In advance of the design workshop, all participants produced a one-or-two page topic paper to be shared with the other attendees on either:
- A specific problem that they wanted to solve with a web-of-trust solution, and why current solutions (PGP or CA-based PKI) can't address the problem?
- A specific solution related to the web-of-trust that you'd like others to use or contribute to?
If you will be attending Rebooting the Web of Trust Spring 2020 in Buenos Aires, Argentina, please upload your topic papers and advanced readings to this directory with a pull request.
To add a paper, create a pull request to this repo with your contribution (preferably as an .md file, but if you can't, as a PDF), along with updates to the README.md in this folder. Please also include a byline with contact information in the paper itself.
Please also enter your paper twice in this README file, once in the topical listing (adding a new category describing your topic, if necessary) and one in the alphabetical listing. Please be sure to include the full URL for your paper in the README, so that we can copy it to the main page URL and have it still correctly link.
If you don't know how to submit a pull request, please instead submit an issue.
These primers overview major topics which are likely to be discussed at the design workshop. If you read nothing else, read these. (But really, read as much as you can!)
- RWOT Primer — How the design workshop works
- DID Primer — Decentralized Identifiers (extended version also available)
- Functional Identity Primer — A different way to look at identity
- Verifiable Credentials Primer — the project formerly known as Verifiable Claims
- Glossary of Terms — a brief dictionary of technical terms used at RWOT
Delegated Authorization - The Alice to Bob Use Case
- by Adrian Gropper
- "Identity, identifiers and credentials are not an end in themselves. They are essential ingredients, among others, for practical transactions involving multiple parties. Decentralization challenges transaction protocols that support self-sovereignty for individuals in highly asymmetric relationships with institutions. The Alice to Bob Use Case merges the SSI and open authorization domains to speed adoption of emerging standards while also promoting decentralization."
- #did #web #outreach #authorization #storage
- by Erica Connell and Joe Andrieu
- A creative brief for a proposed 1 minute animation on decentralized identity
- #creative #communications #outreach
Credential Types for Compliance
- by Rieks Joosten
- Creating what one might call an SSI infrastructure is one thing, actually using it is quite another. A prerequisite for using it is a positive business case, and for may, also (provable) compliance with applicable laws, regulations and policies. This paper aims to come to grips with this compliance aspect.
- While the contents and structure are intentionally left open, an illustration is given of how this might work, using the Mya use-cases of the whitepaper on guardianship of the Sovrin Guardianship Task Force. It also gives a basis for discussing/developing credential types for compliance-related purposes, such as for guardianship, mandates and delegation.
- #compliance #jurisdiction #guardianship #mandates #delegation
- by Tarek El-Gillani (tarek@cloudmask.com)
- "Using VCs and Trusted Execution Environment, Applications developers/providers can demonstrate to end-users that they indeed restrict access to their private data for the agreed-upon purpose and time duration."
- #tee #vc #privacy
- by Ivan Herman
- "The DID (and VC) Use Cases documents have a number of interesting use cases, from health care application to university credentials, or from corporate tax issues to travel documents. There is, however, comparatively little about what the use cases and requirements are on the relationship of DIDs (and VC's) and the Web."
- #did #web #semanticweb #outreach
- by Markus Sabadello
- "Matrix parameters are a syntax component of DID URLs that make it possible to include parameters for the DID resolution process in a DID URL. This topic paper discussed why the community introduced matrix parameters in DID URL syntax, and how their use is different from the more familiar query parameters."
- #did #url #matrixparameters
Interplanetary Linked Data (IPLD) using CBOR and COSE-signed payloads
- by jonnycrunch
- "In this paper, I aim to discuss Concise Binary Object Representation (CBOR), which is the native data format used when storing IPLD objects and why it is a superior document syntax for representing DID documents. In making my case, I will also explain how content addressing through hash-based linking is a better approach as compared to JSON-LD and how to cryptographically sign a CBOR data in IPLD using COSE."
- #did #ipld #cbor #cose
- by Carsten Stöcer
- "To address the risk of the advent of quantum computers for decentralized identity solutions, we propose to introduce a simple method using one-time signing keys and key rotation to protect our digital identity while using existing cryptographic ciphers for signing and hashing. Sam Smith's KERI is a potential candidate for implementing the proposed method. This approach shall allow us already today to prepare for the age of quantum attacks on our identity infrastructure."
- #did #KERI #KERL #Quantum #Computing #KeyRotation
- by Eric Welton
- "How does verifying a pre-existing credential differ from primary issuance. How can the act of bearing witness to a credential become part of the digital ecology - or does it have no place at all?"
- #ssi-lite
Building a Self-Issued OpenID Connect Provider
- by Peter Saxton
- What is the smallest step towards adopting a system of decentralized credentials? Can we build a compelling Self-Issued OpenID Connect Provider today.
- #authentication #web #oidc
Digital Wallets: Interoperability support for multiple data hubs, data services and portability
- by Ron Kreutzer
- Multiple data hubs/vaults/lockers will likely exist in a user's identity ecosystem, and digital wallets must be able to interact with a variety of storage providers as well as data services that act upon this data. A set of standards or operating principles need to exist to allow interoperability as well as portability that allow a user to swap digital wallet providers.
- #digitalwallet #datavault
- by Juan Caballero
- A set of heuristics that could help documentation of best-practices and not-best-practices be widely understood by technical and non-technical readers with a wide range of levels of experience and agendas.
- #documentation #compliance #ssi-lite #bestpractices
An Encrypted Data Vault Sprint
- by Manu Sporny
- "A list of suggestions on work that could be completed at RWOT10 to move the Encrypted Data Vault specification forward."
- #ssi #storage #edv
Using Registries to Facilitate Interoperability
- by Michael B. Jones
- This topic paper will explore how and why registries are used in practice to facilitate interoperability among software systems implementing a standard.
- #registries #interoperability #extensibility #experiences #lessons
Sharing Personal Health Data to Improve Treatment of Chronic Conditions
- by Benay Dara-Abrams
- "Believing that no single app or device provides all the information for an individual's health story, Open mHealth is focused on making patient-generated data from disparate sources accessible, developing the IEEE P1752 Standard for Mobile Health Data to harmonize and help make sense of digital health data. I would like to work with others to develop scenarios demonstrating how decentralized digital identity can help in protecting Personally Identifiable Information (PII), Personal Information (PI), and Protected Health Information (PHI) while facilitating sharing of personal health data to improve monitoring and treatment of chronic conditions."
- #use-case #open-mhealth #did #ieee-p1752
- by Moses MA
- We propose to facilitate the collaborative drafting of a technical paper that describes the principles and key design considerations for verifiable “physical address” claims. The global postal network now seeks to understand the “decentralization revolution” and help to develop game-changing, blockchain-powered new business models for the world. We believe that, in turn, the active endorsement, support and participation of the global postal industry could provide a tipping point for adoption of DIDs and VCs. This is a first step toward that desired future.
- #did #vc #physical-address
- An Encrypted Data Vault Sprint
- An RWOT Animation Project
- Bearing Witness
- Building a Self-Issued OpenID Connect Provider
- Credential Types for Compliance
- Delegated Authorization - The Alice to Bob Use Case
- Digital Wallets: Interoperability support for multiple data hubs, data services and portability
- DID and the Web
- Interplanetary Linked Data (IPLD) using CBOR and COSE-signed payloads
- Mapping Adequacies
- Quantum Secure DIDs
- An RWOT Animation Project
- Sharing Personal Health Data to Improve Treatment of Chronic Conditions
- TEE & VC As Privacy Proofs
- Using Registries to Facilitate Interoperability
- Verifiable Claims for Postal Addresses: A Use Case for Decentralized Postal Services using DIDs, VCs and Blockchains
- Why Matrix Parameters?