World Wide Web Consortium and Self-sovereign Identity

World Wide Web Consortium (W3C) and Self-sovereign Identity (SSI)

The World Wide Web Consortium (W3C) has approved a charter for a new Working Group tasked with standardizing the data model and syntax of decentralizedidentifiers (DIDs)—the ID keys of self-sovereign identity.

The Verifiable Claims Working Group has published a Proposed Recommendation of Verifiable Credentials Data Model 1.0. Credentials are a part of our daily lives; driver’s licenses are used to assert that we are capable of operating a motor vehicle, university degrees can be used to assert our level of education, and government-issued passports enable us to travel between countries. This specification provides a mechanism to express these sorts of credentials on the Web in a way that is cryptographically secure, privacy respecting, and machine-verifiable.

Find below a small sample with backlinks to the astoundingly impressive body of work by the World Wide Web Consortium (W3C).

When two software systems need to exchange data, they need to use terminology that both systems understand. As an analogy, consider how two people communicate. Both people must use the same language and the words they use must mean the same thing to each other. This might be referred to as the context of a conversation.

Software systems that process the kinds of objects specified in this document use type information to determine whether or not a provided verifiable credential or verifiable presentation is appropriate

E Pluribus Unum
Photo credit: arbyreed on VisualHunt.com / CC BY-NC-SA

Verifiable credentials and verifiable presentations have many attributes and values that are identified by URIs. However, those URIs can be long and not very human-friendly. In such cases, short-form human-friendly aliases can be more helpful. This specification uses the @context property to map such short-form aliases to the URIs required by specific verifiable credentials and verifiable presentations.

The type system used in the data model described in this specification allows for multiple ways to associate types with data. Implementers and authors are urged to read the section on typing in the Verifiable Credentials Implementation Guidelines [VC-IMP-GUIDE].

At least one proof mechanism, and the details necessary to evaluate that proof, MUST be expressed for a credential or presentation to be a verifiable credential or verifiable presentation; that is, to be verifiable. This specification identifies two classes of proof mechanisms: external proofs and embedded proofs.

united states currency eye
Photo credit: kevindean on VisualHunt / CC BY-NC-SA

The data model detailed in this specification does not imply a transitive trust model, such as that provided by more traditional Certificate Authority trust models. In the World Wide Web Consortium Verifiable Credentials Data Model, a verifier either directly trusts or does not trust an issuer. While it is possible to build transitive trust models using the Verifiable Credentials Data Model, implementers are urged to learn about the security weaknesses introduced by broadly delegating trust in the manner adopted by Certificate Authority systems.

Portions of the work on this specification have been funded by the United States Department of Homeland Security’s Science and Technology Directorate under contract HSHQDC-17-C-00019. The content of this specification does not necessarily reflect the position or the policy of the U.S. Government and no official endorsement should be inferred.

The Verifiable Credentials Data Model strives to support the full privacy spectrum and does not take philosophical positions on the correct level of anonymity for any specific transaction.

World Wide Web Consortium Photo credit: Elentari86 on Visualhunt / CC BY-NC-SA


Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.