Difference between revisions of "Distributed Identity"

From MgmtWiki
Jump to: navigation, search
(Context)
(Problems)
Line 12: Line 12:
 
* The big problem is [[Trust]] where there are no standards or examples of any trust without a history of trusted behavior.
 
* The big problem is [[Trust]] where there are no standards or examples of any trust without a history of trusted behavior.
 
* Beware of time-stamping services posing as trust anchors. Bellcore created such a service in the early 1990 and spun it off into a separate company in 1994.<ref>BELLCORE SPINS OFF NEW COMPANY TO OFFER DIGITAL NOTARY (TM)(SM) SERVICE  http://seclists.org/interesting-people/1994/Mar/100</ref> None of these services provide any trust in the contents of the documents.
 
* Beware of time-stamping services posing as trust anchors. Bellcore created such a service in the early 1990 and spun it off into a separate company in 1994.<ref>BELLCORE SPINS OFF NEW COMPANY TO OFFER DIGITAL NOTARY (TM)(SM) SERVICE  http://seclists.org/interesting-people/1994/Mar/100</ref> None of these services provide any trust in the contents of the documents.
* Proof of Persistent Identity must be provided. This can be little more than the inclusion of a public key in a blockchain, which cannot have any [[Assurance]] of protection of the [[Credential]].
+
* Proof of Persistent Identity must be provided. This can be little more than the inclusion of a public key in a blockchain, but that cannot have any [[Assurance]] of protection of the [[Credential]].
  
 
==Solutions==
 
==Solutions==

Revision as of 09:34, 6 August 2018

Full Title or Meme

A means to distribute the sources of Identifiers and Attributes while giving more choice to Users.

Context

  • The current paradigm in open identity is for each conforming Relying Party to provide a list of Identifier or Attribute Providers that the User could chose from to allow access.
    • In this model it was up to the Relying Party to establish a link and share a secret with the Identifier or Attribute Provider in advance of any transactions.
    • It also required the user to pre-register with one or more of those providers, typically one of the big social sites, like: Google, Microsoft or Facebook.
  • The current most common protocol for some sort of a Distributed Identity was OpenID Connect which included Self-issued Identity, but that concept never succeeded in the marketplace.
  • Now other organizations believe that they can succeed where the OpenID foundation failed.

Problems

  • The big problem is Trust where there are no standards or examples of any trust without a history of trusted behavior.
  • Beware of time-stamping services posing as trust anchors. Bellcore created such a service in the early 1990 and spun it off into a separate company in 1994.[1] None of these services provide any trust in the contents of the documents.
  • Proof of Persistent Identity must be provided. This can be little more than the inclusion of a public key in a blockchain, but that cannot have any Assurance of protection of the Credential.

Solutions

References

  1. BELLCORE SPINS OFF NEW COMPANY TO OFFER DIGITAL NOTARY (TM)(SM) SERVICE http://seclists.org/interesting-people/1994/Mar/100
  2. Decentralized Identity Foundation working groups http://identity.foundation/working-groups