Difference between revisions of "Distributed Identity"
|Line 10:||Line 10:|
The big problem is [[Trust]] where there are no standards or examples of any trust without a history of trusted behavior.
The big problem is [[Trust]] where there are no standards or examples of any trust without a history of trusted behavior
Revision as of 10:52, 31 July 2018
Full Title or Meme
A means to distribute the sources of identity and give more choice to Users.
- The current paradigm in open identity is for each conforming Relying Party to provide a list Identifier or Attribute Providers that the use could chose from to allow access.
- In this model it was up to the Relying Party to establish a link and share a secret with the Identifier or Attribute Provider in advance of any transactions.
- It also required the user to pre-register with one or more of those providers, typically one of the big social sites, like: Google, Microsoft or Facebook.
- The current most common protocol for this version of a Distributed Identity was OpenID Connect which also enabled Self-issued Identity, but that concept never succeeded in the marketplace.
- Now other organizations believe that they can succeed where the OpenID foundation failed.
- The big problem is Trust where there are no standards or examples of any trust without a history of trusted behavior.
- Beware of time-stamping services posing as trust anchors.
The Decentralized Identity Foundation has been created to enable "an open source decentralized identity ecosystem for people, organizations, apps, and devices". The have a list of areas of interest that include block-chain and universal discovery which seem to be diametrically opposite of Privacy legislation like the GDPR and California Consumer Privacy Act of 2018.
- Decentralized Identity Foundation working groups http://identity.foundation/working-groups