https://ssimeetup.org/highlights-internet-identity-workshop-29-drummond-reed-autumn-2019-webinar-38/
SSI Meetup veteran Drummond Reed, Chief Trust Officer at Evernym and Trustee at the Sovrin Foundation, will cover the highlights of the latest edition of the longest-running conference in the Internet identity space—Internet Identity Workshop. Drummond has attended all 29 IIWs, and he will share his major takeaways from this gathering of the movers and shakers in SSI from around the world in the autumn of 2019.
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
Internet Identity Workshop #29 highlights with Drummond Reed
1. Highlights of
Internet Identity
Workshop (IIW)
#29
The latest and greatest developments in SSI
straight from the Internet Identity Workshop
that took place Oct 1- Oct 3 2019, Mt. View, CA
This presentation is released under a Creative Commons license. (CC BY-SA 4.0). SSIMeetup.org
Drummond Reed
Chief Trust Officer Evernym
@DrummondReed
2. 1. Empower global SSI communities
2. Open to everyone interested in SSI
3. All content is shared with CC BY SA
SSIMeetup.org
Alex Preukschat @SSIMeetup @AlexPreukschat
Coordinating Node SSIMeetup.org
https://creativecommons.org/licenses/by-sa/4.0/
SSIMeetup objectives
3. ● Chief Trust Officer, Evernym
● Trustee, Sovrin Foundation
● Chair, Sovrin Governance
Framework Working Group
● Co-Editor, W3C Decentral-
ized Identifier Specification
● All 29 Internet Identity
Workshops!
Who Am I?
SSIMeetup.orgThis presentation is released under a Creative Commons license. (CC BY-SA 4.0).
5. Internet Identity Workshop—Some Background
● First held in Berkeley CA in 2005
● Held every six months since then at the Computer History
Museum in Mountain View,
● Put on by Kaliya Young (@IdentityWoman), Phil Windley
(@windley), and Doc Searls (@dsearls)
● Complete history available at
http://www.internetidentityworkshop.com/
5
SSIMeetup.orgThis presentation is released under a Creative Commons license. (CC BY-SA 4.0).
6. Internet Identity Workshop—Some Background
● Runs for three days: Tue/Wed/Thur
● The format each day is entirely open space:
https://en.wikipedia.org/wiki/Open_Space_Technology
● The agenda is self-organized by the attendees each
morning—5 hour-long slots across 14 meeting rooms
● Lots of informal discussion and hallway meetings
● All-conference dinners Tuesday & Wednesday evenings
6
SSIMeetup.orgThis presentation is released under a Creative Commons license. (CC BY-SA 4.0).
7. Caveats about these Highlights
● I am just one attendee!
● I can only attend one of the dozen sessions in each time
slot (and I miss some due to side meetings/discussions)
● I self-select sessions on the topics I am most
interested/involved in
● If you talk to other attendees, you might get an entirely
different set of highlights
7
SSIMeetup.orgThis presentation is released under a Creative Commons license. (CC BY-SA 4.0).
9. ● 320 attendees!
● Biggest IIW ever
by 20%
● 25+ countries
● Big companies
● Small companies
● Universities
● Governments
● Consortia
● Developers
● Everyone!!
SSIMeetup.orgThis presentation is released under a Creative Commons license. (CC BY-SA 4.0).
10. The fantastic
Heidi Nobuntu
Saul carefully
explains the
Open Space
process to 150
newbies
SSIMeetup.orgThis presentation is released under a Creative Commons license. (CC BY-SA 4.0).
12. It was inevitable
● OpenID Connect (OIDC) is the leading Internet-scale
federation protocol
○ Mature open standard with significant pockets of adoption
● But OpenID and SSI use different identity models
○ OIDC is identity-provider centric; SSI is credential-centric
○ SSI can trigger an explosion of new, portable credentials
● So it only makes sense that existing OpenID customers
want to start bridging to the new world of SSI
12
SSIMeetup.orgThis presentation is released under a Creative Commons license. (CC BY-SA 4.0).
13. ● In June, BC Gov issued
an RFP for integrating SSI
with Keycloak
● Mattr won the award and
developed a solution that
uses an Aries cloud agent
● This agent translates
between DIDComm/VCX
and OIDC
● Tobias Looker, Mattr CTO,
gave a demo
Solution #1: Bridging
SSIMeetup.orgThis presentation is released under a Creative Commons license. (CC BY-SA 4.0).
14. ● SIOP = OpenID Self-
Issued OpenID Provider
● With this solution, an SSI
wallet acts as its own
OpenID Provider
● The DIF DID Auth WG
has written a spec
● Evernym and Microsoft
showed the implementa-
tions they collaborated on
for a UK medical project
Solution #2: SIOP
SSIMeetup.orgThis presentation is released under a Creative Commons license. (CC BY-SA 4.0).
16. Demo Day was insane
● 25 different demos to see in 90 minutes
● 14 new SSI products and services
● 8 included independent SSI wallets
● 5 KYC (Know Your Customer) solutions
● Gluu, estatus, Transmute, Yes.com, ConsenSys, Vivvo,
eduGAIN, Workday, Duo, GET Group NA, Pico Labs, IBM,
DIF, Wireline, Streetcred ID, Kiva, Veridium, HearRo,
Spaceman ID, Blockstack, Xertify, Yubico, ID Ramp 16
SSIMeetup.orgThis presentation is released under a Creative Commons license. (CC BY-SA 4.0).
17. The insanity
begins.
Margo Johnson
of Transmute
shows their
Transmute ID
platform.
SSIMeetup.orgThis presentation is released under a Creative Commons license. (CC BY-SA 4.0).
19. All five startups
from the Sovrin
Incubator were
present and 3
gave demos.
This is
Spaceman ID.
SSIMeetup.orgThis presentation is released under a Creative Commons license. (CC BY-SA 4.0).
20. Streetcred ID
gave you a
digital wallet and
issued you a
verifiable
business card in
less than 5
minutes
SSIMeetup.orgThis presentation is released under a Creative Commons license. (CC BY-SA 4.0).
21. esatus AG from
Germany
showed their
new SeLF
platform for
integrating SSI
with legacy IAM
systems
SSIMeetup.orgThis presentation is released under a Creative Commons license. (CC BY-SA 4.0).
22. IdRamp demo’d
their solution for
using SSI with
enterprise
infrastructure
SSIMeetup.orgThis presentation is released under a Creative Commons license. (CC BY-SA 4.0).
24. Not everything
was SSI—
David Kelts of
Idemia showed
how to share
ISO 18013-5
standard mobile
drivers licenses
over bluetooth,
NFC, and wifi
SSIMeetup.orgThis presentation is released under a Creative Commons license. (CC BY-SA 4.0).
26. DIDs are now being taken as a given in SSI
● In Sept the W3C formed the DID Working Group
● The first meeting was at W3C TPAC in Fukuoka Japan
○ 54 members, 18 companies
● There are now four major categories of DIDs
(ledger-based, peer-based, Layer 2, and alternative)
● All four types were present throughout IIW
26
SSIMeetup.orgThis presentation is released under a Creative Commons license. (CC BY-SA 4.0).
27. Dave Huseby,
Hyperledger
Security Maven,
held 2 sessions
on the did:git
method—with
the goal of
adoption by
developers
everywhere
SSIMeetup.orgThis presentation is released under a Creative Commons license. (CC BY-SA 4.0).
29. DIDComm is the core interop protocol for SSI
● It is how agents and wallets (and ideally hubs)
communicate
● It is how connections can be formed using a common DID
method (did:peer)
● It is the base protocol for verifiable credential exchange
(even across the different VC formats)
29
SSIMeetup.orgThis presentation is released under a Creative Commons license. (CC BY-SA 4.0).
30. Sam Curren of
the Sovrin
Foundation
hosted the first
DIDComm
session to a
packed house—
including Kim
Cameron
SSIMeetup.orgThis presentation is released under a Creative Commons license. (CC BY-SA 4.0).
31. Interest ran so
high that a
second session
was held
Wednesday—
to an even larger
crowd
SSIMeetup.orgThis presentation is released under a Creative Commons license. (CC BY-SA 4.0).
32. Stay tuned for news about how
Hyperledger Aries and DIF plan to
collaborate on DIDComm and other
Hyperledger RFCs (specs)
32
SSIMeetup.orgThis presentation is released under a Creative Commons license. (CC BY-SA 4.0).
33. #6: All 3 Verifiable
Credential 1.0 formats
are going strong
37. Layer One:
DID Networks
(Public Ledgers)
Cryptographic
Trust
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
38. Layer One:
DID Networks
(Public Ledgers)
Cryptographic
Trust
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
DID Working Group
https://www.w3.org/2019/did-wg/
39. Layer One:
DID Networks
(Public Ledgers)
Cryptographic
Trust
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
40. Layer Two:
DIDComm
Protocol Agent + Wallet
Connection
Agent + Wallet
Cryptographic
Trust
Private Pairwise Peer DIDs
Layer One:
DID Networks
(Public Ledgers)
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
41. Layer Two:
DIDComm
Protocol Agent + Wallet
Connection
Agent + Wallet
Cryptographic
Trust
Private Pairwise Peer DIDs
Layer One:
DID Networks
(Public Ledgers)
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
https://wiki.hyperledger.org/display/aries
42. Layer Two:
DIDComm
Protocol Agent + Wallet
Connection
Agent + Wallet
Cryptographic
Trust
Private Pairwise Peer DIDs
Layer One:
DID Networks
(Public Ledgers)
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
43. Layer Two:
DIDComm
Protocol Agent + Wallet
Connection
Agent + Wallet
Cryptographic
Trust
Private Pairwise Peer DIDs
Layer One:
DID Networks
(Public Ledgers)
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
44. Layer Two:
DIDComm
Protocol Agent + Wallet
Connection
Agent + Wallet
Cryptographic
Trust
+HumanTrust
Private Pairwise Peer DIDs
Layer One:
DID Networks
(Public Ledgers)
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
45. Layer Two:
DIDComm
Protocol
Issuer Verifier
Holder
Trust
Layer Three:
Credential
Exchange
Verifiable
Credential
Proof
Agent + Wallet
Connection
Agent + Wallet
Cryptographic
Trust
+HumanTrust
Private Pairwise Peer DIDs
Layer One:
DID Networks
(Public Ledgers)
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
46. Layer Two:
DIDComm
Protocol
Issuer Verifier
Holder
Trust
Layer Three:
Credential
Exchange
Verifiable
Credential
Agent + Wallet
Connection
Agent + Wallet
Cryptographic
Trust
+HumanTrust
Private Pairwise Peer DIDs
Layer One:
DID Networks
(Public Ledgers)
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
https://www.w3.org/TR/vc-data-model/
Proof
47. Layer Two:
DIDComm
Protocol
Issuer Verifier
Holder
Trust
Layer Three:
Credential
Exchange
Verifiable
Credential
Agent + Wallet
Connection
Agent + Wallet
Cryptographic
Trust
+HumanTrust
Private Pairwise Peer DIDs
Layer One:
DID Networks
(Public Ledgers)
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
Proof
48. Layer Two:
DIDComm
Protocol
Issuer Verifier
Holder
Trust
Layer Three:
Credential
Exchange
Verifiable
Credential
Agent + Wallet
Connection
Agent + Wallet
Cryptographic
Trust
+HumanTrust Layer Four:
Governance
Frameworks
Governance
Authority
Private Pairwise Peer DIDs
Publishes
Governance
Framework
Layer One:
DID Networks
(Public Ledgers)
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
Proof
50. The
Trust over IP Stack
SSIMeetup.orgThis presentation is released under a Creative Commons license. (CC BY-SA 4.0).
51. Layer One:
DID Networks
(Public Ledgers)
Agent/Wallet/Hub
Connection
Pairwise Pseudonymous Peer DIDs
Issuer Verifier
Holder
Trust
Layer Three:
Credential
Exchange
Verifiable
Credential ✔Proof
Agent/Wallet/Hub
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
Trust over IP Technology Stack
Technical Trust
Human Trust
Governance
Authority
Publishes
Governance
Framework
> >
Layer Two:
DIDComm
Layer Four:
Governance
Frameworks
52. Layer One:
DID Networks
(Public Ledgers)
Layer Two:
DIDComm
Agent/Wallet/Hub
Connection
Pairwise Pseudonymous Peer DIDs
Issuer Verifier
Holder
Trust
Layer Three:
Credential
Exchange
Verifiable
Credential ✔Proof
Agent/Wallet/Hub
Layer Four:
Governance
Frameworks
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
Trust over IP Technology Stack Trust over IP Governance Stack
Technical Trust
Human Trust
Governance
Authority
Publishes
Governance
Framework
> >
53. Layer One:
DID Networks
(Public Ledgers)
Layer Two:
DIDComm
Agent/Wallet/Hub
Connection
Pairwise Pseudonymous Peer DIDs
Issuer Verifier
Holder
Trust
Layer Three:
Credential
Exchange
Verifiable
Credential ✔Proof
Agent/Wallet/Hub
Layer Four:
Governance
Frameworks
Transaction
Author
Transaction
Endorser
Steward
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
Trust over IP Technology Stack Trust over IP Governance Stack
Network Governance Frameworks
Technical Trust
Human Trust
Governance
Authority
Publishes
Governance
Framework
> >
54. Layer One:
DID Networks
(Public Ledgers)
Layer Two:
DIDComm
Agent/Wallet/Hub
Connection
Pairwise Pseudonymous Peer DIDs
Issuer Verifier
Holder
Trust
Layer Three:
Credential
Exchange
Verifiable
Credential ✔Proof
Agent/Wallet/Hub
Layer Four:
Governance
Frameworks
Hardware
Developer
Software
Developer
Agency
Transaction
Author
Transaction
Endorser
Steward
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
Trust over IP Technology Stack Trust over IP Governance Stack
Network Governance Frameworks
Provider Governance Frameworks
Technical Trust
Human Trust
Governance
Authority
Publishes
Governance
Framework
> >
55. Layer One:
DID Networks
(Public Ledgers)
Layer Two:
DIDComm
Agent/Wallet/Hub
Connection
Pairwise Pseudonymous Peer DIDs
Issuer Verifier
Holder
Trust
Layer Three:
Credential
Exchange
Verifiable
Credential ✔Proof
Agent/Wallet/Hub
Layer Four:
Governance
Frameworks
Trust
Anchor
InsurerCredential
Registry
Hardware
Developer
Software
Developer
Agency
Transaction
Author
Transaction
Endorser
Steward
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
Trust over IP Technology Stack Trust over IP Governance Stack
Network Governance Frameworks
Provider Governance Frameworks
Credential Governance Frameworks
Technical Trust
Human Trust
Governance
Authority
Publishes
Governance
Framework
> >
56. Layer One:
DID Networks
(Public Ledgers)
Layer Two:
DIDComm
Agent/Wallet/Hub
Connection
Pairwise Pseudonymous Peer DIDs
Issuer Verifier
Holder
Trust
Layer Three:
Credential
Exchange
Verifiable
Credential ✔Proof
Agent/Wallet/Hub
Layer Four:
Governance
Frameworks
Trust
Anchor
Insurer
Governance
Authority
Auditor Auditor
Accreditor
Credential
Registry
Hardware
Developer
Software
Developer
Agency
Transaction
Author
Transaction
Endorser
Steward
DID Method
DID Network
DID Method
DID Network
DID Method
DID Network
Trust over IP Technology Stack Trust over IP Governance Stack
Network Governance Frameworks
Provider Governance Frameworks
Credential Governance Frameworks
Technical Trust
Human Trust
Governance
Authority
Publishes
Governance
Framework
> >
Metasystem Governance Frameworks
57. Stay tuned for news about the Sovrin
Foundation moving to a “network of
networks” model based on a shared
metasystem governance framework
57
SSIMeetup.orgThis presentation is released under a Creative Commons license. (CC BY-SA 4.0).
59. The very last
session was
called to discuss
how we can turn
the Sovrin
Glossary into a
community-wide
SSI Glossary
SSIMeetup.orgThis presentation is released under a Creative Commons license. (CC BY-SA 4.0).
60. We ran out of
time to finish the
discussion—but
@Identitywoman
(Kaliya) insisted
that we continue
AFTER closing
circle!
SSIMeetup.orgThis presentation is released under a Creative Commons license. (CC BY-SA 4.0).
61. So a dozen
people met for
another half hour
and concluded to
start a new
Glossary Project
at DIF where the
glossary will be
maintained in a
github repo
SSIMeetup.orgThis presentation is released under a Creative Commons license. (CC BY-SA 4.0).
63. Highlights of
Internet Identity
Workshop (IIW)
#29
The latest and greatest developments in SSI
straight from the Internet Identity Workshop
that took place Oct 1- Oct 3 2019, Mt. View, CA
This presentation is released under a Creative Commons license. (CC BY-SA 4.0). SSIMeetup.org
Drummond Reed
Chief Trust Officer Evernym
@DrummondReed