The SSI Orbit Podcast – Self-Sovereign Identity, Decentralization and Digital Trust

Markus Sabadello has been a pioneer and leader in the field of digital identity for many years and has contributed to cutting-edge technologies that have emerged in this space. He is co-editor of the Decentralized Identifiers specification at W3C and co-chair of the Identifiers and Discovery Working Group at the Decentralized Identity Foundation. Markus is founder of Danube Tech, a consulting and development company that works on DID-related infrastructure and products, including the Universal Resolver, Universal Registrar, and the Godiddy.com platform.About Podcast EpisodeRead more about the episode by heading to ⁠⁠https://northernblock.io/decentralized-identifiers-did-methods-did-documents-did-resolutionThe full list of topics discussed between Markus and I in this podcast conversation include: An overview of Decentralized Identifiers (DIDs) - how DIDs came about, their history and evolution. The core properties of DIDs - what sets them apart from other types of identifiers. DID Methods. As of this post, there are 160+ DID Methods listed in this registry. Are they all decentralized? Why are there so many? What are some popular ones that have been adopted? What things to consider in your selection criteria for the right DID Method(s). When would one use DIDs for abstraction purposes vs vanilla public-key cryptography? DID Documents - what can be stored in them? How are they linked to a DID? What are some examples of things you can store in the authentication and service endpoints. How do you interact with them? Using blockchain vs non-blockchain (e.g., DNS server) implementations for storing DID Documents. What are some key elements to take into consideration when looking at these different options? Do DIDs disrupt or enhance existing certificate business models? The power of DID Resolution - how has it evolved, how does it work? (see video below for a great explainer)Where to find Markus? LinkedIn: https://www.linkedin.com/in/markus-sabadello-353a0821/ Twitter: ⁠⁠⁠⁠https://twitter.com/peacekeeperFollow Mathieu Glaude Twitter: ⁠⁠https://twitter.com/mathieu_glaude  ⁠⁠ LinkedIn:⁠⁠ ⁠⁠⁠⁠https://www.linkedin.com/in/mathieuglaude/⁠⁠ Website:⁠⁠ ⁠⁠⁠⁠https://northernblock.io/

Viky Manaila is an international expert in the field of electronic signatures, digital identity and digital transformation processes, who has successfully promoted the electronic business globally. She was one of the experts assessing the impact of revision of the eIDAS Regulation in support of the European Commission, with the aim of establishing a legislative framework for a secure, widely usable and interoperable Digital Identity for the Digital Single Market – eIDAS 2.0.About Podcast EpisodeRead more about the episode by heading to ⁠https://northernblock.io/eidas2-and-eu-digital-identity-walletThe full list of topics discussed between Viky and I in this podcast conversation include: Understanding eIDAS 2.0: its history, lessons learned and implications. How the current ecosystem of trust providers will change and adapt under new eIDAS 2.0 regulation. The EUDI Wallet Architecture Reference Framework (ARF), and how its aligns with eIDAS. Person Identification Data (PID) Providers, and the differences between Qualified Electronic Attestation of Attributes Providers and Non-Qualified Electronic Attestation of Attributes Providers. Exploring the 4 Large Scale Pilots, their use cases and their use of PID. Some of the various associations collaborating alongside eIDAS and the large scale pilots (e.g., ETSI, CSC, INATBA). Trust lists, trusted issuers/verifiers and governance! Current and upcoming challenges and opportunities.Where to find Viky? LinkedIn: ⁠https://www.linkedin.com/in/viky-manaila-%F0%9F%92%AF-0690aa1/ Twitter: ⁠https://twitter.com/ManailaVikyFollow Mathieu Glaude Twitter: ⁠https://twitter.com/mathieu_glaude  ⁠ LinkedIn:⁠ ⁠⁠https://www.linkedin.com/in/mathieuglaude/⁠ Website:⁠ ⁠⁠https://northernblock.io/

Dr.-Ing. Torsten Lodderstedt is founder of Tuconic, a consulting firm specialising in digital identity and API-based software architectures, with more than 15 years experience in developing and running large scale consumer identity services. In his previous positions, he helped organisations in public, banking, railway communication, and telecommunication domains to implement highly-scalable and secure services. Torsten regularly contributes to identity standards, currently focusing on decentralized identity and global identity networks. He is co-author of OpenID for Verifiable Credentials and OAuth 2.1, and co-chairs the GAIN PoC community group.About Podcast EpisodeRead more about the episode by heading to https://northernblock.io/open-id-4-vc-openid-for-verifiable-credentials/Some of the key topics covered during this episode with Torsten are: OpenID4VC’s background, and its relationship to oAuth2 and OpenID Connect. How verifiable credential issuances and verifications are done using OpenID4CI and OIDC4VP (+ why Presentation Exchange was chosen as the verification protocol). Decisions behind supporting different credentials formats, identifiers, cryptography suites and trust management mechanisms. How OpenID4VC fits within the ToIP Hourglass Model (from the ToIP Technical Architecture Specification). How OpenID4VC can be used in conjunction with other protocols such as DIDComm to bootstrap workflows. Does OpenID4VC combined with trust frameworks help to solve the NASCAR problem we face today on the internet? SIOP: the protocol to exchange cryptographically verifiable identifiers and authenticate using the key material controlled by the End-User. Using OpenID4CI for ISO 18013-5 (mDL) to move away from wallet-specific credential issuance and towards an interoperable way of exchanging verifiable credentials between different decentralized identity systems.Where to find Torsten? LinkedIn: https://www.linkedin.com/in/dr-torsten-lodderstedt/ Twitter: https://twitter.com/tlodderstedtFollow Mathieu Glaude Twitter: https://twitter.com/mathieu_glaude   LinkedIn: https://www.linkedin.com/in/mathieuglaude/ Website: https://northernblock.io/

Phil Windley is a Senior Software Development Manager at AWS Identity. He was most recently an Enterprise Architect and Principal Engineer in the Office of Information Technology at Brigham Young University (BYU). He was the Founding Chair of the Sovrin Foundation serving from 2016 to 2020. He is also the co-founder and organizer of the Internet Identity Workshop, serves as an Adjunct Professor of Computer Science at BYU, writes the popular Technometria blog, and is the author of the books Learning Digital Identity (O'Reilly, Media 2023), The Live Web (Course Technology, 2011), and Digital Identity (O'Reilly Media, 2005).About Podcast EpisodeRead more about the episode by heading to https://northernblock.io/relationships-and-identity-systems-with-phil-windley/Some of the key topics covered during this episode with Phil are: The differences in our knowledge needs between the physical world (tacit) and the digital world (explicit) are what make digital identity management complicated. Short-lived vs. long-lived relationships: a comparison. If the real world has pseudonymous relationships, why can't this be true online? (looking at recent Twitter and Meta verified account initiatives) Does the role of Identity Providers (IdPs) change as we move towards more user-controlled systems, rather than administrative identity systems? How does the term "Relying Party" translate into SSI? Breaking down trust and trustworthy, and differentiating between confidence and trust. Examining the tradespace between Privacy, Authenticity, and Confidentiality. How attribute-based access control (ABAC) will benefit from verifiable credentials.Where to find Phil? LinkedIn: https://www.linkedin.com/in/windley/ Twitter: https://twitter.com/windleyFollow Mathieu Glaude Twitter: https://twitter.com/mathieu_glaude   LinkedIn: https://www.linkedin.com/in/mathieuglaude/ Website: https://northernblock.io/

Tim Bouma is the Director of Verification and Assessments at the Digital Governance Council, a Canadian non-profit organization dedicated to developing standards for the Canadian Digital Ecosystem. Tim's current area of focus is developing conformity assessment schemes for standards related to digital trust identity.About Podcast EpisodeRead more about the episode by heading to https://northernblock.io/is-history-repeating-itself-or-are-we-operating-in-a-context-were-not-aware-of/Some of the key topics covered during this episode with Tim are: Why is understanding your context and others' contexts important important to prioritize in life? How Tim’s new mental model has helped him better understand context, identity, trust and more (model linked below in resource section). The relationship between roots of trust and the centralization/decentralization of societal administration. How we can look at life through two realms: the physical and imaginary realms. How have these two realms evolved throughout history. The origin of personal names! Understanding how registries of claims and balances work and are managed. How the transfer/unlocking of new knowledge has been a catalyst for power dynamic shifts throughout history. Why architectures are important in shaping culture, beliefs, values, intentions, etc. Should we focus less on identity and more on context? How the separation of cryptography-driven protocols from applications shifts knowledge, which in turn shifts power dynamics.Where to find Tim? LinkedIn: https://www.linkedin.com/in/trbouma/ Twitter: https://twitter.com/trboumaFollow Mathieu Glaude Twitter: https://twitter.com/mathieu_glaude   LinkedIn: https://www.linkedin.com/in/mathieuglaude/ Website: https://northernblock.io/

Andrew Hughes CISM CISSP is Director of Identity Standards at Ping Identity. He is a digital identity strategist contributing to international standards development. He works with international associations and standards bodies as a domain expert, developing standards and related conformity assessment materials. Andrew serves on the Board of Directors of Kantara Initiative, and as the Chair of the Kantara Leadership Council. As a national expert delegate for Standards Canada on digital identity, he contributes to development of international standards at ISO SC 27 for identity management and ISO SC 17 for mobile driving licenses and mobile eID. Andrew is currently investigating how the worlds of Government Issued Photo ID can co-exist with the emerging Verifiable Credentials models, in a mobile-first manner.About Podcast EpisodeRead more about the episode by heading to https://northernblock.io/mobile-driving-licence-mdl-exploring-iso-18013-5-7.Some of the key topics covered during this episode with Andrew are: Distinguishing the mobile driving licence (mDL) credential type from a verifiable credential (VC). How the mDL standard is working towards being consumed by other credential transport protocols (e.g., DIDComm, OIDC4VC) Can the same ISO standard for mDL be used to issue non-driving licence credentials? And should it? Do issuers of driving licences consider mDL it as a driving licence credential, or an identity credential? What does the ecosystem look like for mDL vs the one for physical driving licences? Who are some new participants that aren’t involved in physical DL production and governance? Why implementation supersedes the standard work. What are some interesting use cases around mDL that are gaining traction? How ISO works and how the relevant mDL sub-committees are evolving the standard. Are there concerns with the mobile hardware and OS providers gaining too much control over the mDL credentials?Where to find Andrew? LinkedIn: https://www.linkedin.com/in/andrew-hughes-682058a/ Twitter: https://twitter.com/IDIMAndrewFollow Mathieu Glaude Twitter: https://twitter.com/mathieu_glaude   LinkedIn: https://www.linkedin.com/in/mathieuglaude/ Website: https://northernblock.io/

Riley Hughes is the Co-founder and CEO of Trinsic, a company which provides infrastructure for building user-centric identity products. Customers need solutions, not SSI technology. We will struggle in fostering adoption if we try to sell SSI technology to end customers. We should rather focus on selling them solutions to business problems. For example, Slack sells productivity/collaboration tools to enterprises, not Internet technology or communication protocols. The same approach should be taken but us identity folks!About Podcast EpisodeRead more about the episode by heading to https://northernblock.io/selling-solutions-not-ssi-technology-with-riley-hughes.Some of the key topics covered during this episode with Riley are: Since we recorded the last episode (Episode 10), how have the value propositions and adoption of SSI changed? What are the different ways that SSI adoption is happening, and what ways are easier than others to push adoption? Do Enterprises see any incentive to issue digital credentials? Why the term ‘Digital Wallet’ is a bad analogy for what they actually are, and why it’s not positioned well to be a solution to business problems? Does Digital Identity still have an Identity problem? Why is terminology important to be used under the right contexts?Where to find Riley? LinkedIn: https://www.linkedin.com/in/rileyparkerhughes/ Twitter: https://twitter.com/rileyphughesFollow Mathieu Glaude Twitter: https://twitter.com/mathieu_glaude   LinkedIn: https://www.linkedin.com/in/mathieuglaude/ Website: https://northernblock.io/

Drummond Reed has spent a quarter-century in Internet identity, security, privacy, and trust infrastructure. He is Director, Trust Services at Avast after their acquisition of Evernym, where he was Chief Trust Office. He is co-author of the book, Self-Sovereign Identity (Manning Publications, 2021), and co-editor of the W3C Decentralized Identifiers (DID) 1.0 specification. At the Trust over IP Foundation, Drummond is a member of the Steering Committee and co-chair of the Governance Stack Working Group and the Concepts and Terminology Working Group. At the Sovrin Foundation, he served as co-chair of the Sovrin Governance Framework Working Group for five years.About Podcast EpisodeRead more about the episode by heading to https://northernblock.io/one-trust-spanning-protocol-and-many-trust-tasks-drummond-reed.Some of the key topics covered during this episode with Drummond are: Does the new ToIP Technology Architecture Specification address the questions posed by Kim Cameron in his 2005 whitepaper? If we agree that one identity system cannot rule them all, how then can an identity metasystem solve interoperability across identities, identity systems and contexts? (hint: a trust spanning protocol!) What are the leading contenders for becoming the trust spanning protocol? What are some examples of trust tasks, other than credential exchange, that are possible to unlock? How does a trust spanning protocol x trust tasks lead to advancements in how we manage our relationships, and help us move away from phone numbers and emails as our most valuable identifiers? Where can governments participate within the hourglass model framework to accelerate digital trust on the open internet?Where to find Drummond? LinkedIn: https://www.linkedin.com/in/drummondreed/ Twitter: https://twitter.com/drummondreedFollow Mathieu Glaude Twitter: https://twitter.com/mathieu_glaude   LinkedIn: https://www.linkedin.com/in/mathieuglaude/ Website: https://northernblock.io/

Energy and Mines Digital Trust (EMDT) was established by the Government of British Columbia (B.C.) to incentivize the formation of a digital trust ecosystem that will result in accuracies and efficiencies when sharing sustainability data, with downstream impacts of contributing towards a low-carbon economy.Reporting environmental impact data can be a complicated and laborious process. Data is difficult to exchange internationally, and consumers cannot always access, or trust, reported data.A digital trust ecosystem builds confidence between organizations, businesses, and individuals when interacting online. When information is shared using digital credentials, everyone can trust that the information is current and hasn't been tampered with, even without pre-existing business relationships. For natural resource companies, this means it is possible to easily share trustworthy data to prove their sustainability efforts.In this podcast episode with Nancy Norris and Kyle Robinson, we discuss: What’s happening in climate change legislation globally? What are the sustainability reporting requirements that the mining industry faces today? Where do digital trust and digital identity fit into sustainability reporting? How do you start a digital trust ecosystem? How do you select initial use cases to focus on? What is the role of the government in growing a digital trust ecosystem based on policy? How did EMDT build their digital trust governance frameworks? Why did EMDT publish their governance frameworks to open source repositories? The best ways to educate both technical and non-technical stakeholders about digital credentials and digital trust. Can digital trust technologies alter/influence change in regulatory reporting processes? Can governments who participate in digital trust ecosystems find new ways of creating value/new business models/enhancing standard service offerings?About GuestsNancy Norris, Senior Director of ESG & Digital Trust in the Ministry for Energy, Mines and Low Carbon Innovation for the Government of British Columbia. LinkedIn: https://www.linkedin.com/in/nancy-norris/Kyle Robinson, Senior Strategic Advisor for the Energy & Mines Digital Trust project on behalf of the Government of British Columbia. LinkedIn: https://www.linkedin.com/in/kylegrobinson/Follow Mathieu Glaude Twitter: https://twitter.com/mathieu_glaude   LinkedIn: https://www.linkedin.com/in/mathieuglaude/ Website: https://northernblock.io/

Scott Perry is a Principal at Schellman where he heads up its crypto and digital trust services. Scott is a recognized global leader in digital identity, blockchain, and verifiable credential governance and accreditation. He has worked with the world's most respected SSL-certificate issuers, aerospace and defense companies, and government agencies such as the US Senate Sergeant at Arms and the US Nuclear Regulatory Commission. He is a Steering Committee Member of the Trust Over IP Foundation and Co-chairs its Governance Stack Working Group. He has authored and contributed to most of its governance and assurance publications.As a hands-on crypto and cybersecurity consultant and auditor, Scott provides deep and impactful advice that you would expect from a leader in the field.About Podcast EpisodeIn this podcast episode with Scott, we discuss these topics: In digital trust infrastructure, these “rules” are formally known as a governance framework (GF). A core thesis of ToIP architecture is that interoperability of GFs is just as important—if not more so—than interoperability of the technical protocols. Why? Can you replicate, or codify existing physical world governance frameworks for digital use? Where is governance created? On the edge (with the issuers, holders, verifiers), or within/across ecosystems? Defining trust - is a technical or human concept? How to quantify trust? Is it even possible? Is accountability the key factor in building a rule system to promote trust? Does unlocking certain governance frameworks correlate directly to the adoption of digital trust ecosystems? How is assurance used as a measure to manage risk across various contexts? Are governance frameworks composable, meaning can they be re-used across various use cases? Can we leverage governance frameworks from closed ecosystems and re-use components in open ecosystems? How does governance map to the new ToIP technology architecture model? How do private and public sectors collaborate on defining governance for large scale digital ID programs?Where to find Scott? LinkedIn: https://www.linkedin.com/in/scott-perry-1b7a254/Follow Mathieu Glaude Twitter: https://twitter.com/mathieu_glaude   LinkedIn: https://www.linkedin.com/in/mathieuglaude/ Website: https://northernblock.io/