From DevSummit
Jump to navigation Jump to search
(notes taken by someone unfgamiliar with lingo/jargon, take it with a grain of salt)

in digital world, contexts can be linked without our consent (in physical world, we physically separate our different contexts, i.e., being both an employee of McDonalds and an environmental activist)

there are two types of indentifiers

  • private namespaces (twitter, discord, Fb, etc)
  • global registries (DNS, phone number)

movingtoward: decentralized identifier (DID), globally resolvable public key encryption endpoint

  • an architecture outaide of conventional power structures
  • v1.1 is part of W3C
  • really long number

decentralized identifiers can be created by anyone, any org, any person

  • you can have as many as you want

public key encryption = super password you never have to share, you can prove you hold the identity

alternative to email as an anchor

  • just as you can have multiple email addresses to have a disaggregated identity
  • if you want to aggregate identities, you use the same identity more than once

sometimes we call "digital identity" and DIDs are layer 1, and it is hidden from normal people as much as possible

layer 2, then, are the connection protocols

then, we have the question of how people manage all these identities - digital wallets

there's this whole world of IDPs - Google, FB, Amazon, TWT, etc - but there was an error in their first sttempt with protocol design - they thought everyone would have their own URL

  • nascar problem = you can have only have so many logos on the website
  • for universities, there's a dropdown of hundreds or thousands of options
  • when you are using the system now, the Googles or Fbs of the world (called ISPs) know where you are logging in, which is a leak of movement data

in the new system, anything can be an "issuer" of the identity, and there is a "holder" (sometimes the "subject," but sometimes not when holding an identity as a guardian, for example)

  • issuer uses public key material to package data into a verifiable credential
  • then there's the verifier - which takes the information to verify what us happening
  • you can also ask the verifier to verify who they are
  • in this three-party model, it is great because the issuer and verifier have no contact with each other
  • there are registries for all kinds of things, you can create a trust network
  • this is not a "phone home" model

what are the barriers to adoption? no one knows about it

many of the interesting implementation are the state level

sybil attacks?

  • not a primary focus of their group, but slightly addressed by the fact that there is an issuer that us saying something about you, can be entity you can trust


  • Credential Community Group at W3C
  • April 16-18 and Oct 29-31: Internet Identity Workshop (conference)

digital identity is coming! and there are choices, and some of them are worse choices

  • worst: phone home systems, especially gov't ones, like Aadhaar in India; in the US
  • not great: mobile drivers license (mDL, ISO 18013-5); TSA deals with Apple w optional phone home
  • better: in California and the EU, VC (verifiable credentials - this is battling with the mDL standard)
  • best: not getting core credentials/ID defined from government (but honestly, right now pragmatically gov'ts will still hold it in the near future)


  • Q1: crypto/anarchism - often, unsophisticated understanding of "identity" - isn't transformative
  • Q2: china, aadhaar, also being pushed by world bank on african countries - authoritiarian
  • Q3: surveillance capitalism
  • Q4: VCs and DID - has a path out

there's a call to action: to build clarity within movement spaces about the movements

  • conspiracy theorists say no to digital identity, but most people already have them - gmail, etc
  • smaller attack surface
  • more ways to prove credibility/trustability - yes, the state has you on a revocation list, but through system can choose whether ot honor that
  • UN Pension Project used something like this
  • there is interest in the humanitarian sector since they are in contact with so many refugees, for example
  • Entidad is another project to pay attention to