The SSI Orbit Podcast – Self-Sovereign Identity, Decentralization and Digital Trust

Stephen Curran of Cloud Compass Computing, Inc. is a Software Development and DevOps veteran who dove full on into the identity on blockchain world in 2017. Working with the British Columbia Government, Stephen has helped define, build and launch the Verifiable Organizations Network (VON)—a production instance of the Linux Foundation’s Hyperledger Indy, Aries and Ursa projects that makes public information about organizations (incorporations/legal entities) in BC available in the form of verifiable credentials. Stephen is a regular contributor in the Hyperledger Indy and Aries community, facilitating discussions and driving interoperability. Stephen has presented on Blockchain and the Hyperledger Indy and Aries projects many times and is a member of the Sovrin Foundation’s Board of Trustees and Technical Governance Board.About Podcast EpisodeSome of the key topics covered during this episode with Stephen are: Introduction to Various Credential Types - AnonCreds and different types of W3C credentials Converting AnonCreds VC to W3C VC Standard format and adding other signature types (e.g. LD-Signature/NIST/ed25519/BBS+) History of AnonCreds - blinding signature work in the 1970s, advancements and track record since then Why are AnonCreds suited for Government Digital ID use cases? Capabilities provided by AnonCreds - non-correlability, minimizing data shared, zero knowledge proofs (ZKPs), etc. Comparing transferable vs non-transferrable credentials Can the way that W3C credentials are formatted get in the way of interoperability in the future? Are there use cases where AnonCreds aren’t the right implementation? Are AnonCreds more computing intensive than W3C credentials? Future for AnonCreds and for Hyperledger Indy Why Revocation remains the weak point of AnonCreds and Indy Is mDL better suited than AnonCreds for Driver's Licence use cases?Where to find Stephen? LinkedIn: https://www.linkedin.com/in/stephen-w-curran/ Twitter: https://twitter.com/scurranC3IFollow Mathieu Glaude Twitter: https://twitter.com/mathieu_glaude   LinkedIn: https://www.linkedin.com/in/mathieuglaude/ Website: https://northernblock.io/

Drummond Reed has spent a quarter-century in Internet identity, security, privacy, and trust infrastructure. He is Director, Trust Services at Avast after their acquisition of Evernym, where he was Chief Trust Office. He is co-author of the book, Self-Sovereign Identity (Manning Publications, 2021), and co-editor of the W3C Decentralized Identifiers (DID) 1.0 specification. At the Trust over IP Foundation, Drummond is a member of the Steering Committee and co-chair of the Governance Stack Working Group and the Concepts and Terminology Working Group. At the Sovrin Foundation, he served as co-chair of the Sovrin Governance Framework Working Group for five years.About Podcast EpisodeDigital Trust Infrastructure is quickly becoming essential from an economic, political and security standpoint.Much of the infrastructure today is controlled and owned by device OS providers such as Apple and Google.It’s important that digital trust infrastructure providers can compete with the device OS providers.To produce a level playing field, we must have open standards and open access to the infrastructure. This applies to both to Governments and Private Sector digital trust providers.Some of the key topics covered during this episode with Drummond are: Wallets vs Agents – their differences, their relationship and how agents will use more and more contextual intelligence to help you make decisions according to your preferences. Can non-OS digital trust infrastructure providers compete with the device OS providers? (e.g., Apple owns the OS for mobile/desktops/tablets/smart watches) Comparing DIDComm to NFC – if NFC really facilitates security and trust for close distance, do the combinations of digital wallets, digital agents and protocols (like DIDComm) do the same for trust at distance? Trust Spanning Protocol – establishing authentic connections where both parties can authenticate each other (using the same hourglass model as TCP/IP). What are the architectural requirements for this protocol? And how can various protocols (e.g., DIDComm, KERI) converge into a trust spanning protocol? What does DIDComm do better/different than other data exchange protocols? (such as OAuth2 and OpenID Connect) Can the Trust over IP stack be used outside of Identity use cases? (e.g., payments, data sharing, social media) Comparing SSI to Email – similarities in protocol design, asynchronous or synchronous UX, simplicity and generalityWhere to find Drummond? LinkedIn: https://www.linkedin.com/in/drummondreed/ Twitter: https://twitter.com/drummondreedFollow Mathieu Glaude Twitter: https://twitter.com/mathieu_glaude   LinkedIn: https://www.linkedin.com/in/mathieuglaude/ Website: https://northernblock.io/

Darrell O’Donnell is a technology company founder, executive, investor, and advisor. He’s on a mission to help organizations build and deploy real-world decentralized (#SSI) solutions. He advises numerous startups, senior government leaders, and investors.About EpisodeSome of the key topics covered during this episode with Darrell are: What are the differences between Verifiable Data Registries and Trust Registries? How can Trust Registries help establish the Authenticity of Data? Does placing too much Governance at the Verifiable Data Registry layer cause scaling issues? Why DNS can become an elegant Root of Trust solution to validate the authenticity of Credential Issuers. Who in the Trust Triangle benefits the most from Trust Registries? Trust Registries vs Machine Readable Governance. About the Trust Registry Specification v1.0 at the TrustOverIP Foundation. How do I trust a Trust Registry? Do Trust Registries create new Centralization points? How will Trust Registries become adopted?Where to find Darrell? LinkedIn: https://www.linkedin.com/in/darrellodonnell/ Twitter: https://twitter.com/darrelloFollow Mathieu Glaude Twitter: https://twitter.com/mathieu_glaude   LinkedIn: https://www.linkedin.com/in/mathieuglaude/ Website: https://northernblock.io/

Dan Gisolfi is currently leading the delivery of innovation capabilities across Discover Financial Services (DFS), such as Hack-aaS, Patent Program, Design Thinking Services, and an Innovation Accelerator. Prior to joining DFS, he led an innovation team focused on the incubation of IBM Security’s Zero Trust Architecture in collaboration with internal labs, academic institutions and NIST.About Podcast EpisodeSome of the key topics covered during this episode with Dan are: How does the chicken and egg problem relate to digital identity? Is there a dependency on Government IDs to seed the marketplace? Are unique identifier databases required to become a credential issuer? What is transitive trust? And how does it differ from how trust gets established otherwise (e.g., through backend API calls)? The missing role in the trust triangle: The Examiner. Can Examiners become digital notaries? Rethinking authentication and authorization - using attestations from multiple issuers helps to create more trust. How Issuance can become a business model for many trusted service providers. Some challenges with the mDL (ISO/IEC 18013) standard. The benefits of using a Microcredentials approach. Misconceptions about becoming credential issuers (e.g., assuming liability, data minimization).Where to find Dan? LinkedIn: https://www.linkedin.com/in/vinomaster/ Blogs: https://www.ibm.com/blogs/blockchain/author/dan-gisolfi/Follow Mathieu Glaude Twitter: https://twitter.com/mathieu_glaude   LinkedIn: https://www.linkedin.com/in/mathieuglaude/ Website: https://northernblock.io/

Dominik Beron is the Founder & CEO of walt.id, a leading company in the field of decentralized identity. Mr. Beron is a serial entrepreneur with executive education from the Universities of Pennsylvania, Oxford and a law degree (JD equivalent) from the University of Vienna. He worked for law firms (M&A), served as a policy advisor to the Austrian Parliament and as consultant to the UN, the EU Commission and national governments. Dominik has received numerous awards such as “30 under 30” (by Forbes US) and was named a Global Shaper (World Economic Forum).About Podcast EpisodeThe question of “What is Identity?” is a very complicated one.In this conversation, Dominik distinguishes SSI as being Who I am, whereas NFTs as being What I own.Identity is a complicated topic. If I own a Ferrari, it says something about my identity.This conversation contrasts NFTs and SSI, while talking about how they both are complementary in representing one’s Identity.Some of the key topics covered during this episode with Dominik are: What drove the 2021 hype cycle for NFTs? Has the hype around NFTs been good for digital identity? Ownership-based Access Management – using NFTs for Access Management What are Soulbound tokens, and what are some issues associated with them? Why is building SSI products harder than building NFT products? What does it mean to be an EBSI conformant wallet? OIDC SIOP and the Open Policy Agent Does SSI fit within a Zero Trust model? Gaia-X – the EUs new cloud infrastructure How should we treat data replication and backups? What data do I really want to control?Where to find Dominik? LinkedIn: https://www.linkedin.com/in/dominikberon/ Twitter: https://twitter.com/DominikBeronFollow Mathieu Glaude Twitter: https://twitter.com/mathieu_glaude   LinkedIn: https://www.linkedin.com/in/mathieuglaude/ Website: https://northernblock.io/

Imraan Bashir is a Partner & National Canadian Public Sector Cyber Leader at KPMG. Imraan is a seasoned executive with 20+ years of experience advising on cyber security and information technology matters to a wide variety of public and private sector clients. Imraan is well-versed in multiple areas of cyber security, including governance, strategy, incident management, cloud security, risk management, digital identity and more.  Prior to joining KPMG, Imraan spent time in the public sector, where he directed the policy, strategy, implementation and oversight of Government of Canada enterprise-wide cyber initiatives, including leadership of key programs such as cloud security and digital identity.About Podcast EpisodeThis conversation is meant to generate some suggestions on how to avoid the big brother rhetoric when it comes to digital ID programs.Some of the key topics covered during this episode with Imraan are: The rise of Misinformation How to “pre-bunking” certain ideas? Misconceptions on Zero Trust What is Canada doing better/worse in digital ID related to other national programs? How can digital ID go wrong? Biometrics and facial recognition Centralization and selling of data to private sector How can we as an industry do a better job at educating the general population about digital ID?Where to find Imraan? LinkedIn: https://www.linkedin.com/in/imraanbashir/ Twitter: https://twitter.com/iBashXFollow Mathieu Glaude Twitter: https://twitter.com/mathieu_glaude   LinkedIn: https://www.linkedin.com/in/mathieuglaude/ Website: https://northernblock.io/

Karla McKenna is an international standards specialist in the area of financial services. Ms. McKenna is the Head of Standards for the Global Legal Entity Identifier Foundation (GLEIF) for which she is responsible for facilitating the development and implementation of GLEIF standards and leveraging international standards from organizations such as the International Organization for Standardization (ISO) to maximize data quality and the operational integrity of the Global LEI System. Ms. McKenna also is Managing Director, GLEIF Americas.About EpisodeSome of the key topics covered during this episode with Karla are: What is the State of Legal Entity Verification today? What is a Legal Entity Identifier (LEI)? What is a Verifiable LEI (vLEI)? Should Governments be involved in the issuance of LEIs? Who can issue LEIs? Can Issuers monetize the issuance of LEIs? How are Relationships established between Legal Entities and Natural Persons? How GLEIF is establishing itself as a Root of Trust for Digital Trust Ecosystems. How to Chain Credentials and enable dependencies to be set between credentials within a value chain. Can vLEIs work with the Aries/Indy stack? What are some current Use Cases for vLEIs? GLEIF’s Roadmap.Read more about episode here: https://northernblock.io/gleif-standardizing-legal-entity-verification-with-karla-mckenna/Where to find Karla? LinkedIn: https://www.linkedin.com/in/karla-mckenna-81051310/ Website: https://www.gleif.org/Follow Mathieu Glaude Twitter: https://twitter.com/mathieu_glaude   LinkedIn: https://www.linkedin.com/in/mathieuglaude/ Website: https://northernblock.io/

Joachim Lohkamp is the Founder & CEO of Jolocom, a Berlin-based company building decentralized digital identity and access right management solutions aimed to be universal, lightweight and based on open source protocols.One of the desired outcomes of using standards-driven open source code projects is to avoid vendor lock-in. If your digital identity is a public good, then you shouldn’t be locked in to one specific company. If a company goes out of business, I may lose my identity data. If I find a better alternative, I'm unable to port my identity. Therefore, interoperability is a vital aspect of being able to provide sovereignty to individuals but also to governments.Some of the key questions answered during this episode with Joachim are: What are the different lenses of Interoperability outside of simply technological ones? What is happening inside the EU's digital identity governance frameworks? How to go about preventing vendor/network lock-ins from the wallet perspective? Does ID proofing impact the ability to achieve permissionless SSI models? What is exciting about the intersection of SSI and web3, and are innovations in this area moving quicker than other areas? Despite the misuse of NFTs for identity-related use cases, are they still helping advance decentralized identity thinking? What learnings can SSI wallet providers gain from crypto wallet providers (e.g., security, key management, UX)? Will intelligent agent providers need to make their algorithms open sourced? Where do portable digital identities fit within the existent and ever changing digital identity landscape (e.g., e-sign, biometrics, IAM, etc.)?And more!Where to find Joachim? LinkedIn: https://www.linkedin.com/in/joachimlohkamp/ Twitter: https://twitter.com/JoachimLohkampFollow Mathieu Glaude Twitter: https://twitter.com/mathieu_glaude   LinkedIn: https://www.linkedin.com/in/mathieuglaude/

Eugenio (Gene) is an industry go-to person in the fight against proceeds of crime, corruption and terrorism (AML/ATF/ABC) within the investments, banking and insurance industries.Laws against money laundering were created to use against organized crime during the period of Prohibition in the United States during the 1930s. Organized crime received a major boost from Prohibition and a large source of new funds that were obtained from illegal sales of alcohol. The successful prosecution of Al Capone on tax evasion brought in a new emphasis by the state and law enforcement agencies to track and confiscate money, but existing laws against tax evasion could not be used once gangsters started paying their taxes.“Always follow the money” has been sound advice in law enforcement and political circles for decades. Nevertheless, tracking the flows of illicit funds generated by drug trafficking and organized crime and analyzing the magnitude and the extent to which these are laundered through the world’s financial systems remain daunting tasks.Can Digital ID come to the rescue?This episode covers the intersections of Digital ID, AML and Open Banking.Some of the key questions answered are: What’s the global impact of money laundering today? How can Digital ID help prevent illicit financial flows? How can technology (e.g., device fingerprinting) make anti-money laundering and counter terrorist financing efforts faster, cheaper and more efficient? What is the Financial Action Task Force's (FATF) Digital ID guidance? How can you layer multiple sources of identity (outside of government sources) to enhance Identification Assurance? How can you prevent money laundering through stronger Legal Entity Identity verifications? Can open banking succeed without Digital Identity? Are open banking and digital identity the same thing? What are some of the key Open Banking standards bodies that are active today? Does Open Banking make money laundering easier or more difficult?And more!Where to find Eugenio? LinkedIn: https://www.linkedin.com/in/eugeniodimira/ Twitter: https://twitter.com/GeneDiMiraFollow Mathieu Glaude Twitter: https://twitter.com/mathieu_glaude   LinkedIn: https://www.linkedin.com/in/mathieuglaude/

Andy Best is the CEO of the Civic Digital Network (CDN), a non-profit organization working to create national data infrastructure.CDN’s mission is to give the public sector the tools to meet the challenges of the coming century. How do you enable responsible economic activity in the current digital era? What is the government's proper role to facilitate, regulate and legislate to create the maximum social and economic public and private good.During this conversation, we discuss: What are Intangible Assets, the Intangible Economy - and why leaders should care about them?How do you approach Policy around Public Data Institutions, without making them too restrictive which can have negative impacts on private sector innovation?Why Policy Makers must look at Intangible Assets (such as software and data) very differently than Tangible Assets (roads and bridges).How to ensure the Right Controls are put in place for Public Data Utility programs?Why taking a Use Case Lens in the deployment of Public Infrastructure programs is the only approach.How Municipalities who adopt the right public data programs can increase the prosperity of their citizens.Why Government should view Standards as part of their Regulatory Frameworks.And more!Note that although this conversation is mostly framed around Canadian context, the key fundamental frameworks discussed are applicable across various democratic systems.Where to find Andy? LinkedIn: https://www.linkedin.com/in/andy-best-82bab930/ Website: https://www.civicdigital.ca/Follow Mathieu Glaude Twitter: https://twitter.com/mathieu_glaude   LinkedIn: https://www.linkedin.com/in/mathieuglaude/