2020-02-06 15:00

1月末に、アイデンティティ業界の最先端を走る方々と自己主権型アイデンティティの実現について一日中議論する、という贅沢な機会に恵まれました。 その中で、業界の基本文書である「インターネット世界におけるアイデンティティの7つの基本原則」を自己主張型アイデンティティの実現を前提にアップデートするとどうなるかを、著者であるキム・キャメロン氏本人との議論をもとにまとめています。

2005年に発表された7つの基本原則は、CTCの富士榮さんによって抄訳されており、OpenID Foundationの崎村さんのブログでもその重要性が強調されております。

※ 以下、英語でメモをとったままですが、近日中に日本語訳予定です。

The laws of Identity in SSI era - lecture by Kim Cameron


  • Collaboratively written in 2004
  • The purpose was to 1/ show that privacy is not ignorable; 2/ prevent the emergence of invasive practices

I. User Control and Consent

  • Helps secure longevity of identity system, since systems die if users do not like it
  • Based on assumption that users will eventually begin to understand problems in the system

II. Minimal disclosure for a constrained use

  • Exchange only what is required for a specific purpose

III. Justifiable parties

  • Stops disintermediation = Nobody should be involved in an identity transaction if there is no need for them to be present there
  • Based on Microsoft's early experience that enterprises did not want Microsoft to be in the middle of their relation with entities - concern currently largely shared towards other enterprises such as Amazon, Google

IV. Directed identity

  • Supports both identifiers: "omni-directional" ones for public entities such as, and "unidirectional identifiers" ones for private entities such as Kim Cameron is a father
  • Prevents correlation - tracking between identifiers - through the use of pairwise identifiers
    • Privacy and security are tightly connected
  • Incorporated concept in the EU - European digital economy blue print and is foundation of GDPR - but need to be conscious in other countries
  • Key concept to SSI
    • A person is not a public entity that you can put single public identifier on blockchain

V. Standardized identity hub

  • User can represent him/herself and use identity in a consistent manner across providers, with identity being separated across the context at the same time
  • Same thing as an Identity Agent in that it is 'technology for the self'

VI. Standardized DID for long-terms identity stability

  • Need to survive bankruptcy of identity operators and retain relationships with services
    • Storing personal data in a way that it is not dependent on the operators
    • Standardization at the data layer, key formats, etc.
  • Public blockchains may serve the purpose because they are not controlled by a single entity
    • Do not put identifiers on blockchain
    • Use blockchain as a storage that organizes pieces of software that holds personal information

VII. Human integration

  • Technologists need to be aware that users are a part of the system, and the system must be designed according to user needs, not tech needs
    • Ex. No more long complicated passwords

Q&A + Discussion

Transparency is missing?

  • Consistency across the emerging number of ledgers
  • System of auditability that any part of the system works
  • Whole level outside technology that needs to be conquered

Problem with the naming of SSI

  • Historical truth: FBI considers as a terrorist threat a political movement called self-sovereign by those who do not believe in the government

Support of immutability and handling expired claims

  • This is about right to be forgotten, which has to be separated from the question of endurance
    • Deletion will be within the "flock", a place where individuals' credentials sit surviving the owner, but whether the provider will delete too or not is only governable by the governments
    • Caveat: some things in 'social memory' will not be forgotten
  • Data should not be in the blockchain, except for secrets and rendez-vous information (technical dive)

What about putting on the blockchain information that I do not want the governments to wipe out?

  • System needs to be designed taking into account a possibility that any of its components can break down: even the government part
  • Governments are in the position of the control, but it is also a component, and needs to be switched out if it becomes non-functioning

Role of the government

  • Need to distinguish gov as a claims provider and maintainer of the metadata frameworks, imperium
    • In financial industry, governments are providers by law
    • System that unifies claims provider in one is still a functioning system
    • Legal and tech aspect: German government accepts refugee credentials in their system, which makes these credentials functionable outside a refugee camp
  • Seeing govs and other “trusted enditites” as replaceable components
    • In a case of breach, anyone should be excluded from a trust framework, even the gov
  • How do you design a system where you can switch off a government
    • Regulations cannot be ignored because they enable how identity is being used
    • When the government becomes dysfunctional, financial industry will take over in order to survive

※ 上記は、私が自分が理解した通りに自分の言葉でまとめてたものです。Kim Cameronが自分で語っている様子は、以下のKeynoteがおすすめです。

Embedded content: