Self-issued Identifier: Difference between revisions

Full Title or Meme

Wiki Page to track the use of Identifier in the Identity Ecosystem

Context

• This wiki is focused on the use case of a Self-issued Identifier in a mobile device. It is recognized that other use cases also exist, but it seems that this use case covers all the issues.
• With the rise of the W3C program on Decentralized Identifiers, there is a need for the Identity Ecosystem to coordinate with other teams developing this technology.
• At the 2020-06-16 meeting of the FIRE WG a liaison effort was approved. That effort is tracked here.

History

• The [OpenID Connect Core 1.0 was issued on 2018-11-08 with section 7 covering self-issued ID.

Problems

• The current work of the Decentralized Identifiers has proceed with little concern for how it might integrate with existing Identity Ecosystems.
• Self-issued Identifiers of all types depend on secret values held by the user in portable protected storage, for example a smartphone or WebAuthn key.
• If the user's hardware device is stolen or disable, the recover of the user's identifier can be a challenge which could turn into a UX nightmare if not handled well.
• In particular the SIOP program has been developing standards which look a lot like the DIA and other work in the Kantara work groups without any coordination.

References

• Client Bound End-User Assertion
• Self-Issued OpenID Connect Provider DID Profile
• another wiki page on Self-issued ID
• wiki page on Self-issued OpenID Provider
• wiki page on Self-Sovereign Identity
• Using OpenID Connect Self-Issued to Achieve DID Auth from Mike Jones
• Who is the special openid connect url issued to and is it a risk? http://self-issued.me