[DG-BSC] User-centric identity materials
agropper at healthurl.com
Thu Dec 8 11:20:01 CST 2016
HIE of One combines self-sovereign identifiers, verifiable claims, and
self-sovereign UMA AS. The self-sovereign components complement each other
and avoid introducing federation constraints typical to an IDP. Verifiable
claims are the non-self-sovereign component but that doesn't mean
federation as I use the term. Verifiable claims make the system
I'm not sure why we're choosing to compare Sovrin to anything. uPort,
blockstack, and Sovrin can all be used as self-sovereign identifiers under
the evolving DID spec
Why not start with the DID spec and verifiable claims as the basis and
compare them+UMA to OIDC+UMA? In HIE of One, we use both because I don't
see any reason to choose.
When you mention "other entities" in your example, I have trouble mapping
that into UMA. Can you elaborate?
On Thu, Dec 8, 2016 at 10:32 AM, Thomas Hardjono <hardjono at mit.edu> wrote:
> Unilateral user actions: "Does the solution enable unilateral user actions
> that have unambiguously positive outcomes"
> Does an action by a user gets honored across all the entities in the
> identity ecosystem, including by the IdPs and more importantly by the RPs
> (which could be a business). Or does it have side-effects that may be
> negative to the user.
> Example: If Alice gives access to a resource and then revokes, do all the
> other entities make this true. And is there any room for misinterpretation
> of Alice's intent.
> From: dg-bsc-bounces at kantarainitiative.org [dg-bsc-bounces@
> kantarainitiative.org] on behalf of Adrian Gropper [agropper at healthurl.com
> Sent: Monday, December 05, 2016 1:14 AM
> To: Eve Maler
> Cc: dg-bsc at kantarainitiative.org
> Subject: Re: [DG-BSC] User-centric identity materials
> Thanks for the HIE of One pitch.
> We've added self-sovereign ID to HIE of One using uPort. This now gives
> the resource owner 4 options for authentication at the UMA AS
> 1. Direct Login to the AS
> 2. Whitelisting OIDC IDPs as an option of UMA resource registration
> 3. Federated login using OIDC
> 4. Self-sovereign Blockchain ID with linked verifiable claims
> These 4 options are demonstrated in the latest addition to HIE of One in a
> 2-minute video: https://youtu.be/FNlAkGauIdw
> Your recent slides seem somewhat harsh on self-soveriegn ID. Sovrin is
> just one of the blockchain-based self-sovereign IDs that are currently
> being standardized<https://github.com/WebOfTrustInfo/rebooting-
> DID-Spec-Implementers-Draft-01.pdf>. Let's review your concluding slide:
> 1. The uPort app doesn't require the user to remember either a username
> or password
> 2. I'm not sure how to interpret "unilateral user actions" - please
> 3. People have rejected federation for anything other than low levels
> of assurance. A self-sovereign ID can be high assurance while also
> protecting pseudonimity through separable verifiable claims.
> 4. Self-sovereign ID respects the needs of RS (strong authentication),
> AS (open reputation mechanism and verifiable claims, and RqP (triple-blind
> attribute handling, privacy-preserving claims, on ID app across all
> 5. I'm not sure how to interpret "consent more meaningful in this
> context" - please elaborate
> 6. The limits of federation are now obvious. Standards-based
> self-sovereign ID seems much more likely to scale.
> On Fri, Dec 2, 2016 at 5:01 PM, Eve Maler <eve.maler at forgerock.com<mailto:
> eve.maler at forgerock.com>> wrote:
> As promised... Here are my slides<https://www.dropbox.
> 20161129%28revised%29.pdf?dl=0> from the presentation this week, my 2008
> NZIDConf-Apr2008.pdf?dl=0>, and the accompanying journal paper<
> Eve Maler
> ForgeRock Office of the CTO | VP Innovation & Emerging Technology
> Cell +1 425.345.6756<tel:%28425%29%20345-6756> | Skype: xmlgrrl |
> Twitter: @xmlgrrl
> DG-BSC mailing list
> DG-BSC at kantarainitiative.org<mailto:DG-BSC at kantarainitiative.org>
> Adrian Gropper MD
> PROTECT YOUR FUTURE - RESTORE Health Privacy!
> HELP us fight for the right to control personal health data.
> DONATE: http://patientprivacyrights.org/donate-2/
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy!
HELP us fight for the right to control personal health data.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the DG-BSC