10E/ Initial Trust in SSI Triangle - Analysing Trust Relationship, Existing and New Mechanisms

From IIW

Initial Trust


Wednesday 10E

Convener: Micha Kraus, Paul Bastian

Notes-taker(s): Micha & Paul


Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:


How can we bootstrap trust relationships in a new DID ecosystem?

How can Alice be sure that after scanning a QR Code, she will give her personal data to the right verifier?

In the TOIP triangle scheme only one trust relationship is described.

We look at the different relationship and approaches to establish these connections.


( a ) verifier needs to know: Is the issuer trustworthy? (which value do the credentials have?)

( b ) holder needs to know: Is the verifier trustworthy? (will the verifier respect my privacy?)

( c ) issuer may need to know: Is the holder’s wallet trustworthy? How can I prevent misuse of the offered credentials?


Link to document.

https://hackmd.io/z-FRlDF6QouUeokp4UT_0g?view


Zoom Chat:


From Sam Curren : Governance Frameworks!

From Chris Buchanan : https://wiki.trustoverip.org/display/HOME/Ecosystem+Foundry+Working+Group

https://wiki.trustoverip.org/display/HOME/Governance+Stack+Working+Group
https://wiki.trustoverip.org/display/HOME/GSWG+Trust+Assurance+Task+Force

From Vishal Gupta : https://www.diro.io

From Sam Curren : related to this, but on the user verification side: https://github.com/hyperledger/aries-rfcs/pull/535

From Jim St.Clair : We're working on this in Sovrin and TOIP in a Trust Assurance Framework

From Micha Kraus : https://webgate.ec.europa.eu/tl-browser/#/

From Keith Kowal : https://europa.eu/europass/digital-credentials/issuer/