State Issued Identifier

From MgmtWiki
Jump to: navigation, search

Full Title or Meme

This is documentation of some of the more common modes of State Issued Identifiers.

Context

The most common forms (which have their own wiki pages) in the Western World are:

  1. EID
  2. Mobile Driver's License

Other places are infamous for creating internal passports which are typically used in states with apartheid modes of social control.

Purposes

There are many reasons for States to issued State Mandated Identifications including:

Examples

Nigeria

Issuing chip cards (2024-07) through banks, but it is unclear if these are really reaching to the places where it is needed link at their porous borders with neighboring states. https://nimc.gov.ng/the-new-e-id-card/

Finland

The selective disclosure model of Finnish ID system is quite simple:

  • There's a relatively small number of claims.
  • Each claim is issued in a separate credential.
  • A relying party can request specific claims by using scope or claims parameter.
  • Resulting vp_token contains one or more credentials with the requested claims.
  • The wallet app can refresh credentials so that claims such as age_over_18 have valid information.

Link to more detailed information https://wiki.dvv.fi/display/DHHJD/SIOPv2+POC+-+Guide+for+Relying+Parties

Tirsteb It seems from the example the holder binding uses did:web. Are the different credentials bound to the same DID? best regards,Tor

Petteri Stenius. Yes, the subject value of the different credentials is the same. The subject is also the holder and the vp_token is signed by the subject.


David Chadwick via Openid-specs-ab 12:50 AM (14 hours ago) How do you address the issue of peer to peer IDs? Do you only use the set of atomic VCs once and get a new set after the first set has been selectively disclose

Kristina Yasuda via Openid-specs-ab 11:42 AM (3 hours ago) to Kristina, Artifact

Hi Petteri,

Why do you need JSON-LD for selective disclosure if you are doing atomic credentials?

In other words, “- Each claim is issued in a separate credential.” Why does this has to be JSON-LD and not JSON serialized?

References