IIW XXVIII: my thoughts about the Internet Identity “unconference”

This was my first Internet Identity Workshop (IIW) attendance, and it will be the first of many. Really impressed and impacted about the good energy throughout the three days.

IIW is the conference about identity. Actually, has an unconference format, which means that the agenda is set each morning by the attendees, and every single person can attend any session based on her interest. More than 120 sessions were proposed and had to “compete” for their audience along the 1 hour-long slots across 13 meeting rooms (with 5 sessions per day).

Attendees were highly experienced professionals with a diverse domains of experience, which made the sessions quite deep with a high participation and discussion. Actually, these sessions were real workshops, in the classic term of the word, not that much of a TED talk, but a real interactive working group session, where the topics could be from philosophical debates (i.e. what is the meaning of decentralized) to profound technical approaches (such as, Offchain PKI Management), with business oriented sessions (as the session held by Timothy Ruff of Evernym, about The Business of SSI).

I admit that it was a 3-day masters program for me, leaving my brain drained after every single intensive day.

A week after the IIW conference, I wanted to share my five takeaways about the Internet Identity Workshop XXVIII (take into account that I assisted to a barely 10% of the +120 sessions that took place):

SSI, the backbone of IIW 28

Solutions about Self-Sovereign Identity are a fact and no introduction is required. The community is working on defining what needs to be done to make them broadly adopted.

DIDs, the key for the SSI expansion

Many debates have been around the concept of the Decentralized Identifiers (or DIDs). Basically, because it is the key of any SSI solution, on what it relays the “self-sovereign” digital identity, and specially, because the recent discussion on the community about it, whether a did:facebook or did:web:domain.com could also be a DID.

In that sense, two sessions were relevant to showcase the importance of DIDs. In one case, there was a presentation of the Universal Resolver and Universal Registrar. Two initiatives hosted on the Decentralized Identity Foundation (DIF), that worked as an abstract layer to resolve and register any decentralized identifier to its correspondent ledger. Still experimental, but towards a global interoperability space. In another session, I witnessed the genesis of a new did:git method spec, that can become a tipping point for the Linux Foundation developers community.

To be interoperable or not to be

I could say that interoperability has been one of the major pain points during this 2019, and IIW sessions were a mere reflection of that. To have a global scale SSI solution not being controlled by a single company, the community need to cooperate, and fast. We are already on that.

There is an ongoing Interop project inside de DIF community working on that, which had a F2F meeting the previous day of IIW, and most of the session was dedicated to brainstorm what should have a “happy” use-case interoperable with the current SSI Solutions.

Many sessions were a follow-up of the DIF F2F. In some cases, tackling the specifics about the interoperability among solutions, and other explaining the technical details of a company’s solution: DID Communications, DID-Auth spec, Routing communications, Encryption, Hub/Agents discussion, Linked Proofs and ZKP, …

There was also the presentation of a new layer 2 ledger-agnostic protocol, called Sidetree, and developed mainly by Microsoft, that works towards the so much needed scalability and cost-efficiency of SSI solutions to be adopted on a mass scale. Microsoft presented its implementation on Bitcoin, called ION, and Transmuted demoed its solution on Ethereum, called Element.

Hyperledger Identity ecosystem, as one of the major initiatives

A few bunch of sessions were lead by Hyperledger professionals or some other company presenting a solution based on Hyperledger (such as the amazing British Columbia Gov project on identity or its the demonstration of the IIWBook). The Hyperledger community is very active and pushing towards a new ecosystem of interoperability: with their already existing Hyperledger-Indy framework, they released the Ursa (a shared cryptographic library), and announced the new Aries project, also known as the “Hyperledger shared wallet project”, that constitutes an evolution of Indy libraries to make them really interoperable.

Europe needs to be more involved

From all the +120 sessions, only one talked about GDPR, a regulation that impacts directly on SSI. There should be more proposals about how to make it legally usable, more explanations about what it matters, and definitely more debate about the main topics on Internet in Europe: GDPR and eIDAS, and how to make them compatible to the SSI world. I, as part of Validated Id, a company based in Barcelona, was aware of it and would make my best effort to promote it and work on that.

Those were my five, that could be different for any of the +230 attendees in the 28th IIW edition. But my main key takeaway is that you MUST attend the Internet Identity Workshop to be part of the design of the new identity world. Looking forward for the next conference on October.