Difference between revisions of "Self-issued Identifier"

From MgmtWiki
Jump to: navigation, search
(Solutions)
m (Solutions)
Line 32: Line 32:
 
*Create resolver code that could be called by any sort of [[Universal Resolver]] in the DID space.
 
*Create resolver code that could be called by any sort of [[Universal Resolver]] in the DID space.
 
*The Decentralized Identity Foundation has been created to enable "an open source decentralized identity ecosystem for people, organizations, apps, and devices". The have a list of areas of interest<ref>Decentralized Identity Foundation working groups http://identity.foundation/working-groups</ref> that include block-chain and universal discovery which seem to be diametrically opposite of [[Privacy]] legislation like the [[GDPR]] and [[California Consumer Privacy Act of 2018]].
 
*The Decentralized Identity Foundation has been created to enable "an open source decentralized identity ecosystem for people, organizations, apps, and devices". The have a list of areas of interest<ref>Decentralized Identity Foundation working groups http://identity.foundation/working-groups</ref> that include block-chain and universal discovery which seem to be diametrically opposite of [[Privacy]] legislation like the [[GDPR]] and [[California Consumer Privacy Act of 2018]].
*Nat Sakamura [https://www.youtube.com/watch?v=tTeN_SxQ_OI presentation on crating a [[Self-issued Identifier]] provider.
+
*Nat Sakamura [https://www.youtube.com/watch?v=tTeN_SxQ_OI presentation on creating a] [[Self-issued Identifier]] provider.
  
 
==References==
 
==References==

Revision as of 17:27, 17 December 2018

Full Title or Meme

When the Subject of an interchange is given the ability to create and manage their own Identifier and their own Identifier or Attribute Provider in support of those Identifiers and Attributes.

Context

  • As a part of the effort to create OpenID Connect the option for the Subject to issue their own Identifiers was explicitly enabled.
  • Distributed ID is a somewhat different concept in that it envisions an identity which is broken into may pieces that are hosted by many different authorities and only brought together in a Relying Party upon User Consent. The impact of that is to allow the user's Attributes to be reference by the use with URLs that both point to the Attributes as a part of a Token that authorizes access by the Relying Party.
  • The current common paradigm in open identity is for each conforming Relying Party to provide a list of Identifier or Attribute Providers that the User could chose from to allow access.
  • If the input identifier for the discovery process contains the domain self-issued.me, dynamic discovery is not performed. Instead the following static values are used.
 {
  "authorization_endpoint":
    "openid:",
  "issuer":
    "https://self-issued.me",
  "scopes_supported":
    ["openid", "profile", "email", "address", "phone"],
  "response_types_supported":
    ["id_token"],
  "subject_types_supported":
    ["pairwise"],
  "id_token_signing_alg_values_supported":
    ["RS256"],
  "request_object_signing_alg_values_supported":
    ["none", "RS256"]
 }

Problems

  • The big problem with any sort of Self-issued Identifier is Trust where there are no standards or examples of any trust without a history of trusted behavior.

Solutions

  • Define the process of creating a DID URL for the Self-issued Identifier.
  • Create resolver code that could be called by any sort of Universal Resolver in the DID space.
  • The Decentralized Identity Foundation has been created to enable "an open source decentralized identity ecosystem for people, organizations, apps, and devices". The have a list of areas of interest[1] that include block-chain and universal discovery which seem to be diametrically opposite of Privacy legislation like the GDPR and California Consumer Privacy Act of 2018.
  • Nat Sakamura presentation on creating a Self-issued Identifier provider.

References

  1. Decentralized Identity Foundation working groups http://identity.foundation/working-groups

Miscellaneous References