Awesome

Rebooting the Web of Trust X: Buenos Aires (March 2020) [CANCELLED]

Virtual Papers

Rebooting the Web of Trust X (Spring 2019) Virtual Papers

Though we were unable to have a design workshop, some planned participants produced collaborative papers virtually.

Quantum Secure DIDs (Text)

by Dr. Carsten Stöcker (Spherity GmbH), Dr. Samuel M. Smith (ProSapien LLC), Co-author (editor): Dr. Juan Caballero (Spherity GmbH)

The cyberworld in which we spend our days — and upon which our lives depend — is built on weak security guarantees at the atomic level of the informational stack, and it is becoming more and more justified to question their longevity as building blocks. From nation-states trying to sway elections with fake news to ransomware that shuts down hospitals, we are living in a "Wild West" in which seemingly any data, or any transaction, may be compromised if interested parties devote enough resources to the attack. And like travellers in a lawless frontier, we are left to scan the horizon constantly for trouble, scrambling to plug the leaks in defences we cannot trust completely.

The objective of this paper is to describe a mechanism for protecting DIDs using existing ciphers for signing during the transition phase to a fully quantum-secure decentralised identity infrastructure. This mechanism is designed to support DIDs but its core mechanisms are identifier-independent and DID:method-independent. Analysis of secure key-management solutions for multiple keys and quantum-resistant ciphers for signing are beyond the scope of this paper and assumed to progress in parallel. This paper describes a quantum-resistant architecture for today's non-quantum-resistant ciphers*, intended to be retrofitted to existing systems.

Topics & Advance Readings

We also have great Topics & Advance Readings on interesting subjects. Read them over, consider what people are concerned about right now in the field, and think about whether you'd like to advance these topics at RWOT11.

Topical Listing of Topcs & Advance Readings

Authorization and Delegation

Delegated Authorization - The Alice to Bob Use Case

by Adrian Gropper
"Identity, identifiers and credentials are not an end in themselves. They are essential ingredients, among others, for practical transactions involving multiple parties. Decentralization challenges transaction protocols that support self-sovereignty for individuals in highly asymmetric relationships with institutions. The Alice to Bob Use Case merges the SSI and open authorization domains to speed adoption of emerging standards while also promoting decentralization."
#did #web #outreach #authorization #storage

Communication

An RWOT Animation Project

by Erica Connell and Joe Andrieu
A creative brief for a proposed 1 minute animation on decentralized identity
#creative #communications #outreach

Compliance

Credential Types for Compliance

by Rieks Joosten
Creating what one might call an SSI infrastructure is one thing, actually using it is quite another. A prerequisite for using it is a positive business case, and for may, also (provable) compliance with applicable laws, regulations and policies. This paper aims to come to grips with this compliance aspect.
While the contents and structure are intentionally left open, an illustration is given of how this might work, using the Mya use-cases of the whitepaper on guardianship of the Sovrin Guardianship Task Force. It also gives a basis for discussing/developing credential types for compliance-related purposes, such as for guardianship, mandates and delegation.
#compliance #jurisdiction #guardianship #mandates #delegation

Confidential Computing

TEE & e As Privacy Proofs

by Tarek El-Gillani (tarek@cloudmask.com)
"Using VCs and Trusted Execution Environment, Applications developers/providers can demonstrate to end-users that they indeed restrict access to their private data for the agreed-upon purpose and time duration."
#tee #vc #privacy

DID

DID and the Web

by Ivan Herman
"The DID (and VC) Use Cases documents have a number of interesting use cases, from health care application to university credentials, or from corporate tax issues to travel documents. There is, however, comparatively little about what the use cases and requirements are on the relationship of DIDs (and VC's) and the Web."
#did #web #semanticweb #outreach

Why Matrix Parameters?

by Markus Sabadello
"Matrix parameters are a syntax component of DID URLs that make it possible to include parameters for the DID resolution process in a DID URL. This topic paper discussed why the community introduced matrix parameters in DID URL syntax, and how their use is different from the more familiar query parameters."
#did #url #matrixparameters

Interplanetary Linked Data (IPLD) using CBOR and COSE-signed payloads

by jonnycrunch
"In this paper, I aim to discuss Concise Binary Object Representation (CBOR), which is the native data format used when storing IPLD objects and why it is a superior document syntax for representing DID documents. In making my case, I will also explain how content addressing through hash-based linking is a better approach as compared to JSON-LD and how to cryptographically sign a CBOR data in IPLD using COSE."
#did #ipld #cbor #cose

Quantum Secure DIDs

by Carsten Stöcer
"To address the risk of the advent of quantum computers for decentralized identity solutions, we propose to introduce a simple method using one-time signing keys and key rotation to protect our digital identity while using existing cryptographic ciphers for signing and hashing. Sam Smith's KERI is a potential candidate for implementing the proposed method. This approach shall allow us already today to prepare for the age of quantum attacks on our identity infrastructure."
#did #KERI #KERL #Quantum #Computing #KeyRotation

Ecosystem Development

Bearing Witness

by Eric Welton
"How does verifying a pre-existing credential differ from primary issuance. How can the act of bearing witness to a credential become part of the digital ecology - or does it have no place at all?"
#ssi-lite

Building a Self-Issued OpenID Connect Provider

by Peter Saxton
What is the smallest step towards adopting a system of decentralized credentials? Can we build a compelling Self-Issued OpenID Connect Provider today.
#authentication #web #oidc

Digital Wallets: Interoperability support for multiple data hubs, data services and portability

by Ron Kreutzer
Multiple data hubs/vaults/lockers will likely exist in a user's identity ecosystem, and digital wallets must be able to interact with a variety of storage providers as well as data services that act upon this data. A set of standards or operating principles need to exist to allow interoperability as well as portability that allow a user to swap digital wallet providers.
#digitalwallet #datavault

Mapping Adequacies

by Juan Caballero
A set of heuristics that could help documentation of best-practices and not-best-practices be widely understood by technical and non-technical readers with a wide range of levels of experience and agendas.
#documentation #compliance #ssi-lite #bestpractices

Encrypted Data Vault

An Encrypted Data Vault Sprint

by Manu Sporny
"A list of suggestions on work that could be completed at RWOT10 to move the Encrypted Data Vault specification forward."
#ssi #storage #edv

Registries and Interoperability

Using Registries to Facilitate Interoperability

by Michael B. Jones
This topic paper will explore how and why registries are used in practice to facilitate interoperability among software systems implementing a standard.
#registries #interoperability #extensibility #experiences #lessons

Use Cases

Sharing Personal Health Data to Improve Treatment of Chronic Conditions

by Benay Dara-Abrams
"Believing that no single app or device provides all the information for an individual's health story, Open mHealth is focused on making patient-generated data from disparate sources accessible, developing the IEEE P1752 Standard for Mobile Health Data to harmonize and help make sense of digital health data. I would like to work with others to develop scenarios demonstrating how decentralized digital identity can help in protecting Personally Identifiable Information (PII), Personal Information (PI), and Protected Health Information (PHI) while facilitating sharing of personal health data to improve monitoring and treatment of chronic conditions."
#use-case #open-mhealth #did #ieee-p1752

Verifiable Claims

Verifiable Claims for Postal Addresses: A Use Case for Decentralized Postal Services using DIDs, VCs and Blockchains

by Moses MA
We propose to facilitate the collaborative drafting of a technical paper that describes the principles and key design considerations for verifiable “physical address” claims. The global postal network now seeks to understand the “decentralization revolution” and help to develop game-changing, blockchain-powered new business models for the world. We believe that, in turn, the active endorsement, support and participation of the global postal industry could provide a tipping point for adoption of DIDs and VCs. This is a first step toward that desired future.
#did #vc #physical-address

Alphabetical Listing of Topics & Advance Readings

Complete Rebooting the Web of Trust Listing

A different repository is available for each of the Rebooting the Web of Trust design workshops:

License

All of the contents of this directory are licensed Creative Commons CC-BY their contributors.