The challenge
Interoperability is a basic requirement for secure identity management and seamless communication between identity systems and services.
However, in a world of multiple digital identity standards and protocols, interoperability doesn’t just happen ‘out of the box’.
Identity standards and protocols tend to be flexible by design, entailing a range of decisions about how they should be implemented.
Differences in business priorities, local regulations and how these are interpreted drive divergent implementations, making interoperability hard to achieve in practice.
This means that standards are a necessary, but not sufficient part of interoperability.
Interop Profiles: reducing optionality to enable interoperability
Interop profiles describe a set of specifications and other design choices to establish interoperability. These profiles specify items like
- Data models and supported formats
- Protocols to transfer Verifiable Credentials (VCs)
- Which Decentralized Identifier (DID) methods must be supported
- Supported revocation mechanism
- Supported signature suites
They also specify what’s out of scope, further reducing optionality and easing implementation.
Profiles can be developed to achieve interoperability for a variety of needs in order to establish a trusted ecosystem.
Interop Profiles and Decentralized Identity
There is growing support for interoperability profiles that enable real-world applications of decentralized identity standards and technologies.
For example, the US Department of Homeland Security (DHS) leads the Silicon Valley Innovation Program, which focuses (among other things) on digitization of trade documentation using Decentralized Identifiers and Verifiable Credentials. To prove interoperability, and help build confidence that the solution doesn’t result in vendor lockin, participants have developed profiles and interoperability test suites to ensure they are able to exchange and verify trade credentials.
The International Air Transport Association (IATA) plays a similar role in ensuring interoperability within the travel supply chain (for example, when using verifiable credentials to onboard travel agents and intermediaries to an airline's agency portal).
The Jobs for the Future Foundation has hosted a series of interoperability events (called “JFF Plug Fests”) to select profiles and develop test harnesses demonstrating that individuals can receive and share their credentials using their choice of conformant wallets, and that the flows work across conformant issuers and relying parties.
How DIF is working to make life easier for implementers
The interoperability challenges highlighted in this article matter for our members.
For one thing, it’s hard to build workable products, or viable ecosystems, on top of standards and protocols with divergent implementations.
There’s also a growing need for specific approaches to decentralized identity within different industries, regions, and use cases (such as the trade, travel and employment cases mentioned above).
Interoperability is a core part of the Decentralized Identity Foundation (DIF)’s mission.
Which is why DIF has hosted collaborative work to develop robust interoperability profiles for a number of years.
Examples include the JWT VC Issuance Profile, which describes the technical protocols, data formats, and other requirements to enable interoperable issuance of VCs from Issuers to Wallets (see https://github.com/decentralized-identity/jwt-vc-issuance-profile ), and the JWT VC Presentation Profile, which describes the technical protocols, data formats, and other technical requirements to enable interoperable exchange of VCs presentations between Wallets and Verifiers (see https://github.com/decentralized-identity/jwt-vc-presentation-profile ).
Taking a closer look at these examples, the VC Data Model v1.1 defines the data model of Verifiable Credentials (VCs) but does not prescribe standards for transport protocol, key management, authentication, query language, et cetera. The same is true for DIDs.
A range of specifications are available, providing options for how these things (transport, key management, etc) are achieved, but if implementers have to support all possible specifications (and combinations), it would be a lot of work.
So a profile is a way to make choices and even restrictions for a certain use case, allowing all participants to establish interoperability.
Summary
Collaboration on interoperability is an essential part of the process of establishing a viable digital trust ecosystem.
Interop profiles define specific requirements that must be followed by identity providers, relying parties, and other stakeholders.
DIF provides a neutral venue to collaborate on interop profile development.
Together with our working group tools, best practices and IPR protection, and our members’ subject matter expertise in decentralized identity technologies, DIF is the destination of choice to host this work.
Got a question? Email us - we’ll be happy to discuss your requirements.