SlideShare a Scribd company logo

Introducing the SSI eIDAS Legal Report – Ignacio Alamillo

SSIMeetup
SSIMeetup

https://ssimeetup.org/introducing-ssi-eidas-legal-report-ignacio-alamillo-webinar-55/ The European Commission developed the SSI (Self-Sovereign Identity) eIDAS bridge, an ISA2 funded initiative, to promote eIDAS as a trust framework for the SSI ecosystem. It assists a VC (Verifiable Credential) issuer in the signing process, and helps the verifier to automate the identification of the organization behind the issuer’s DID (Decentralized Identifier). Simply by “crossing” the eIDAS Bridge, a Verifiable Credential can be proven trustworthy in the EU. Ignacio Alamillo will present at this SSI Meetup webinar the insights gained from this report. In the context of the eIDAS bridge project, we performed an analysis on how eIDAS can legally support digital identity and trustworthy DLT-based transactions in the Digital Single Market, and this is reflected in the SSI eIDAS legal report, available at this link. The objective of this report is to evaluate the potential legal issues that are important to an SSI solution and make some recommendations to be used as policy input for the eIDAS 2020 review. The report outlines short-term objectives, where changes in the Regulation would not be necessary, but also mid to long-term scenarios requiring major changes in the Regulation to comply with the SSI design principles. The different scenarios described in the report are aligned with the proposed architectural and procedural considerations designed in the SSI eIDAS Bridge project and the European Self Sovereign Identity Framework.

Internet
1 of 40
Download to read offline
Introducing the SSI eIDAS Legal Report DR. IGNACIO ALAMILLO DOMINGO SSIMEETUP May 7th , 2020 @NachoAlamillo CC BY-SA 4.0 SSIMeetup.org
1. Empower global SSI communities 2. Open to everyone interested in SSI 3. All content is shared with CC BY SA Alex Preukschat @SSIMeetup @AlexPreukschat Coordinating Node SSIMeetup.org SSIMeetup objectives SSIMeetup.orgssimeetup.org · CC BY-SA 4.0 International
•Lawyer, Certified Information Systems Auditor, Certified Information Security Manager. +22 years of experience in public and private sector. Phd thesis on eIDAS Regulation. Researcher at iDerTec (University of Murcia). •Member of UNE CTN71/SC307, ISO/TC307 & CEN-CLC/JTC19. • Co-leader of ISO/TC 307 “Trust Anchors for Decentralized Identity Management”. • Co-editor of ISO/TC 307 TR 23249 “Overview of DLT Systems for Identity Management”. •EU Commission legal expert in EBSI eSSIF and EBSI eIDAS Bridge initiatives. #WhoIAm CC BY-SA 4.0 SSIMeetup.org
CC BY-SA 4.0 SSIMeetup.org
eIDAS: The Regulation in a nutshell CC BY-SA 4.0 SSIMeetup.org
eIDAS: Key principles for eID CC BY-SA 4.0 SSIMeetup.org
CC BY-SA 4.0 SSIMeetup.org
CC BY-SA 4.0 SSIMeetup.org
eIDAS (current) Interoperability Architecture CC BY-SA 4.0 SSIMeetup.org
CC BY-SA 4.0 SSIMeetup.org
eIDAS (current) Trust Services CC BY-SA 4.0 SSIMeetup.org
eIDAS types of e-signatures and e-seals CC BY-SA 4.0 SSIMeetup.org
Why eIDAS Regulation in the SSI space? • eIDAS Regulation constitutes the main electronic identification trust framework in the European Economic Area. • eID is a building block of the Digital Single Market, allowing the establishment of cross-border distance electronic relations in the e-Government field. • eIDAS may be extended to include the recognition of eIDs for private sector uses, such as AML/CFT, online platforms, etc. • Its technology-neutral approach could easily allow the usage of SSI systems, constituting a real opportunity for their adoption. • eIDAS Regulation has a strong influence in the international regulatory space, thanks to UNCITRAL recent works. CC BY-SA 4.0 SSIMeetup.org
General legal considerations • As a pre-requisite, according to SSI design principles applied in EBSI ESSIF, the person must have obtained a DID, using a valid method, without any critical dependency of a third party. • EBSI ESSIF is limited to natural persons. • General analysis regarding the legal value of verifiable credentials and their presentations. • General legal assessment of DIDs, DID Documents and DID control keys. CC BY-SA 4.0 SSIMeetup.org
General legal considerations CC BY-SA 4.0 SSIMeetup.org
Legal scenarios wrt eIDAS alignment • Very short term scenarios (no changes in Regulation) 1. Use of notified eIDAS eID means and qualified certificates to issue verifiable credentials. 2. eIDAS Bridge: increasing verifiable credentials’ legal value and cross-border recognition. 3. Use current eID nodes to issue SAML assertion based in a VC/VP. • Short term scenarios (based in interpretation of the Regulation) 4. Use of Verifiable IDs as eIDAS electronic identification means. 5. Issuance of qualified certificates based on a specific DID method and verifiable credential. • Mid to long term scenarios (major changes in the Regulation) 6. Extend eIDAS Regulation Chapter II to additional VCs for attestations. 7. Regulate the issuance of Verifiable Attestations as a trust service. 8. Regulate the activity of Identity Hubs as a trust service, in support of SSI-based Once Only Principle. 9. Regulate delegated key management as an independent trust service, in support of remote wallets. 10. Regulate a specific type of DLT node as a trust service. CC BY-SA 4.0 SSIMeetup.org
Scenario 1. Use of notified eIDAS eID means and qualified certificates to issue verifiable credentials • This use case considers the utilization of an eID for the validation of the identity attributes that are to be included in any assertion associated to a DID. This would be a scenario in which a means of identification notified in accordance with the eIDAS Regulation is used to proof the information that will be included in a Verifiable Credential (eSSIF Verifiable IDs). • eIDAS Interoperability regulation defines minimum data sets for natural persons and for legal persons, while Annexes I and III of eIDAS Regulation define the same data set in the case of qualified certificates. • The main advantage of using this approach is that the Verifiable Credential inherits the level of assurance of the eIDAS electronic identification information, allowing a person to get different Verifiable IDs and leveraging their use in the space of decentralized transactions, gaining real privacy. • This is specially true in case the focus on the recognition of specific types of Verifiable ID Presentations. CC BY-SA 4.0 SSIMeetup.org
Scenario 1. Use of notified eIDAS eID means and qualified certificates to issue verifiable credentials CC BY-SA 4.0 SSIMeetup.org
Scenario 2. eIDAS Bridge: increasing verifiable credentials’ legal value and cross-border recognition • This experience uses qualified certificates to support verifiable credentials and legal evidences with full legal value. • Qualified certificates are regulated under articles 28 (natural persons) and 38 (legal persons) of eIDAS Regulation, and they confirm the identity of the natural person or the legal person. May also contain other identity data, such as mandates. • When qualified certificates are operated in the Cloud, they are specially suitable to authenticate and protect Verifiable Credentials using qualified electronic signatures and electronic seals, thus providing the maximum legal effect and acceptance to blockchain-based transactions. • This technique may generate privacy issues (e.g. allowing re-identification of Verifiable Credentials issuers that are natural persons). • Limitation: With qualified certificates we have confirmation of identity but not confirmation of authority to issue a particular claim. CC BY-SA 4.0 SSIMeetup.org
Scenario 2. eIDAS Bridge: increasing verifiable credentials’ legal value and cross-border recognition CC BY-SA 4.0 SSIMeetup.org
Scenario 3. Use current eID nodes to issue a SAML assertion based in verifiable credentials/presentations • This scenario consider the possibility to incorporate, to a current “regular” eIDAS node, the capability to accept Verifiable Presentations as a form of user authentication. • The protocol for the communication in the network of eIDAS identification nodes would not change, and the assertion issued by the node would be SAML, just as with other authentication mechanisms. • The VC/VP should include the minimum data set for the user. • The DID method should adopt a minimal set of requirements related to the DID control mechanism, to ensure alignment with the eIDAS Security requirements Regulation. • Interesting as a “fast-track” procedure for the interoperable adoption of the SSI technology in relations with public sector bodies. • But it does not leverage the innovations and privacy enhancements of SSI technologies. CC BY-SA 4.0 SSIMeetup.org
Scenario 3. Use current eID nodes to issue a SAML assertion based in verifiable credentials/presentations CC BY-SA 4.0 SSIMeetup.org
Scenario 4. Use of Verifiable IDs as eIDAS electronic identification means • eIDAS is an appropriate regulatory framework to embody specific SSI systems, such as EBSI eSSIF Verifiable IDs proposal, aligned with assurance level substantial (or high, depending on the user device and setup). • Although electronic identification under eIDAS Regulation is today clearly aligned with SAML-based infrastructures, nothing in the eIDAS or its implementing acts should prevent the usage of a SSI system as an electronic identification means. • Thus, this use case considers a Verifiable Credential as an eIDAS compliant electronic identification means, enabling –at least– transactions with Public Sector authorities and Public Administrations and, if so decided by its issuer, also with private sector entities, for AML/CFT and other uses. • Again, it would be better to put the focus on a specific type of Verifiable Presentation as an electronic identification means, including rules on the different Verifiable Credentials presented. CC BY-SA 4.0 SSIMeetup.org
Scenario 4. Use of Verifiable IDs as eIDAS electronic identification means CC BY-SA 4.0 SSIMeetup.org
Scenario 5. Issuance of qualified certificates based on a specific DID method and verifiable credential • With a technologically neutral, wide, interpretation of the eIDAS Regulation (more specifically, of the “certificate” definition), it would be possible to consider a specific DID method + a specific type of Verifiable Credential as a “qualified certificate”, both for natural and for legal persons. • As qualified certificates confirm the identity of the subject (signatory or seal creator), this specific DID method+VC would benefit from the legal effect defined for qualified certificates, and would also support qualified signatures and qualified electronic seals in blockchain transactions. • This type of credential would also qualify as a Verifiable ID, when including the minimum data set. • Moreover, this approach allows transitioning from PKI to DPKI & SSI systems, while maintaining (and even fostering) a valuable market and reusing a convenient and proven supervisory and liability regime. CC BY-SA 4.0 SSIMeetup.org
Scenario 5. Issuance of qualified certificates based on a specific DID method and verifiable credential CC BY-SA 4.0 SSIMeetup.org
Scenario 6. Extend the eIDAS notification mechanism to Verifiable Attestations: enhanced Trusted Issuers management • eIDAS does not currently offer an appropriate legal framework for other types of Verifiable Credentials. This is reasonable from the perspective of the legal regime of the content (e.g. a diploma). • It would be an opportunity to extend Chapter II of the eIDAS Regulation to schemes for the self-managed sharing of identity attributes (e.g. eSSIF Verifiable Attestations), leveraging the legal infrastructure to create a general, abstract, framework for this process. Sectorial legal norms would define the rules associated to the content (thus fostering the reusable building block concept). • It requires the implementation of a Trusted Issuer management scheme, similar to trust service lists, allowing checks of authoritative sources. • It would consider issuers both from the public and private sector offering this service, wrt the data they’re authoritative for, or they can vouch. CC BY-SA 4.0 SSIMeetup.org
Scenario 6. Extend the eIDAS notification mechanism to Verifiable Attestations: enhanced Trusted Issuers management CC BY-SA 4.0 SSIMeetup.org
Scenario 6. Extend the eIDAS notification mechanism to Verifiable Attestations: enhanced Trusted Issuers management CC BY-SA 4.0 SSIMeetup.org
Scenario 7. Regulate the issuance of Verifiable Attestations as a trust service • Following the legal logic of qualified certificates (which could be deployed as DID+VC under specific rules), it could be possible to define a new trust service, oriented to the issuance of VCs containing identity attributes (other than foundational identity attributes contained in VCs issued as qualified certificates). • Main benefits include benefiting from the all the common rules, supervisory framework and liability model set up in Chapter III of the eIDAS Regulation (a legal trust anchor). • It would increase the market for EU qualified trust service providers, helping them compete in a global scale vs other SSI network’s trust models, requiring issuers to be “authorized” by the network’s governors (e.g. trust anchors in Sovrin or ARIES). CC BY-SA 4.0 SSIMeetup.org
Scenario 7. Regulate the issuance of Verifiable Attestations as a trust service CC BY-SA 4.0 SSIMeetup.org
Scenario 8. Regulate the activity of Identity Hubs as a trust service, in support of SSI-based Once Only Principle • Identity hubs allow controlling access to personal or corporate information conveyed in form of VCs. • They can be seen as repositories of data shared by a subject, directly or when consent has been explicitly given; in that sense, they support the once only principle (TOOP) in new scenarios (e.g., when interchanging public sector issued data with private sector third parties). • They manage permissions, produce information with legal relevance (e.g., access logs) and must store data in a trustworthy manner, on behalf of the subject. • It would be convenient to regulate this activity as a trust service, with the aim to set up a strict legal framework to protect subjects. CC BY-SA 4.0 SSIMeetup.org
Scenario 8. Regulate the activity of Identity Hubs as a trust service, in support of SSI-based Once Only Principle CC BY-SA 4.0 SSIMeetup.org
Scenario 8. Regulate the activity of Identity Hubs as a trust service, in support of SSI-based Once Only Principle CC BY-SA 4.0 SSIMeetup.org
Scenario 9. Regulate delegated key management as an independent trust service, in support of remote wallets • DIDs require key management activities. Control is foundational to the SSI concept itself. • eIDAS advanced electronic signature (for natural persons) require that the signatory has exclusive control of the signature creation data, a requirement already developed by CEN & ETSI standards (EN 419 241, parts 1 and 2; TS 119 431-1). When used to endorse a transaction, the DID key is, actually, signature creation data. • In many cases wallet providers are already offering server-side wallet services with few or no guarantees at all, in the best case supported by social recovery mechanisms. • Although it may reintroduce partial centralization (which may be considered against the most purist SSI philosophy), it would be convenient to regulate key management as an independent trust service, to increase server-side wallet providers quality and liability. CC BY-SA 4.0 SSIMeetup.org
Scenario 9. Regulate delegated key management as an independent trust service, in support of remote wallets CC BY-SA 4.0 SSIMeetup.org
Scenario 10. Regulate a specific type of DLT node as a trust service • Finally, we can envision the possibility of extending the eIDAS Regulation to a specific trust service consisting on the operation of a specific type of node, for a specifically designed DLT, tailored for the generation of electronic evidences. • This approach would allow setting up a series of additional requirements aimed to deploy distributed networks that balance the public/legitimate interest in the legal certainty of electronic proofs, with the rights and expectations of all parties. • It could be a baseline service on top of which other services would be reliably deployed (namely, identity and signature/seal services, timestamping services or electronic registered delivery services). • Regulation would cover aspects such as governance and consensus models, time synchronization, crypto security, software certification… but also legal limits to PII rights, such as right to modification or right to erasure. CC BY-SA 4.0 SSIMeetup.org
Scenario 10. Regulate a specific type of DLT node as a trust service CC BY-SA 4.0 SSIMeetup.org
THANKS! Questions? MORE INFORMATION: NACHO@ASTREA.CAT CC BY-SA 4.0 SSIMeetup.org
Introducing the SSI eIDAS Legal Report DR. IGNACIO ALAMILLO DOMINGO SSIMEETUP May 7th , 2020 @NachoAlamillo CC BY-SA 4.0 SSIMeetup.org

Recommended

eIDAS regulation: anchoring trust in Self-Sovereign Identity systems
eIDAS regulation: anchoring trust in Self-Sovereign Identity systemseIDAS regulation: anchoring trust in Self-Sovereign Identity systems
eIDAS regulation: anchoring trust in Self-Sovereign Identity systemsSSIMeetup
 
Decentralized Identifier (DIDs) fundamentals deep dive
Decentralized Identifier (DIDs) fundamentals deep diveDecentralized Identifier (DIDs) fundamentals deep dive
Decentralized Identifier (DIDs) fundamentals deep diveSSIMeetup
 
The Pan-Canadian Trust Framework (PCTF) for SSI
The Pan-Canadian Trust Framework (PCTF) for SSIThe Pan-Canadian Trust Framework (PCTF) for SSI
The Pan-Canadian Trust Framework (PCTF) for SSISSIMeetup
 
Identity-centric interoperability with the Ceramic Protocol
Identity-centric interoperability with the Ceramic ProtocolIdentity-centric interoperability with the Ceramic Protocol
Identity-centric interoperability with the Ceramic ProtocolSSIMeetup
 
Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sove...
Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sove...Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sove...
Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sove...SSIMeetup
 
Streetcred: Improving the Developer Experience in SSI – Michael Boyd
Streetcred: Improving the Developer Experience in SSI – Michael BoydStreetcred: Improving the Developer Experience in SSI – Michael Boyd
Streetcred: Improving the Developer Experience in SSI – Michael BoydSSIMeetup
 
Self-Sovereign Identity: Ideology and Architecture with Christopher Allen
Self-Sovereign Identity: Ideology and Architecture with Christopher AllenSelf-Sovereign Identity: Ideology and Architecture with Christopher Allen
Self-Sovereign Identity: Ideology and Architecture with Christopher AllenSSIMeetup
 
Introduction to Self Sovereign Identity
Introduction to Self Sovereign IdentityIntroduction to Self Sovereign Identity
Introduction to Self Sovereign IdentityHeather Vescent
 

Recommended

eIDAS regulation: anchoring trust in Self-Sovereign Identity systems
eIDAS regulation: anchoring trust in Self-Sovereign Identity systemseIDAS regulation: anchoring trust in Self-Sovereign Identity systems
eIDAS regulation: anchoring trust in Self-Sovereign Identity systemsSSIMeetup
 
Decentralized Identifier (DIDs) fundamentals deep dive
Decentralized Identifier (DIDs) fundamentals deep diveDecentralized Identifier (DIDs) fundamentals deep dive
Decentralized Identifier (DIDs) fundamentals deep diveSSIMeetup
 
The Pan-Canadian Trust Framework (PCTF) for SSI
The Pan-Canadian Trust Framework (PCTF) for SSIThe Pan-Canadian Trust Framework (PCTF) for SSI
The Pan-Canadian Trust Framework (PCTF) for SSISSIMeetup
 
Identity-centric interoperability with the Ceramic Protocol
Identity-centric interoperability with the Ceramic ProtocolIdentity-centric interoperability with the Ceramic Protocol
Identity-centric interoperability with the Ceramic ProtocolSSIMeetup
 
Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sove...
Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sove...Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sove...
Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sove...SSIMeetup
 
Streetcred: Improving the Developer Experience in SSI – Michael Boyd
Streetcred: Improving the Developer Experience in SSI – Michael BoydStreetcred: Improving the Developer Experience in SSI – Michael Boyd
Streetcred: Improving the Developer Experience in SSI – Michael BoydSSIMeetup
 
Self-Sovereign Identity: Ideology and Architecture with Christopher Allen
Self-Sovereign Identity: Ideology and Architecture with Christopher AllenSelf-Sovereign Identity: Ideology and Architecture with Christopher Allen
Self-Sovereign Identity: Ideology and Architecture with Christopher AllenSSIMeetup
 
Introduction to Self Sovereign Identity
Introduction to Self Sovereign IdentityIntroduction to Self Sovereign Identity
Introduction to Self Sovereign IdentityHeather Vescent
 
Trust Frameworks and SSI: An Interview with CULedger on the Credit Union MyCU...
Trust Frameworks and SSI: An Interview with CULedger on the Credit Union MyCU...Trust Frameworks and SSI: An Interview with CULedger on the Credit Union MyCU...
Trust Frameworks and SSI: An Interview with CULedger on the Credit Union MyCU...SSIMeetup
 
Blockcerts: The Open Standard for Blockchain Credentials
Blockcerts: The Open Standard for Blockchain CredentialsBlockcerts: The Open Standard for Blockchain Credentials
Blockcerts: The Open Standard for Blockchain CredentialsSSIMeetup
 
Understanding the European Self-Sovereign Identity Framework (ESSIF)
Understanding the European Self-Sovereign Identity Framework (ESSIF)Understanding the European Self-Sovereign Identity Framework (ESSIF)
Understanding the European Self-Sovereign Identity Framework (ESSIF)SSIMeetup
 
All you need to know about SSI for Corporates and IoT – Heather Vescent
All you need to know about SSI for Corporates and IoT – Heather VescentAll you need to know about SSI for Corporates and IoT – Heather Vescent
All you need to know about SSI for Corporates and IoT – Heather VescentBlockchain España
 
Alastria Digital Identity: the Spanish Blockchain solution for SSI - Carlos P...
Alastria Digital Identity: the Spanish Blockchain solution for SSI - Carlos P...Alastria Digital Identity: the Spanish Blockchain solution for SSI - Carlos P...
Alastria Digital Identity: the Spanish Blockchain solution for SSI - Carlos P...SSIMeetup
 
Overview of Decentralized Identity
Overview of Decentralized IdentityOverview of Decentralized Identity
Overview of Decentralized IdentityJim Flynn
 
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/Sovrin
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/SovrinFOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/Sovrin
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/SovrinCalvin Cheng
 
Decentralized Key Management (DKMS): An Essential Missing Piece of the SSI Pu...
Decentralized Key Management (DKMS): An Essential Missing Piece of the SSI Pu...Decentralized Key Management (DKMS): An Essential Missing Piece of the SSI Pu...
Decentralized Key Management (DKMS): An Essential Missing Piece of the SSI Pu...SSIMeetup
 
DID Resolution: Given a DID how do I retrieve its document? – Markus Sabadello
DID Resolution: Given a DID how do I retrieve its document? – Markus SabadelloDID Resolution: Given a DID how do I retrieve its document? – Markus Sabadello
DID Resolution: Given a DID how do I retrieve its document? – Markus SabadelloSSIMeetup
 
Highlights of Internet Identity Workshop #28 with Drummond Reed
Highlights of Internet Identity Workshop #28 with Drummond ReedHighlights of Internet Identity Workshop #28 with Drummond Reed
Highlights of Internet Identity Workshop #28 with Drummond ReedSSIMeetup
 
What are Decentralized Identifiers (DIDs)?
What are Decentralized Identifiers (DIDs)?What are Decentralized Identifiers (DIDs)?
What are Decentralized Identifiers (DIDs)?Evernym
 
Decentralized governance for SSI and Blockchains with Lawrence Lundy-Bryan
Decentralized governance for SSI and Blockchains with Lawrence Lundy-BryanDecentralized governance for SSI and Blockchains with Lawrence Lundy-Bryan
Decentralized governance for SSI and Blockchains with Lawrence Lundy-BryanSSIMeetup
 
The SSI Ecosystem in South Korea
The SSI Ecosystem in South KoreaThe SSI Ecosystem in South Korea
The SSI Ecosystem in South KoreaSSIMeetup
 
Sensors, Identifiers & Digital Twins: Tracking Identity on the Supply Chain
Sensors, Identifiers & Digital Twins: Tracking Identity on the Supply ChainSensors, Identifiers & Digital Twins: Tracking Identity on the Supply Chain
Sensors, Identifiers & Digital Twins: Tracking Identity on the Supply ChainHeather Vescent
 
Machine identity - DIDs and verifiable credentials for a secure, trustworthy ...
Machine identity - DIDs and verifiable credentials for a secure, trustworthy ...Machine identity - DIDs and verifiable credentials for a secure, trustworthy ...
Machine identity - DIDs and verifiable credentials for a secure, trustworthy ...SSIMeetup
 
Schema Definitions and Overlays for Self-Sovereign Identity (SSI) - Paul Knowles
Schema Definitions and Overlays for Self-Sovereign Identity (SSI) - Paul KnowlesSchema Definitions and Overlays for Self-Sovereign Identity (SSI) - Paul Knowles
Schema Definitions and Overlays for Self-Sovereign Identity (SSI) - Paul KnowlesSSIMeetup
 
Self-Sovereign Identity and the MyData model from Finland - Antti 'Jogi' Poikola
Self-Sovereign Identity and the MyData model from Finland - Antti 'Jogi' PoikolaSelf-Sovereign Identity and the MyData model from Finland - Antti 'Jogi' Poikola
Self-Sovereign Identity and the MyData model from Finland - Antti 'Jogi' PoikolaSSIMeetup
 
Identity and Privacy: Past, Present, and Digital - Brenda K. Leong
Identity and Privacy: Past, Present, and Digital - Brenda K. LeongIdentity and Privacy: Past, Present, and Digital - Brenda K. Leong
Identity and Privacy: Past, Present, and Digital - Brenda K. LeongSSIMeetup
 
Self-Sovereign Identity (SSI) and Open Source - Richard Esplin
Self-Sovereign Identity (SSI) and Open Source - Richard EsplinSelf-Sovereign Identity (SSI) and Open Source - Richard Esplin
Self-Sovereign Identity (SSI) and Open Source - Richard EsplinSSIMeetup
 
Peer DIDs: a secure and scalable method for DIDs that’s entirely off-ledger –...
Peer DIDs: a secure and scalable method for DIDs that’s entirely off-ledger –...Peer DIDs: a secure and scalable method for DIDs that’s entirely off-ledger –...
Peer DIDs: a secure and scalable method for DIDs that’s entirely off-ledger –...SSIMeetup
 
Development of Digital Identity Systems
Development of Digital Identity Systems Development of Digital Identity Systems
Development of Digital Identity Systems Maganathin Veeraragaloo
 
KYC VERIFICATION USING BLOCKCHAIN
KYC VERIFICATION USING BLOCKCHAINKYC VERIFICATION USING BLOCKCHAIN
KYC VERIFICATION USING BLOCKCHAINIRJET Journal
 

More Related Content

What's hot

Trust Frameworks and SSI: An Interview with CULedger on the Credit Union MyCU...
Trust Frameworks and SSI: An Interview with CULedger on the Credit Union MyCU...Trust Frameworks and SSI: An Interview with CULedger on the Credit Union MyCU...
Trust Frameworks and SSI: An Interview with CULedger on the Credit Union MyCU...SSIMeetup
 
Blockcerts: The Open Standard for Blockchain Credentials
Blockcerts: The Open Standard for Blockchain CredentialsBlockcerts: The Open Standard for Blockchain Credentials
Blockcerts: The Open Standard for Blockchain CredentialsSSIMeetup
 
Understanding the European Self-Sovereign Identity Framework (ESSIF)
Understanding the European Self-Sovereign Identity Framework (ESSIF)Understanding the European Self-Sovereign Identity Framework (ESSIF)
Understanding the European Self-Sovereign Identity Framework (ESSIF)SSIMeetup
 
All you need to know about SSI for Corporates and IoT – Heather Vescent
All you need to know about SSI for Corporates and IoT – Heather VescentAll you need to know about SSI for Corporates and IoT – Heather Vescent
All you need to know about SSI for Corporates and IoT – Heather VescentBlockchain España
 
Alastria Digital Identity: the Spanish Blockchain solution for SSI - Carlos P...
Alastria Digital Identity: the Spanish Blockchain solution for SSI - Carlos P...Alastria Digital Identity: the Spanish Blockchain solution for SSI - Carlos P...
Alastria Digital Identity: the Spanish Blockchain solution for SSI - Carlos P...SSIMeetup
 
Overview of Decentralized Identity
Overview of Decentralized IdentityOverview of Decentralized Identity
Overview of Decentralized IdentityJim Flynn
 
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/Sovrin
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/SovrinFOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/Sovrin
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/SovrinCalvin Cheng
 
Decentralized Key Management (DKMS): An Essential Missing Piece of the SSI Pu...
Decentralized Key Management (DKMS): An Essential Missing Piece of the SSI Pu...Decentralized Key Management (DKMS): An Essential Missing Piece of the SSI Pu...
Decentralized Key Management (DKMS): An Essential Missing Piece of the SSI Pu...SSIMeetup
 
DID Resolution: Given a DID how do I retrieve its document? – Markus Sabadello
DID Resolution: Given a DID how do I retrieve its document? – Markus SabadelloDID Resolution: Given a DID how do I retrieve its document? – Markus Sabadello
DID Resolution: Given a DID how do I retrieve its document? – Markus SabadelloSSIMeetup
 
Highlights of Internet Identity Workshop #28 with Drummond Reed
Highlights of Internet Identity Workshop #28 with Drummond ReedHighlights of Internet Identity Workshop #28 with Drummond Reed
Highlights of Internet Identity Workshop #28 with Drummond ReedSSIMeetup
 
What are Decentralized Identifiers (DIDs)?
What are Decentralized Identifiers (DIDs)?What are Decentralized Identifiers (DIDs)?
What are Decentralized Identifiers (DIDs)?Evernym
 
Decentralized governance for SSI and Blockchains with Lawrence Lundy-Bryan
Decentralized governance for SSI and Blockchains with Lawrence Lundy-BryanDecentralized governance for SSI and Blockchains with Lawrence Lundy-Bryan
Decentralized governance for SSI and Blockchains with Lawrence Lundy-BryanSSIMeetup
 
The SSI Ecosystem in South Korea
The SSI Ecosystem in South KoreaThe SSI Ecosystem in South Korea
The SSI Ecosystem in South KoreaSSIMeetup
 
Sensors, Identifiers & Digital Twins: Tracking Identity on the Supply Chain
Sensors, Identifiers & Digital Twins: Tracking Identity on the Supply ChainSensors, Identifiers & Digital Twins: Tracking Identity on the Supply Chain
Sensors, Identifiers & Digital Twins: Tracking Identity on the Supply ChainHeather Vescent
 
Machine identity - DIDs and verifiable credentials for a secure, trustworthy ...
Machine identity - DIDs and verifiable credentials for a secure, trustworthy ...Machine identity - DIDs and verifiable credentials for a secure, trustworthy ...
Machine identity - DIDs and verifiable credentials for a secure, trustworthy ...SSIMeetup
 
Schema Definitions and Overlays for Self-Sovereign Identity (SSI) - Paul Knowles
Schema Definitions and Overlays for Self-Sovereign Identity (SSI) - Paul KnowlesSchema Definitions and Overlays for Self-Sovereign Identity (SSI) - Paul Knowles
Schema Definitions and Overlays for Self-Sovereign Identity (SSI) - Paul KnowlesSSIMeetup
 
Self-Sovereign Identity and the MyData model from Finland - Antti 'Jogi' Poikola
Self-Sovereign Identity and the MyData model from Finland - Antti 'Jogi' PoikolaSelf-Sovereign Identity and the MyData model from Finland - Antti 'Jogi' Poikola
Self-Sovereign Identity and the MyData model from Finland - Antti 'Jogi' PoikolaSSIMeetup
 
Identity and Privacy: Past, Present, and Digital - Brenda K. Leong
Identity and Privacy: Past, Present, and Digital - Brenda K. LeongIdentity and Privacy: Past, Present, and Digital - Brenda K. Leong
Identity and Privacy: Past, Present, and Digital - Brenda K. LeongSSIMeetup
 
Self-Sovereign Identity (SSI) and Open Source - Richard Esplin
Self-Sovereign Identity (SSI) and Open Source - Richard EsplinSelf-Sovereign Identity (SSI) and Open Source - Richard Esplin
Self-Sovereign Identity (SSI) and Open Source - Richard EsplinSSIMeetup
 
Peer DIDs: a secure and scalable method for DIDs that’s entirely off-ledger –...
Peer DIDs: a secure and scalable method for DIDs that’s entirely off-ledger –...Peer DIDs: a secure and scalable method for DIDs that’s entirely off-ledger –...
Peer DIDs: a secure and scalable method for DIDs that’s entirely off-ledger –...SSIMeetup
 

What's hot (20)

Trust Frameworks and SSI: An Interview with CULedger on the Credit Union MyCU...
Trust Frameworks and SSI: An Interview with CULedger on the Credit Union MyCU...Trust Frameworks and SSI: An Interview with CULedger on the Credit Union MyCU...
Trust Frameworks and SSI: An Interview with CULedger on the Credit Union MyCU...
 
Blockcerts: The Open Standard for Blockchain Credentials
Blockcerts: The Open Standard for Blockchain CredentialsBlockcerts: The Open Standard for Blockchain Credentials
Blockcerts: The Open Standard for Blockchain Credentials
 
Understanding the European Self-Sovereign Identity Framework (ESSIF)
Understanding the European Self-Sovereign Identity Framework (ESSIF)Understanding the European Self-Sovereign Identity Framework (ESSIF)
Understanding the European Self-Sovereign Identity Framework (ESSIF)
 
All you need to know about SSI for Corporates and IoT – Heather Vescent
All you need to know about SSI for Corporates and IoT – Heather VescentAll you need to know about SSI for Corporates and IoT – Heather Vescent
All you need to know about SSI for Corporates and IoT – Heather Vescent
 
Alastria Digital Identity: the Spanish Blockchain solution for SSI - Carlos P...
Alastria Digital Identity: the Spanish Blockchain solution for SSI - Carlos P...Alastria Digital Identity: the Spanish Blockchain solution for SSI - Carlos P...
Alastria Digital Identity: the Spanish Blockchain solution for SSI - Carlos P...
 
Overview of Decentralized Identity
Overview of Decentralized IdentityOverview of Decentralized Identity
Overview of Decentralized Identity
 
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/Sovrin
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/SovrinFOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/Sovrin
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/Sovrin
 
Decentralized Key Management (DKMS): An Essential Missing Piece of the SSI Pu...
Decentralized Key Management (DKMS): An Essential Missing Piece of the SSI Pu...Decentralized Key Management (DKMS): An Essential Missing Piece of the SSI Pu...
Decentralized Key Management (DKMS): An Essential Missing Piece of the SSI Pu...
 
DID Resolution: Given a DID how do I retrieve its document? – Markus Sabadello
DID Resolution: Given a DID how do I retrieve its document? – Markus SabadelloDID Resolution: Given a DID how do I retrieve its document? – Markus Sabadello
DID Resolution: Given a DID how do I retrieve its document? – Markus Sabadello
 
Highlights of Internet Identity Workshop #28 with Drummond Reed
Highlights of Internet Identity Workshop #28 with Drummond ReedHighlights of Internet Identity Workshop #28 with Drummond Reed
Highlights of Internet Identity Workshop #28 with Drummond Reed
 
What are Decentralized Identifiers (DIDs)?
What are Decentralized Identifiers (DIDs)?What are Decentralized Identifiers (DIDs)?
What are Decentralized Identifiers (DIDs)?
 
Decentralized governance for SSI and Blockchains with Lawrence Lundy-Bryan
Decentralized governance for SSI and Blockchains with Lawrence Lundy-BryanDecentralized governance for SSI and Blockchains with Lawrence Lundy-Bryan
Decentralized governance for SSI and Blockchains with Lawrence Lundy-Bryan
 
The SSI Ecosystem in South Korea
The SSI Ecosystem in South KoreaThe SSI Ecosystem in South Korea
The SSI Ecosystem in South Korea
 
Sensors, Identifiers & Digital Twins: Tracking Identity on the Supply Chain
Sensors, Identifiers & Digital Twins: Tracking Identity on the Supply ChainSensors, Identifiers & Digital Twins: Tracking Identity on the Supply Chain
Sensors, Identifiers & Digital Twins: Tracking Identity on the Supply Chain
 
Machine identity - DIDs and verifiable credentials for a secure, trustworthy ...
Machine identity - DIDs and verifiable credentials for a secure, trustworthy ...Machine identity - DIDs and verifiable credentials for a secure, trustworthy ...
Machine identity - DIDs and verifiable credentials for a secure, trustworthy ...
 
Schema Definitions and Overlays for Self-Sovereign Identity (SSI) - Paul Knowles
Schema Definitions and Overlays for Self-Sovereign Identity (SSI) - Paul KnowlesSchema Definitions and Overlays for Self-Sovereign Identity (SSI) - Paul Knowles
Schema Definitions and Overlays for Self-Sovereign Identity (SSI) - Paul Knowles
 
Self-Sovereign Identity and the MyData model from Finland - Antti 'Jogi' Poikola
Self-Sovereign Identity and the MyData model from Finland - Antti 'Jogi' PoikolaSelf-Sovereign Identity and the MyData model from Finland - Antti 'Jogi' Poikola
Self-Sovereign Identity and the MyData model from Finland - Antti 'Jogi' Poikola
 
Identity and Privacy: Past, Present, and Digital - Brenda K. Leong
Identity and Privacy: Past, Present, and Digital - Brenda K. LeongIdentity and Privacy: Past, Present, and Digital - Brenda K. Leong
Identity and Privacy: Past, Present, and Digital - Brenda K. Leong
 
Self-Sovereign Identity (SSI) and Open Source - Richard Esplin
Self-Sovereign Identity (SSI) and Open Source - Richard EsplinSelf-Sovereign Identity (SSI) and Open Source - Richard Esplin
Self-Sovereign Identity (SSI) and Open Source - Richard Esplin
 
Peer DIDs: a secure and scalable method for DIDs that’s entirely off-ledger –...
Peer DIDs: a secure and scalable method for DIDs that’s entirely off-ledger –...Peer DIDs: a secure and scalable method for DIDs that’s entirely off-ledger –...
Peer DIDs: a secure and scalable method for DIDs that’s entirely off-ledger –...
 

Similar to Introducing the SSI eIDAS Legal Report – Ignacio Alamillo

Development of Digital Identity Systems
Development of Digital Identity Systems Development of Digital Identity Systems
Development of Digital Identity Systems Maganathin Veeraragaloo
 
KYC VERIFICATION USING BLOCKCHAIN
KYC VERIFICATION USING BLOCKCHAINKYC VERIFICATION USING BLOCKCHAIN
KYC VERIFICATION USING BLOCKCHAINIRJET Journal
 
KYC using Blockchain
KYC using BlockchainKYC using Blockchain
KYC using Blockchainijtsrd
 
Evolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technologyEvolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technologyUlf Mattsson
 
Comparative Study of Blockchain based Verifiable Credentials
Comparative Study of Blockchain based Verifiable CredentialsComparative Study of Blockchain based Verifiable Credentials
Comparative Study of Blockchain based Verifiable CredentialsIRJET Journal
 
DocsInBlocks - A Blockchain-Based Document Handler for Candidate Verification
DocsInBlocks - A Blockchain-Based Document Handler for Candidate VerificationDocsInBlocks - A Blockchain-Based Document Handler for Candidate Verification
DocsInBlocks - A Blockchain-Based Document Handler for Candidate VerificationIRJET Journal
 
A Survey on e-KYC Verifier Using Blockchain
A Survey on e-KYC Verifier Using BlockchainA Survey on e-KYC Verifier Using Blockchain
A Survey on e-KYC Verifier Using BlockchainIRJET Journal
 
The emerging pci dss and nist standards
The emerging pci dss and nist standardsThe emerging pci dss and nist standards
The emerging pci dss and nist standardsUlf Mattsson
 
eIDAS Reference Guide
eIDAS Reference GuideeIDAS Reference Guide
eIDAS Reference GuideSafeNet
 
BLOCKCHAIN-scribd.pptx
BLOCKCHAIN-scribd.pptxBLOCKCHAIN-scribd.pptx
BLOCKCHAIN-scribd.pptxWaterFalls2
 
Certificate Validation using block chain
Certificate Validation using block chainCertificate Validation using block chain
Certificate Validation using block chainAshokkumarK20CS004
 
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Andrew Hughes
 
Protecting Payment Card Data Wp091010
Protecting Payment Card Data Wp091010Protecting Payment Card Data Wp091010
Protecting Payment Card Data Wp091010Erik Ginalick
 
General discussion paper for airports
General discussion paper for airportsGeneral discussion paper for airports
General discussion paper for airportsChas Yap
 
General discussion paper for airports
General discussion paper for airportsGeneral discussion paper for airports
General discussion paper for airportsRexcy
 
The Microsoft vision for Blockchain
The Microsoft vision for BlockchainThe Microsoft vision for Blockchain
The Microsoft vision for BlockchainASPEX_BE
 
Modex Talks - Innovative Technologies in Banking
Modex Talks - Innovative Technologies in BankingModex Talks - Innovative Technologies in Banking
Modex Talks - Innovative Technologies in BankingModex
 
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...Investigation of Blockchain Based Identity System for Privacy Preserving Univ...
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...ijtsrd
 

Similar to Introducing the SSI eIDAS Legal Report – Ignacio Alamillo (20)

Development of Digital Identity Systems
Development of Digital Identity Systems Development of Digital Identity Systems
Development of Digital Identity Systems
 
KYC VERIFICATION USING BLOCKCHAIN
KYC VERIFICATION USING BLOCKCHAINKYC VERIFICATION USING BLOCKCHAIN
KYC VERIFICATION USING BLOCKCHAIN
 
PPT, ENISA, service delivery webinar 310522
PPT, ENISA, service delivery webinar 310522PPT, ENISA, service delivery webinar 310522
PPT, ENISA, service delivery webinar 310522
 
KYC using Blockchain
KYC using BlockchainKYC using Blockchain
KYC using Blockchain
 
Evolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technologyEvolving regulations are changing the way we think about tools and technology
Evolving regulations are changing the way we think about tools and technology
 
Comparative Study of Blockchain based Verifiable Credentials
Comparative Study of Blockchain based Verifiable CredentialsComparative Study of Blockchain based Verifiable Credentials
Comparative Study of Blockchain based Verifiable Credentials
 
DocsInBlocks - A Blockchain-Based Document Handler for Candidate Verification
DocsInBlocks - A Blockchain-Based Document Handler for Candidate VerificationDocsInBlocks - A Blockchain-Based Document Handler for Candidate Verification
DocsInBlocks - A Blockchain-Based Document Handler for Candidate Verification
 
A Survey on e-KYC Verifier Using Blockchain
A Survey on e-KYC Verifier Using BlockchainA Survey on e-KYC Verifier Using Blockchain
A Survey on e-KYC Verifier Using Blockchain
 
Barcelona presentationv6
Barcelona presentationv6Barcelona presentationv6
Barcelona presentationv6
 
The emerging pci dss and nist standards
The emerging pci dss and nist standardsThe emerging pci dss and nist standards
The emerging pci dss and nist standards
 
eIDAS Reference Guide
eIDAS Reference GuideeIDAS Reference Guide
eIDAS Reference Guide
 
BLOCKCHAIN-scribd.pptx
BLOCKCHAIN-scribd.pptxBLOCKCHAIN-scribd.pptx
BLOCKCHAIN-scribd.pptx
 
Certificate Validation using block chain
Certificate Validation using block chainCertificate Validation using block chain
Certificate Validation using block chain
 
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
 
Protecting Payment Card Data Wp091010
Protecting Payment Card Data Wp091010Protecting Payment Card Data Wp091010
Protecting Payment Card Data Wp091010
 
General discussion paper for airports
General discussion paper for airportsGeneral discussion paper for airports
General discussion paper for airports
 
General discussion paper for airports
General discussion paper for airportsGeneral discussion paper for airports
General discussion paper for airports
 
The Microsoft vision for Blockchain
The Microsoft vision for BlockchainThe Microsoft vision for Blockchain
The Microsoft vision for Blockchain
 
Modex Talks - Innovative Technologies in Banking
Modex Talks - Innovative Technologies in BankingModex Talks - Innovative Technologies in Banking
Modex Talks - Innovative Technologies in Banking
 
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...Investigation of Blockchain Based Identity System for Privacy Preserving Univ...
Investigation of Blockchain Based Identity System for Privacy Preserving Univ...
 

More from SSIMeetup

ZKorum: Building the Next Generation eAgora powered by SSI
ZKorum: Building the Next Generation eAgora powered by SSIZKorum: Building the Next Generation eAgora powered by SSI
ZKorum: Building the Next Generation eAgora powered by SSISSIMeetup
 
Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...
Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...
Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...SSIMeetup
 
Value proposition of SSI tech providers - Self-Sovereign Identity
Value proposition of SSI tech providers - Self-Sovereign IdentityValue proposition of SSI tech providers - Self-Sovereign Identity
Value proposition of SSI tech providers - Self-Sovereign IdentitySSIMeetup
 
SSI Adoption: What will it take? Riley Hughes
SSI Adoption: What will it take? Riley HughesSSI Adoption: What will it take? Riley Hughes
SSI Adoption: What will it take? Riley HughesSSIMeetup
 
Web5 - Open to Build - Block-TBD
Web5 - Open to Build - Block-TBDWeb5 - Open to Build - Block-TBD
Web5 - Open to Build - Block-TBDSSIMeetup
 
Portabl - The state of open banking, regulations, and the intersection of SSI...
Portabl - The state of open banking, regulations, and the intersection of SSI...Portabl - The state of open banking, regulations, and the intersection of SSI...
Portabl - The state of open banking, regulations, and the intersection of SSI...SSIMeetup
 
PharmaLedger: A Digital Trust Ecosystem for Healthcare
PharmaLedger: A Digital Trust Ecosystem for HealthcarePharmaLedger: A Digital Trust Ecosystem for Healthcare
PharmaLedger: A Digital Trust Ecosystem for HealthcareSSIMeetup
 
Cheqd: Making privacy-preserving digital credentials fun
Cheqd: Making privacy-preserving digital credentials funCheqd: Making privacy-preserving digital credentials fun
Cheqd: Making privacy-preserving digital credentials funSSIMeetup
 
PolygonID Zero-Knowledge Identity Web2 & Web3
PolygonID Zero-Knowledge Identity Web2 & Web3PolygonID Zero-Knowledge Identity Web2 & Web3
PolygonID Zero-Knowledge Identity Web2 & Web3SSIMeetup
 
Building SSI Products: A Guide for Product Managers
Building SSI Products: A Guide for Product ManagersBuilding SSI Products: A Guide for Product Managers
Building SSI Products: A Guide for Product ManagersSSIMeetup
 
Solving compliance for crypto businesses using Decentralized Identity – Pelle...
Solving compliance for crypto businesses using Decentralized Identity – Pelle...Solving compliance for crypto businesses using Decentralized Identity – Pelle...
Solving compliance for crypto businesses using Decentralized Identity – Pelle...SSIMeetup
 
Learn about the Trust Over IP (ToIP) stack
Learn about the Trust Over IP (ToIP) stackLearn about the Trust Over IP (ToIP) stack
Learn about the Trust Over IP (ToIP) stackSSIMeetup
 
How to avoid another identity nightmare with SSI? Christopher Allen
How to avoid another identity nightmare with SSI? Christopher AllenHow to avoid another identity nightmare with SSI? Christopher Allen
How to avoid another identity nightmare with SSI? Christopher AllenSSIMeetup
 
Explaining SSI to C-suite executives, and anyone else for that matter
Explaining SSI to C-suite executives, and anyone else for that matterExplaining SSI to C-suite executives, and anyone else for that matter
Explaining SSI to C-suite executives, and anyone else for that matterSSIMeetup
 
The 2nd Official W3C DID Working Group Meeting (The Netherlands)
The 2nd Official W3C DID Working Group Meeting (The Netherlands)The 2nd Official W3C DID Working Group Meeting (The Netherlands)
The 2nd Official W3C DID Working Group Meeting (The Netherlands)SSIMeetup
 
The Hyperledger Indy Public Blockchain Node
The Hyperledger Indy Public Blockchain NodeThe Hyperledger Indy Public Blockchain Node
The Hyperledger Indy Public Blockchain NodeSSIMeetup
 
Internet Identity Workshop #29 highlights with Drummond Reed
Internet Identity Workshop #29 highlights with Drummond ReedInternet Identity Workshop #29 highlights with Drummond Reed
Internet Identity Workshop #29 highlights with Drummond ReedSSIMeetup
 
Kiva protocol: building the credit bureau of the future using SSI
Kiva protocol: building the credit bureau of the future using SSIKiva protocol: building the credit bureau of the future using SSI
Kiva protocol: building the credit bureau of the future using SSISSIMeetup
 
The DID Report 1: The First Official W3C DID Working Group Meeting (Japan)- D...
The DID Report 1: The First Official W3C DID Working Group Meeting (Japan)- D...The DID Report 1: The First Official W3C DID Working Group Meeting (Japan)- D...
The DID Report 1: The First Official W3C DID Working Group Meeting (Japan)- D...SSIMeetup
 
SSI: The Trillion Dollar Business Opportunity
SSI: The Trillion Dollar Business OpportunitySSI: The Trillion Dollar Business Opportunity
SSI: The Trillion Dollar Business OpportunitySSIMeetup
 

More from SSIMeetup (20)

ZKorum: Building the Next Generation eAgora powered by SSI
ZKorum: Building the Next Generation eAgora powered by SSIZKorum: Building the Next Generation eAgora powered by SSI
ZKorum: Building the Next Generation eAgora powered by SSI
 
Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...
Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...
Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...
 
Value proposition of SSI tech providers - Self-Sovereign Identity
Value proposition of SSI tech providers - Self-Sovereign IdentityValue proposition of SSI tech providers - Self-Sovereign Identity
Value proposition of SSI tech providers - Self-Sovereign Identity
 
SSI Adoption: What will it take? Riley Hughes
SSI Adoption: What will it take? Riley HughesSSI Adoption: What will it take? Riley Hughes
SSI Adoption: What will it take? Riley Hughes
 
Web5 - Open to Build - Block-TBD
Web5 - Open to Build - Block-TBDWeb5 - Open to Build - Block-TBD
Web5 - Open to Build - Block-TBD
 
Portabl - The state of open banking, regulations, and the intersection of SSI...
Portabl - The state of open banking, regulations, and the intersection of SSI...Portabl - The state of open banking, regulations, and the intersection of SSI...
Portabl - The state of open banking, regulations, and the intersection of SSI...
 
PharmaLedger: A Digital Trust Ecosystem for Healthcare
PharmaLedger: A Digital Trust Ecosystem for HealthcarePharmaLedger: A Digital Trust Ecosystem for Healthcare
PharmaLedger: A Digital Trust Ecosystem for Healthcare
 
Cheqd: Making privacy-preserving digital credentials fun
Cheqd: Making privacy-preserving digital credentials funCheqd: Making privacy-preserving digital credentials fun
Cheqd: Making privacy-preserving digital credentials fun
 
PolygonID Zero-Knowledge Identity Web2 & Web3
PolygonID Zero-Knowledge Identity Web2 & Web3PolygonID Zero-Knowledge Identity Web2 & Web3
PolygonID Zero-Knowledge Identity Web2 & Web3
 
Building SSI Products: A Guide for Product Managers
Building SSI Products: A Guide for Product ManagersBuilding SSI Products: A Guide for Product Managers
Building SSI Products: A Guide for Product Managers
 
Solving compliance for crypto businesses using Decentralized Identity – Pelle...
Solving compliance for crypto businesses using Decentralized Identity – Pelle...Solving compliance for crypto businesses using Decentralized Identity – Pelle...
Solving compliance for crypto businesses using Decentralized Identity – Pelle...
 
Learn about the Trust Over IP (ToIP) stack
Learn about the Trust Over IP (ToIP) stackLearn about the Trust Over IP (ToIP) stack
Learn about the Trust Over IP (ToIP) stack
 
How to avoid another identity nightmare with SSI? Christopher Allen
How to avoid another identity nightmare with SSI? Christopher AllenHow to avoid another identity nightmare with SSI? Christopher Allen
How to avoid another identity nightmare with SSI? Christopher Allen
 
Explaining SSI to C-suite executives, and anyone else for that matter
Explaining SSI to C-suite executives, and anyone else for that matterExplaining SSI to C-suite executives, and anyone else for that matter
Explaining SSI to C-suite executives, and anyone else for that matter
 
The 2nd Official W3C DID Working Group Meeting (The Netherlands)
The 2nd Official W3C DID Working Group Meeting (The Netherlands)The 2nd Official W3C DID Working Group Meeting (The Netherlands)
The 2nd Official W3C DID Working Group Meeting (The Netherlands)
 
The Hyperledger Indy Public Blockchain Node
The Hyperledger Indy Public Blockchain NodeThe Hyperledger Indy Public Blockchain Node
The Hyperledger Indy Public Blockchain Node
 
Internet Identity Workshop #29 highlights with Drummond Reed
Internet Identity Workshop #29 highlights with Drummond ReedInternet Identity Workshop #29 highlights with Drummond Reed
Internet Identity Workshop #29 highlights with Drummond Reed
 
Kiva protocol: building the credit bureau of the future using SSI
Kiva protocol: building the credit bureau of the future using SSIKiva protocol: building the credit bureau of the future using SSI
Kiva protocol: building the credit bureau of the future using SSI
 
The DID Report 1: The First Official W3C DID Working Group Meeting (Japan)- D...
The DID Report 1: The First Official W3C DID Working Group Meeting (Japan)- D...The DID Report 1: The First Official W3C DID Working Group Meeting (Japan)- D...
The DID Report 1: The First Official W3C DID Working Group Meeting (Japan)- D...
 
SSI: The Trillion Dollar Business Opportunity
SSI: The Trillion Dollar Business OpportunitySSI: The Trillion Dollar Business Opportunity
SSI: The Trillion Dollar Business Opportunity
 

Recently uploaded

PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationLinaWolf1
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作ys8omjxb
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一Fs
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Paul Calvano
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一Fs
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一Fs
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa494f574xmv
 
Elevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New OrleansElevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New Orleanscorenetworkseo
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxDyna Gilbert
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhimiss dipika
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predieusebiomeyer
 
Q4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxQ4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxeditsforyah
 
NSX-T and Service Interfaces presentation
NSX-T and Service Interfaces presentationNSX-T and Service Interfaces presentation
NSX-T and Service Interfaces presentationMarko4394
 
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书rnrncn29
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书rnrncn29
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMartaLoveguard
 

Recently uploaded (20)

PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 Documentation
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
 
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa
 
Elevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New OrleansElevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New Orleans
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptx
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhi
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predi
 
Q4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxQ4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptx
 
NSX-T and Service Interfaces presentation
NSX-T and Service Interfaces presentationNSX-T and Service Interfaces presentation
NSX-T and Service Interfaces presentation
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptx
 

Introducing the SSI eIDAS Legal Report – Ignacio Alamillo

  • 1. Introducing the SSI eIDAS Legal Report DR. IGNACIO ALAMILLO DOMINGO SSIMEETUP May 7th , 2020 @NachoAlamillo CC BY-SA 4.0 SSIMeetup.org
  • 2. 1. Empower global SSI communities 2. Open to everyone interested in SSI 3. All content is shared with CC BY SA Alex Preukschat @SSIMeetup @AlexPreukschat Coordinating Node SSIMeetup.org SSIMeetup objectives SSIMeetup.orgssimeetup.org · CC BY-SA 4.0 International
  • 3. •Lawyer, Certified Information Systems Auditor, Certified Information Security Manager. +22 years of experience in public and private sector. Phd thesis on eIDAS Regulation. Researcher at iDerTec (University of Murcia). •Member of UNE CTN71/SC307, ISO/TC307 & CEN-CLC/JTC19. • Co-leader of ISO/TC 307 “Trust Anchors for Decentralized Identity Management”. • Co-editor of ISO/TC 307 TR 23249 “Overview of DLT Systems for Identity Management”. •EU Commission legal expert in EBSI eSSIF and EBSI eIDAS Bridge initiatives. #WhoIAm CC BY-SA 4.0 SSIMeetup.org
  • 4. CC BY-SA 4.0 SSIMeetup.org
  • 5. eIDAS: The Regulation in a nutshell CC BY-SA 4.0 SSIMeetup.org
  • 6. eIDAS: Key principles for eID CC BY-SA 4.0 SSIMeetup.org
  • 7. CC BY-SA 4.0 SSIMeetup.org
  • 8. CC BY-SA 4.0 SSIMeetup.org
  • 9. eIDAS (current) Interoperability Architecture CC BY-SA 4.0 SSIMeetup.org
  • 10. CC BY-SA 4.0 SSIMeetup.org
  • 11. eIDAS (current) Trust Services CC BY-SA 4.0 SSIMeetup.org
  • 12. eIDAS types of e-signatures and e-seals CC BY-SA 4.0 SSIMeetup.org
  • 13. Why eIDAS Regulation in the SSI space? • eIDAS Regulation constitutes the main electronic identification trust framework in the European Economic Area. • eID is a building block of the Digital Single Market, allowing the establishment of cross-border distance electronic relations in the e-Government field. • eIDAS may be extended to include the recognition of eIDs for private sector uses, such as AML/CFT, online platforms, etc. • Its technology-neutral approach could easily allow the usage of SSI systems, constituting a real opportunity for their adoption. • eIDAS Regulation has a strong influence in the international regulatory space, thanks to UNCITRAL recent works. CC BY-SA 4.0 SSIMeetup.org
  • 14. General legal considerations • As a pre-requisite, according to SSI design principles applied in EBSI ESSIF, the person must have obtained a DID, using a valid method, without any critical dependency of a third party. • EBSI ESSIF is limited to natural persons. • General analysis regarding the legal value of verifiable credentials and their presentations. • General legal assessment of DIDs, DID Documents and DID control keys. CC BY-SA 4.0 SSIMeetup.org
  • 15. General legal considerations CC BY-SA 4.0 SSIMeetup.org
  • 16. Legal scenarios wrt eIDAS alignment • Very short term scenarios (no changes in Regulation) 1. Use of notified eIDAS eID means and qualified certificates to issue verifiable credentials. 2. eIDAS Bridge: increasing verifiable credentials’ legal value and cross-border recognition. 3. Use current eID nodes to issue SAML assertion based in a VC/VP. • Short term scenarios (based in interpretation of the Regulation) 4. Use of Verifiable IDs as eIDAS electronic identification means. 5. Issuance of qualified certificates based on a specific DID method and verifiable credential. • Mid to long term scenarios (major changes in the Regulation) 6. Extend eIDAS Regulation Chapter II to additional VCs for attestations. 7. Regulate the issuance of Verifiable Attestations as a trust service. 8. Regulate the activity of Identity Hubs as a trust service, in support of SSI-based Once Only Principle. 9. Regulate delegated key management as an independent trust service, in support of remote wallets. 10. Regulate a specific type of DLT node as a trust service. CC BY-SA 4.0 SSIMeetup.org
  • 17. Scenario 1. Use of notified eIDAS eID means and qualified certificates to issue verifiable credentials • This use case considers the utilization of an eID for the validation of the identity attributes that are to be included in any assertion associated to a DID. This would be a scenario in which a means of identification notified in accordance with the eIDAS Regulation is used to proof the information that will be included in a Verifiable Credential (eSSIF Verifiable IDs). • eIDAS Interoperability regulation defines minimum data sets for natural persons and for legal persons, while Annexes I and III of eIDAS Regulation define the same data set in the case of qualified certificates. • The main advantage of using this approach is that the Verifiable Credential inherits the level of assurance of the eIDAS electronic identification information, allowing a person to get different Verifiable IDs and leveraging their use in the space of decentralized transactions, gaining real privacy. • This is specially true in case the focus on the recognition of specific types of Verifiable ID Presentations. CC BY-SA 4.0 SSIMeetup.org
  • 18. Scenario 1. Use of notified eIDAS eID means and qualified certificates to issue verifiable credentials CC BY-SA 4.0 SSIMeetup.org
  • 19. Scenario 2. eIDAS Bridge: increasing verifiable credentials’ legal value and cross-border recognition • This experience uses qualified certificates to support verifiable credentials and legal evidences with full legal value. • Qualified certificates are regulated under articles 28 (natural persons) and 38 (legal persons) of eIDAS Regulation, and they confirm the identity of the natural person or the legal person. May also contain other identity data, such as mandates. • When qualified certificates are operated in the Cloud, they are specially suitable to authenticate and protect Verifiable Credentials using qualified electronic signatures and electronic seals, thus providing the maximum legal effect and acceptance to blockchain-based transactions. • This technique may generate privacy issues (e.g. allowing re-identification of Verifiable Credentials issuers that are natural persons). • Limitation: With qualified certificates we have confirmation of identity but not confirmation of authority to issue a particular claim. CC BY-SA 4.0 SSIMeetup.org
  • 20. Scenario 2. eIDAS Bridge: increasing verifiable credentials’ legal value and cross-border recognition CC BY-SA 4.0 SSIMeetup.org
  • 21. Scenario 3. Use current eID nodes to issue a SAML assertion based in verifiable credentials/presentations • This scenario consider the possibility to incorporate, to a current “regular” eIDAS node, the capability to accept Verifiable Presentations as a form of user authentication. • The protocol for the communication in the network of eIDAS identification nodes would not change, and the assertion issued by the node would be SAML, just as with other authentication mechanisms. • The VC/VP should include the minimum data set for the user. • The DID method should adopt a minimal set of requirements related to the DID control mechanism, to ensure alignment with the eIDAS Security requirements Regulation. • Interesting as a “fast-track” procedure for the interoperable adoption of the SSI technology in relations with public sector bodies. • But it does not leverage the innovations and privacy enhancements of SSI technologies. CC BY-SA 4.0 SSIMeetup.org
  • 22. Scenario 3. Use current eID nodes to issue a SAML assertion based in verifiable credentials/presentations CC BY-SA 4.0 SSIMeetup.org
  • 23. Scenario 4. Use of Verifiable IDs as eIDAS electronic identification means • eIDAS is an appropriate regulatory framework to embody specific SSI systems, such as EBSI eSSIF Verifiable IDs proposal, aligned with assurance level substantial (or high, depending on the user device and setup). • Although electronic identification under eIDAS Regulation is today clearly aligned with SAML-based infrastructures, nothing in the eIDAS or its implementing acts should prevent the usage of a SSI system as an electronic identification means. • Thus, this use case considers a Verifiable Credential as an eIDAS compliant electronic identification means, enabling –at least– transactions with Public Sector authorities and Public Administrations and, if so decided by its issuer, also with private sector entities, for AML/CFT and other uses. • Again, it would be better to put the focus on a specific type of Verifiable Presentation as an electronic identification means, including rules on the different Verifiable Credentials presented. CC BY-SA 4.0 SSIMeetup.org
  • 24. Scenario 4. Use of Verifiable IDs as eIDAS electronic identification means CC BY-SA 4.0 SSIMeetup.org
  • 25. Scenario 5. Issuance of qualified certificates based on a specific DID method and verifiable credential • With a technologically neutral, wide, interpretation of the eIDAS Regulation (more specifically, of the “certificate” definition), it would be possible to consider a specific DID method + a specific type of Verifiable Credential as a “qualified certificate”, both for natural and for legal persons. • As qualified certificates confirm the identity of the subject (signatory or seal creator), this specific DID method+VC would benefit from the legal effect defined for qualified certificates, and would also support qualified signatures and qualified electronic seals in blockchain transactions. • This type of credential would also qualify as a Verifiable ID, when including the minimum data set. • Moreover, this approach allows transitioning from PKI to DPKI & SSI systems, while maintaining (and even fostering) a valuable market and reusing a convenient and proven supervisory and liability regime. CC BY-SA 4.0 SSIMeetup.org
  • 26. Scenario 5. Issuance of qualified certificates based on a specific DID method and verifiable credential CC BY-SA 4.0 SSIMeetup.org
  • 27. Scenario 6. Extend the eIDAS notification mechanism to Verifiable Attestations: enhanced Trusted Issuers management • eIDAS does not currently offer an appropriate legal framework for other types of Verifiable Credentials. This is reasonable from the perspective of the legal regime of the content (e.g. a diploma). • It would be an opportunity to extend Chapter II of the eIDAS Regulation to schemes for the self-managed sharing of identity attributes (e.g. eSSIF Verifiable Attestations), leveraging the legal infrastructure to create a general, abstract, framework for this process. Sectorial legal norms would define the rules associated to the content (thus fostering the reusable building block concept). • It requires the implementation of a Trusted Issuer management scheme, similar to trust service lists, allowing checks of authoritative sources. • It would consider issuers both from the public and private sector offering this service, wrt the data they’re authoritative for, or they can vouch. CC BY-SA 4.0 SSIMeetup.org
  • 28. Scenario 6. Extend the eIDAS notification mechanism to Verifiable Attestations: enhanced Trusted Issuers management CC BY-SA 4.0 SSIMeetup.org
  • 29. Scenario 6. Extend the eIDAS notification mechanism to Verifiable Attestations: enhanced Trusted Issuers management CC BY-SA 4.0 SSIMeetup.org
  • 30. Scenario 7. Regulate the issuance of Verifiable Attestations as a trust service • Following the legal logic of qualified certificates (which could be deployed as DID+VC under specific rules), it could be possible to define a new trust service, oriented to the issuance of VCs containing identity attributes (other than foundational identity attributes contained in VCs issued as qualified certificates). • Main benefits include benefiting from the all the common rules, supervisory framework and liability model set up in Chapter III of the eIDAS Regulation (a legal trust anchor). • It would increase the market for EU qualified trust service providers, helping them compete in a global scale vs other SSI network’s trust models, requiring issuers to be “authorized” by the network’s governors (e.g. trust anchors in Sovrin or ARIES). CC BY-SA 4.0 SSIMeetup.org
  • 31. Scenario 7. Regulate the issuance of Verifiable Attestations as a trust service CC BY-SA 4.0 SSIMeetup.org
  • 32. Scenario 8. Regulate the activity of Identity Hubs as a trust service, in support of SSI-based Once Only Principle • Identity hubs allow controlling access to personal or corporate information conveyed in form of VCs. • They can be seen as repositories of data shared by a subject, directly or when consent has been explicitly given; in that sense, they support the once only principle (TOOP) in new scenarios (e.g., when interchanging public sector issued data with private sector third parties). • They manage permissions, produce information with legal relevance (e.g., access logs) and must store data in a trustworthy manner, on behalf of the subject. • It would be convenient to regulate this activity as a trust service, with the aim to set up a strict legal framework to protect subjects. CC BY-SA 4.0 SSIMeetup.org
  • 33. Scenario 8. Regulate the activity of Identity Hubs as a trust service, in support of SSI-based Once Only Principle CC BY-SA 4.0 SSIMeetup.org
  • 34. Scenario 8. Regulate the activity of Identity Hubs as a trust service, in support of SSI-based Once Only Principle CC BY-SA 4.0 SSIMeetup.org
  • 35. Scenario 9. Regulate delegated key management as an independent trust service, in support of remote wallets • DIDs require key management activities. Control is foundational to the SSI concept itself. • eIDAS advanced electronic signature (for natural persons) require that the signatory has exclusive control of the signature creation data, a requirement already developed by CEN & ETSI standards (EN 419 241, parts 1 and 2; TS 119 431-1). When used to endorse a transaction, the DID key is, actually, signature creation data. • In many cases wallet providers are already offering server-side wallet services with few or no guarantees at all, in the best case supported by social recovery mechanisms. • Although it may reintroduce partial centralization (which may be considered against the most purist SSI philosophy), it would be convenient to regulate key management as an independent trust service, to increase server-side wallet providers quality and liability. CC BY-SA 4.0 SSIMeetup.org
  • 36. Scenario 9. Regulate delegated key management as an independent trust service, in support of remote wallets CC BY-SA 4.0 SSIMeetup.org
  • 37. Scenario 10. Regulate a specific type of DLT node as a trust service • Finally, we can envision the possibility of extending the eIDAS Regulation to a specific trust service consisting on the operation of a specific type of node, for a specifically designed DLT, tailored for the generation of electronic evidences. • This approach would allow setting up a series of additional requirements aimed to deploy distributed networks that balance the public/legitimate interest in the legal certainty of electronic proofs, with the rights and expectations of all parties. • It could be a baseline service on top of which other services would be reliably deployed (namely, identity and signature/seal services, timestamping services or electronic registered delivery services). • Regulation would cover aspects such as governance and consensus models, time synchronization, crypto security, software certification… but also legal limits to PII rights, such as right to modification or right to erasure. CC BY-SA 4.0 SSIMeetup.org
  • 38. Scenario 10. Regulate a specific type of DLT node as a trust service CC BY-SA 4.0 SSIMeetup.org
  • 40. Introducing the SSI eIDAS Legal Report DR. IGNACIO ALAMILLO DOMINGO SSIMEETUP May 7th , 2020 @NachoAlamillo CC BY-SA 4.0 SSIMeetup.org