Eve, Thanks for the HIE of One pitch. We've added self-sovereign ID to HIE of One using uPort. This now gives the resource owner 4 options for authentication at the UMA AS 1. Direct Login to the AS 2. Whitelisting OIDC IDPs as an option of UMA resource registration 3. Federated login using OIDC 4. Self-sovereign Blockchain ID with linked verifiable claims These 4 options are demonstrated in the latest addition to HIE of One in a 2-minute video: https://youtu.be/FNlAkGauIdw Your recent slides seem somewhat harsh on self-soveriegn ID. Sovrin is just one of the blockchain-based self-sovereign IDs that are currently being standardized <https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust-fall2016/blob/master/draft-documents/DID-Spec-Implementers-Draft-01.pdf>. Let's review your concluding slide: 1. The uPort app doesn't require the user to remember either a username or password 2. I'm not sure how to interpret "unilateral user actions" - please elaborate 3. People have rejected federation for anything other than low levels of assurance. A self-sovereign ID can be high assurance while also protecting pseudonimity through separable verifiable claims. 4. Self-sovereign ID respects the needs of RS (strong authentication), AS (open reputation mechanism and verifiable claims, and RqP (triple-blind attribute handling, privacy-preserving claims, on ID app across all domains). 5. I'm not sure how to interpret "consent more meaningful in this context" - please elaborate 6. The limits of federation are now obvious. Standards-based self-sovereign ID seems much more likely to scale. Adrian On Fri, Dec 2, 2016 at 5:01 PM, Eve Maler <eve.maler@forgerock.com> wrote:
As promised... Here are my slides <https://www.dropbox.com/s/wwxgzpykhq0ja2n/2016Q4-GartnerIAM-UserCentricIdentityStandards-20161129%28revised%29.pdf?dl=0> from the presentation this week, my 2008 slides <https://www.dropbox.com/s/ahsy3eusmdto3pb/Maler-NZIDConf-Apr2008.pdf?dl=0>, and the accompanying journal paper <https://www.dropbox.com/s/fcl0txic8mtrr8k/Maler-NZIDConf-Apr2008-paper-Jan09rev.pdf?dl=0> .
*Eve Maler*ForgeRock Office of the CTO | VP Innovation & Emerging Technology Cell +1 425.345.6756 <%28425%29%20345-6756> | Skype: xmlgrrl | Twitter: @xmlgrrl
_______________________________________________ DG-BSC mailing list DG-BSC@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-bsc
-- Adrian Gropper MD PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/