Alex Preukschat - Self-Sovereign Identity: Decentralized digital identity and verifiable credentials

Decentralized digital identity and verifiable credentials

Alex Preukschat, Drummond Reed

with Christopher Allen, Fabian Vogelsteller,

and 52 other leading identity experts

Foreword by Doc Searls

To comment go to liveBook

Manning

Shelter Island

For more information on this and other Manning titles go to

www.manning.com

For online information and ordering of these and other Manning books, please visit www.manning.com. The publisher offers discounts on these books when ordered in quantity.

For more information, please contact

Special Sales Department

Manning Publications Co.

20 Baldwin Road

PO Box 761

Shelter Island, NY 11964

Email: orders@manning.com

2021 by Manning Publications Co. All rights reserved.

No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by means electronic, mechanical, photocopying, or otherwise, without prior written permission of the publisher.

Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in the book, and Manning Publications was aware of a trademark claim, the designations have been printed in initial caps or all caps.

Recognizing the importance of preserving what has been written, it is Mannings policy to have the books we publish printed on acid-free paper, and we exert our best efforts to that end. Recognizing also our responsibility to conserve the resources of our planet, Manning books are printed on paper that is at least 15 percent recycled and processed without the use of elemental chlorine.

ISBN: 9781617296598

Thanks to my family, who have always been patient with me as I explore new projects and paths, as in writing this book. Thanks to the identity and blockchain community that helped me discover and learn about many aspects of my true self and where the world might be going with decentralized technologies.

A.P.

To the love of my life, who has been waiting 33 years since we were marriedand 22 years since I went down the digital identity rabbit holejust to see the one simple thing I promised hergetting rid of those &^%$# passwords!

To my two sons: this is a path to a better world that Ive been beating since you were born. I hope you both are able to trod upon it all of your daysand the days of your childrens childrens children.

D.R.

Self-Sovereign Identity offers a new perspective on one of the most important challenges of society and computing: safely managing our digital identities. As early adopters and leaders in this area, Drummond Reed and Alex Preukschat are uniquely able to introduce the technology and potential of SSI. In this book, youll enjoy not just their insights, but also the experiences of many other leading practitioners.

Most of what we call identity isnt. Its identifiers. Its how some organization identifies you: as a citizen, a driver, a member, a student. Those organizations may issue you an ID in the form of a passport, license, or membership card, but that isnt your identity. Its their identifier. Your identityhow you are known to yourself and to othersis something else: something much more personal and under your control as a self-sovereign human being.

Self-sovereign identity (SSI) gives you control over what others need to verify about you, on a need-to-know basis. Simply put, it replaces identifiers with verifiable credentials. And, in the process, it greatly simplifies and speeds up the way identity works in the digital world for both individuals and organizations.

Its early in the evolution of SSI; but not so early that we cant get answers to the questions of how its going to work and where its going. Both of those questions are of massive importance and why this book is essential at this juncture in the history of digital technology. Reading and learning whats being shared here might be the most leveraged thing you do this decade.

But before you start, it should help to visit how identity already works in the natural world where we live and breathe. True, it can get complicated, but its not broken. For example, if an Inuit family from Qikiqtaaluk wants to name their kid Anuun or Issorartuyok, they do, and the world copes. If the same kid later wants to call himself Steve, he does. Again, the world copes. So does Steve.

Much of that coping is done by Steve not identifying himself unless he needs to and then not revealing more than whats required. In most cases, Steve isnt accessing a service but merely engaging with other people, in ways so casual that no harm comes if the other person forgets Steves name or how he introduced himself. In fact, most of what happens in the social realms of the natural world is free of identifiers and free of recollection.

How we create and cope with identity in the natural world has lately come to be called self-sovereign, at least among digital identity obsessives such as myself. And there are a lot of us now. (Search for self+sovereign+identity and see how many results you get.)

Self-sovereign identity starts by recognizing that the kind of naming we get from our parents, tribes, and selves is at the root level of how identity works in the natural worldand that this is where we need to start in the digital world, as well. In the simplest possible terms, we need to be in control of it.

Our main problem with identity in the digital world is that we started with no personal control at all. Everything we did with identity began with organizations need to put names in databases. This served the administrative convenience of those organizationsand our convenience only to the degree that we are known separately to all the organizations that know us.

If we want to make SSI work on the internet, we have to respect the deeply human need for self-determination. That means we need to provide individuals with new ways to obey Kim Camerons seven laws of identity (explained in chapter 1), most notably individual control and consent, minimum disclosure for a constrained use, and justifiable parties.

Put as simply as possible, we need to give administrative systems no more personal information than they require. We call that information