Rebooting the Web of Trust V (Fall 2017) Final Papers
by Christopher Lemmer Webber & Manu Sporny
An overview of the W3C ActivityPub protocol.
by Joe Andrieu & Team
This paper reinterprets Christopher Allen’s Rebooting the Web of Trust user story through the lens of the Information Lifecycle Engagement Model. It presents a human-centric illustration of an individual’s experience in a self-sovereign, decentralized realization of the Web of Trust as originally conceived by Phil Zimmerman for PGP.
by Greg Slepak & Anya Petrova
A probability proof of the DCS Triangle. Why can't decentralized consensus systems have all three of decentralization, consensus, and scale? Plus, two methods for getting around these limitations.
by João Santos & Kim Hamilton Duffy
Blockcerts are blockchain-anchored credentials with a verification process designed to be decentralized and trustless. This proposal describes an alternate method of issuing Blockcerts using Ethereum, which allows for a new form of revocation by either the issuer or the recipient.
Engineering Privacy for Verified Credentials: In Which We Describe Data Minimization, Selective Disclosure, and Progressive Trust (Text)
by Lionel Wolberger, Brent Zundel, Zachary Larson, Irene Hernandez & Katryna Dow
We often share information on the World Wide Web, though some of it is private. The W3C Credentials Community Group focuses on how privacy can be enhanced when attributes are shared electronically. In the course of our work, we have identified three related but distinct privacy enhancing strategies: "data minimization," "selective disclosure," and "progressive trust." These enhancements are enabled with cryptography. The goal of this paper is to enable decision makers, particularly non-technical ones, to gain a nuanced grasp of these enhancements along with some idea of how their enablers work. We describe them below in plain English, but with some rigor. This knowledge will enable readers of this paper to be better able to know when they need privacy enhancements, to select the type of enhancement needed, to assess techniques that enable those enhancements, and to adopt the correct enhancement for the correct use case.
by Adrian Gropper, Drummond Reed & Mark S. Miller
Identity Hubs as currently proposed in the Decentralized Identity Foundation (DIF) are a subset of a general Decentralized Identifier (DID) based user-controlled agent, based on ACLs rather than an object-capabilities (ocap) architecture. Transitioning the Hubs design to an ocap model can be achieved by introducing an UMA authorization server as the control endpoint.
Christopher Lemmer Webber & Mark S. Miller
Linked Data Signatures enable a method of asserting the integrity of linked data documents that are passed throughout the web. The object capability model is a powerful system for ensuring the security of computing systems.
by Manu Sporny & Dave Longley
The Veres One Ledger is a permissionless public ledger designed specifically for the creation and management of decentralized identifiers (DIDs). This specification defines how a developer may create and update DIDs in the Veres One Ledger.
by Marta Piekarska, Michael Lodder, Zachary Larson & Kaliya Young (Identity Woman)
This document describes the GDPR requirements and the different approaches to digital identity solutions and finally explains why distributed ledger technology may offer an opportunity for enterprises to simplify data management solutions that are GDPR compliant.