Revision as of 15:44, 11 December 2018 by Tom
Full Title or Meme
- Distributed ID is a somewhat different concept in that it envisions an identity which is broken into may pieces that are hosted by many different authorities and only brought together in a Relying Party upon User Consent.
- The current paradigm in open identity is for each conforming Relying Party to provide a list of Identifier or Attribute Providers that the User could chose from to allow access.
- In this model it was up to the Relying Party to establish a link and share a secret with the Identifier or Attribute Provider in advance of any transactions.
- It also required the user to pre-register with one or more of those providers, typically one of the big social sites, like: Google, Microsoft or Facebook.
- The current most common protocol for some sort of a Distributed Identity was OpenID Connect which included Self-issued Identity, but that concept never succeeded in the marketplace.
- Now other organizations believe that they can succeed where the OpenID foundation failed.
- The big problem is Trust where there are no standards or examples of any trust without a history of trusted behavior.
- Proof of Persistent Identity must be provided. This can be little more than the inclusion of a public key in a blockchain, but that cannot provide any Assurance of protection of the Credential.
- In this wiki the IAP (Identifier or Attribute Provider) supply a Data Category only when that category has User Consent. To get all of those categories that the Relying Party requires, the request needs to go to a User Agent that is able to release the data held across many providers, some of the Thousand Points of Light that apply to the real-world User, but only those appropriate for the Relying Party request are enabled by the user.
- The Hundred Points of Light serve as a metaphor for the Distributed ID.
- Decentralized Digital Identities and Blockchain perspective from Microsoft