIF

🚀 Foundation News

DIF "Frequently Asked Questions" Knowledgebase

DIF has launched a massive Decentralized Identity Knowledgebase, structured as a long series of frequently-asked questions and answers. This synthesizes a year of educational efforts in the interop WG, blog posts, newsletters, and many other DIF inputs in a format we hope will be helpful as a reference and onboarding document throughout the decentralized identity space. Please peruse it, particularly the sections about your personal research focus and/or your company's specialty and products, opening issues, or PRs on GitHub wherever you feel a correction or addition is needed. This is intended as a community resource, so PRs are open to your input, and feel free to share the document or subsections on the broader community!

H&T group is looking for more technical engagement

Work on Decentralized Identities continues apace at H&T. There are a number of item-based weekly calls discussing the details of various theoretical models, real-life challenges, and applied use-case scenarios for the sector. Anyone with interest is invited to join their calls and tackle the technical challenges ahead together. More details about the meeting series and how to attend: Here

🛠️ Group Updates

☂️ InterOp WG (cross-community)

  • 8th Sept Presentation by Stephen Curran on Aries: introduction, implementations, interoperability, and test harness
  • Sept saw much excitement and discussion around the W3C announcing its intention to move the DID spec to Recommendation stage, including one public objection from Mozilla
  • Planned meeting to discuss the second-part follow-up to the "Library interop-palooza" discussion (agenda), involving Aries, MATTR, Spruce, and Veramo, was postponed. Comments and additions to the agenda are welcome.

💡 Identifiers & Discovery

  • [Liam McCarty, Unum ID] presented 'Bridging Digital and Physical: Make Identifiers Identify.'
    • Association between the physical world and digital identity is important.
    • Wallets in browsers are tough
    • Standards exist as proof-of-concept (e.g., Webauthn), but are of limited use and scope
    • CTA: We need community action to advocate for general, hardware-backed cryptographic signatures on the web!

🛡️ Claims & Credentials

🔓 DID Auth

Joint working group with OIDF

  • The work on "OpenID Connect for SSI" specification family conducted in liaison between DIF and OpenID Foundation has been presented twice during EIC 2021, mainly featuring two specifications "Self-Issued OP v2 (SIOP v2)" and "OpenID Connect for Verifiable Presentations (OIDC4VP)".
  • Link to the slides: https://t.co/Ltey1guLWu?amp=1
  • Link to the recordings: https://t.co/lTyCZnwef1?amp=1
  • Both specs are ready to start implementing and being improved based on implementation feedback.
  • In OIDC4VP, progress has been made on using Presentation Exchange in the request-response syntax, for example, agreeing to include presentation_submission inside the signed ID token even when VP is being sent back separately as a VP Token.
  • In SIOP v2, some relevant discussions worth highlighting are how to use DIDs as Relying Party's (RP) client_id to resolve it and obtain RP's registration metadata; using universal links and trust frameworks to invoke SIOP instead of using custom URL schema.

📻 DID Comm

  • Adrian (Main Incubator) wants to contribute BLE to DIF in the Name of IDunion.
  • 267 - ECDH-1PU article -> in progress
  • didcomm.org update -> can be already used to register new protocols
  • PRs
    • 277 - Clarifies purpose of to attribute
    • 270 - update the number of recipients keys in a JWE envelope
    • 260 - from_prior now MUST
    • 238 - Multiple keys of different types and Keys negotiation
    • 218 - Need info about multiple recipients
  • Other Discussion Topics
    • 220 - Differentiating different forms of DIDComm messages
    • 138 - foundation / core protocols
    • 250 - combining OOB and feature discovery


  • SAI (Self-Addressing Identifier) crate announcement
    • hash-based/self-addressing only
    • Using KERI for SSH
    • provide a module for PAM to allow anyone to use KERI keys to log in to a machine
    • DIDComm and KERI
      • KEL/TEL interop is… hard
      • serialization in a common/standard way is needed
    • breaking out KERI sub-modules
      • KERI addresses many of the negative feedback points on the DID spec
      • can parts of KERI be broken out to be used in other ID systems?
        • complexity of KERI makes progress on implementation slower
        • decoupling modules make maintenance and usage easier

🌱 Applied Crpyto WG

🌱 Wallet Security WG

  • individual capabilities vs. groups/level of assurances
    • Examples for different Wallet Security Levels:
      • Level 1: German government issues Digital Passport to the recipient
      • Level 2: AWS issues "Solution Architect" certification to the recipient
      • Level 3: Home Depot issues free membership cards to the recipient
  • most high-security relevant questions (especially in regulated use cases) are handled upfront in the design/certification phase. Therefore certification/assertion of the wallet will be highly relevant

⚙️ Product Managers (Keith)

  • There were no meetings in August

✈️ Hospitality & Travel

  • H&T have presented two excellent Use-Case Webinars
  • #1 (11 Aug 2021) / Decentralized Identity for Hospitality & Travel
    • On-demand profile element sharing – using SSI to simplify profile updates for consumers and to ensure more current and accurate info for travel providers
    • 50% of YouTube viewers found the Webinar via browsing and 25% via search, indicating relevance and promotion by YT algorithm
  • #2 (01 Sep 2021) / Hospitality & Travel Use Cases
    * I'm entitled to a discount – using SSI to change the selling model to a more personalized, peer-to-peer approach where a traveler with multiple credentials can shop for the best offer across multiple brands and discount programs
    • Both of these webinars serve as an exploration of how Decentralized Identities can both meet existing needs and redefine user-, commercial- and state-processes, and also as an applied business case to pitch the tech to interested vendors and relevant authorities.

🪙 Finance & Banking

  • Presentation by Lennart Lopin, CTO of Byte Federal
    • AML/KYC requirements for crypto businesses in the intersection between legacy banking and cryptocurrency, cash logistics, and law enforcement
    • Personal identifiable information and Identity Theft: security requirements and data privacy policies vs. Bank Secrecy Act and the proliferation of personal data
    • Big Data and Big Tech combined with Surveillance State and Regulation overload - challenges for the private citizen and new paradigm shifts enabled by strong cryptography
    • Trade-offs are necessary, but solutions need to be re-engineered from the ground up and involve correct policy goals first. A free society saves lives, innovates, and lifts humanity.

🦄 Member Updates

  • Affinidi
    • A lot of exciting updates for developers interested in Self Sovereign Identity (#SSI) and Verifiable Credentials (#VC) :
      • Selective Disclosure
      • Support for different key types under your DID
      • Better performance on user encrypted VC backup storage

💰 Funding


NGI Open Calls (EU)

  • Funding is allocated to projects using short research cycles targeting the most promising ideas. Each of the selected projects pursues its own objectives, while the NGI RIAs provide the program logic and vision, technical support, coaching and mentoring, to ensure that projects contribute towards a significant advancement of research and innovation in the NGI initiative.
  • The focus is on advanced concepts and technologies that link to relevant use cases and that can have an impact on the market and society overall. Applications and services that innovate without a research component are not covered by this model.
  • Varying amounts of funding.
  • Learn more here.

🖋️ DIF Media

ECDH-1PU Implementation

DIDComm has written an explanatory article on ECDH-1PU, a key derivation process that improves mechanisms for sender authenticity verification, as well as significant performance gains and potential privacy benefits over existing ECDH-ES approaches. As it continues to be included in several implementations, it advances on the Standards Track at IETF and approaches maturity as a specification.

🎈 Events & Promotions

Connect:ID is happening IRL in Washington DC 5th & 6th of October

  • Juan Caballero and Kaliya Young are co-chairing a Decentralized Identity Panel

Internet Identity Workshop XXIII
October 12 - 14, 2021 | Virtual Event

You belong at IIW this Fall! You'll acquire the real-time pulse of genuinely disruptive technologies that are the foundation of today's important Internet movements. Every IIW moves topics, code, and projects downfield. Name an identity topic, and more substantial discussion and work have likely been done at IIW than any other conference!


Manning - 37% off on the book "Self Sovereign Identity"!

Manning is an independent publisher of computer books and video courses for software developers, engineers, architects, system administrators, managers, and all who are professionally involved with the computer business. Use the code ssidif37 for the exclusive discount on all products for DIF members.

💼 Jobs

Members of the Decentralized Identity Foundation are looking for:

  • Software engineer (Remote)
  • Product Design (Austin)
  • Fullstack engineer (Austin)

Check out the available positions here, and don't forget to list your opportunities on our job boards to find talented candidates from DIF membership and beyond!

🔢 Metrics

Newsletter: 4.8k subscribers | 25% opening rate
Twitter: 4.75 followers | 6.3k impressions | 2.2k profile visits
Website: 20.5k unique visitors

In the last 30 days.

🆔 Join DIF!

If you would like to get involved with DIF's work, please join us and start contributing.

Can't get enough of DIF?
follow us on Twitter
join us on GitHub
subscribe on YouTube
read us on our blog
or read the archives

Got any feedback regarding the newsletter?
Please let us know - we are eager to improve.

Related Articles

🚀DIF Monthly #26
· 8 min read
🚀DIF Monthly #25
· 7 min read

New year, new you?

DIF is hiring! We are looking for a full-time Program Manager to oversee, facilitate and support our ongoing work. Is this you or do you someone who would be perfect for the role?

· 1 min read
🚀DIF Monthly #24
· 9 min read
🚀DIF Monthly #23
· 7 min read