 Great. Welcome everyone to the Identity Implementers Working Group call for May 19th, 2022. Thank you for joining us today. My name is Char Haaland and I'm a co-moderator of this group with Heather Dahl. Today we will switch up the order, the usual order to accommodate schedules and we'll start with the presentation in the first half of the call, and then move into the working group updates in the second half of the call. So we'll hear a presentation from Adrian Sanglier, Yuri Feliciano, and Heather Dahl on the CARDIA project, verifiable credentials for health information go open source. And as usual, since this is a hyperledger call, we are following the antitrust policy and the hyperledger code of conduct. We are collaborators in this space and anything confidential or proprietary is not discussed on this call. As usual, if you have an interesting projects able to be shared publicly that you'd like to talk about on this call you're very encouraged to do so just reach out to me and we will schedule you in for a presentation on a future call. This call is being recorded, and will be posted on the meeting page later today. So if we can move on to introductions, would anybody like to introduce yourself if you are new or rejoining or just would like to say hi and a few words about what you're involved in in this space. For Adrian and Yuri, I'll introduce you before the presentation, but you're welcome to say hello now as well. Good morning here in Aruba. My name is Yuri Feliciano, an innovation advisor with the Minister of Tourism and Health. And yeah, we've been working with Heather and Adrian on this project for about almost two years now. And so it's very exciting that now we are able to voice all this nice work that we've done. Thank you. Great. We're glad to have you on the call. Thank you. I'll go ahead. So my name is Adrian Sanglier. I'm working for CITA. So CITA is the IT provider of the industry and connecting online and port and governments in many steps of the travel continuum. I've been engaged in, well, some years ago on researching digital identity and especially how can open source help us to streamline those conversations between those three major stakeholders in the industry for the good of everybody, all travelers mainly. And I'm working at the CITA lab. So that's the research arm of CITA. And I'm leading the blockchain and digital identity research program. And I'm very, very happy to be talking about all, all jointly for today. Great. Thank you so much for joining us. All right, and I have sent out the wiki link for this meeting. So if you're willing to just put down your name. To show that you attended today, that would be great. So now we are, instead of jumping into working group updates, we're going to turn it over to Heather, Adrian, and Yuri to hear about the Cardia project. So I will pass it over to you three. Great. And I'll, I'll share the slide deck with everyone here. I'm so happy to be here talking with you today, Adrian, Yuri, and I this follows on the presentation that we did last week, which was the first time the three of us talked jointly in a presentation session. Actually, we were physically in the same location too, which was a milestone, because as Yuri said, this marks two year anniversary for us working on this project which makes it especially exciting. The other thing that we want to flag is that we had the honor of being there with Adrian and CEDA. When they won the Cupinger Coal European Identity and Cloud Conference Verifiable Credential Award that was given that night the same evening that we gave our presentation. And so it's an honor to be here with both of them to present about the work that we have been more focused on for so long. So I think, you know, a good place to start Adrian like they say is what is the problem that you're solving from CEDA's perspective, two years ago. What was the problem that you were looking to solve. It's hard to believe it's been two years already. But you're right, it's important to mark the milestone. And I think that's the best way ever we could have it was last week. It was a good emotional moment at the EIC. So really, the problem we're looking at solving is, well, international travel. I think it has been more complicated than ever. With those changing requirements, lots of paper documents now are required to travel along the whole. And when you think you usually go at the airport with a bunch of printed documents, you're not exactly sure which one going to be required, inspected, needed. Even the airline agents sometimes do not really know where the current states of the regulation falls that specific destination. I would say, in a nutshell, we need preclearance. That means we need to have a confirmation that on a digital way, before going to the airport, I have met all the requirements to fly to this country. But governments in order to provide the determination would also need some assurance about the data. We need access to verifiable information so that preclearance can be given to the passenger. And as a passenger, then I feel good because I know I would be, I would be clear to fly to this destination. So that's really the main, the main problem we're looking at solving. And then you're a from your where you sat two years ago. Today, it's really hard to believe that Aruba was closed. What was your reality? What was the problem that you were looking to solve with this collaboration? Yes. Yes, it's, it's incredible it's been two years. But but like I like to be clear Aruba is not more than 90% dependent on tourism. So closing the border was a pretty big deal for us. And exactly like Adrian saying you, you as the government would implement the rules, you would have to actually make sure that they are viable for the traveler. And this this word that agent use also the preclearance was very important. You have all these paper documents yet yet you don't know the legitimacy of any of them. You're just going by, by, by, by your eyes most of the time. And this was a big issue for us. And it was a big issue as we are opening back the border. So having this verifiable credential verifiable data and directly connected so that you are in a way what we accomplished with this pilot was that you are held preclear to come to the country. And this was important for us because especially as tourism is our big deal is our main bread and butter. The, the tourists, even though you would even we had the upload of a document, it still takes time. It's not immediate. It's not preclear as agency. And we, we saw also cancellations between these times. So this was a big problem and it's a huge benefit for the travel for sure. What I'm going to do is I'm going to switch screens because I want to show where we were at one year ago. And this is the happy traveler card as you can see everyone here it's on YouTube you can watch it as well on your free time. And this marked was our first deployment of this system in the wild with with restaurants casinos arrival, the clinics at the clinic at the airport clinics, and we needed a way to communicate this. And so what this video does is it outlines what we did in our first year so I'm going to play it over to you first. We did that implementation a year ago. And at that time, what did that work mean for CEDA and innovation in the commercial aviation industry. And what happened since then. Right, so I think what we demonstrated with this project is really that decentralized identity works to a change health data. And I think there was a major milestone. It works because well it's simple. You do not need to establish point to point connections with all the verifiers and all the issues. It is secure of course because it's based on everything that has been done in the last maybe decade or two decades on on the open source community using all the cryptographic standards that that we know on Ursa and you know. I think it is preserving privacy about individuals about issues. Because well it follows of course the principle of self sovereign identity. So then what we've done is, well, we have taken this trust platform that was this proven, and we enrich it with health data that is coming from health providers from other jurisdictions. So that's as a traveler, I can claim this health data. I can store it on my wallet and control it on my wallet one form of mobile application and then exchange it with an ETA system that Aruba government already had so ETA electronic travel authorization. Therefore, the Aruba government as it is very valuable information that is digital can take well an informed decision about this data which is we've seen exchange privately and can then issue something back to the individual. So that's the main change in the process is as a traveler, I'm flying to this country. I've submitted this information exchanging data directly with this web and I get something back instead of in form of of another variable credential and I have a receipt that yes I've been authorized to travel to Aruba so that I feel happy now when I travel and I go to the airport because I've passed successfully all the health checks. And Yuri that was great anyway Adrian talked about is the traveler I'm happy and that that is the theme of Aruba is happy. When you saw the system go into play a year ago. How does something like decentralized identity not only address the problem that you were solving but then beyond that. Well, yeah, well, I have to say we had the different solutions. So you have something like this that is completely decentralized and we were also other we were running other pilots with centralized and completely centralized other ones. So you see this great benefit in giving the traveler more power. In many sense we are as the island we want to protect the traveler and that's what verifiable data gets us as to not only the individual but the ones that he will be in contact with. So, the part of decentralization, I have to be honest, in the beginning, it was very hard to explain. So when I see this video I'm always happy to see this video because it was something so nice that we can express what we were talking about. Yeah, so for the island it was very important to have a solution like this that you can say that you give back the power to the traveler. And I think that's what was very well accomplished. So when we first started talking what really stood out in my mind was the commitment of Aruba to a traveler's privacy. And as you led with that you were committed to that, and allowing the traveler to have control over their data. You were also committed to open source and interested in exploring that as well. Can you talk to us a bit more about the role of open source in your innovation. Yeah, for us, especially as a small island. We've had a lot of issues with different vendors, softer vendors. So, especially being in the government, you have this always have connection with a specific vendor. I think open source for us, especially in that part, we I saw it as the government also saw it as being more of open as the word says open, but not to have this vendor locking was important. And I think one thing is also about open source is the community that you have more than just CETA or or in these you have a community behind it that can work and have very well outcome on the situation and communication towards government agent or a small island in our case. And absolutely with with CETA, it was very important also from day one, Adrienne, that this was developed and I think that's also why we're committed and doing sessions like we are today with the implementers working group is we started with open source. We continued with open source, and then I think what was interesting was a year ago when we were in the midst of it all and the thick of it on on the implementation. The opportunity with Linux Foundation Public Health showed up. Do you want to talk more about that. Sure. So, I think adoption really is the key challenge of this centralized identity because well, the model is new and and well you get the value when you have a critical mass. And in order to get adoption, you need trust, of course. And we've seen that well transparency and neutrality is what we need to guarantee that adoption. So the use of open source was then obvious to us and and CETA was was already quite familiar with open source communities and the use of those models. In a sense, CETA also represent a very diverse industry. We, as I said, we represent airline, airport and governments so we need to have all those people communicating to each other. So, as I said, neutrality comes also with open source. So that's why there was, there was really our focus. As if all of what we've done was built on top of open source, it was natural to us that we would give something back, if I can say so. And that's why we donated the code we developed in partnership with the government of Aruba within this year to the open source community. We created Kandia. So that's how really how does this came to the buff. And, and it's today a very active community we meet every every Thursday and it's a, it's very hot warming to see that community growing day after day and the week after week. And it's now, you know, we see more and more companies organizations each to us really joining this group. And we, with partnership with, of course, you had to organize also those interoperations that are also very successful. So we're very, very proud and happy about the path that we've, we've all taken that sign. Well, I think what was interesting, I think are maybe the most emotional part about winning the award last week was you see those images where they talk about progress and it's just that straight line up into the left. And in reality, it's anything but and ours was a story of the loop to lose back and forth of what reality is, and, you know, it took determination and drive at times heroic efforts by all of our teams. So with that award, I think it was the first time we had that moment to say, Oh my gosh, we just went through not only a pandemic together, but we went and pushed ourselves to accomplish a technology that was emerging and make it an absolute reality with people who are not engineers, but who are actually traveling. And with that, I think I learned more about verifiable credentials in the two years of working with both of your teams and I did the entire 10 years prior. And so I think it's really important to hear from both of you, the lessons that you learned along the way. And so maybe we'll start with you Adrian and then we'll go to you Yuri. Sure. So, I think, you know, I'm with you, we learned a lot. And a few listen learn that we can summarize today is first on the data itself. As we, but there you're just enough is perfect so I would recommend for anybody willing to go and implement a solution based on this decentralized identity. Make sure you do your due diligence on data. And also an immigration agency, we need all the data to clear border, because there's a policy in place, all the information contained in, for example, a digital travel credential we need to be to be disclosed. But that's not the case for, for example, an airline, an airline just needs to know you have a valid boarding pass and it matches your identity. But even that can create a problem for an airline to get access to, to more information than this. That's the beauty of variable credential that we should reuse. It's all about selective disclosure and be able to answer question based on a credential. So make sure you, you better you take all the benefit from this, it can really make life simpler. Also, in terms of interoperability, we cannot have world domination plans today. There's a lot of solution that exists, the data on the ship. So make sure your solution works with everything that's that's out there. So focus on standards, focus on, on, on, on being open, I would say, in this solution. Oh, sorry. Yeah, just a first thing which was also interesting learning is there's never a magic in the central identity. Because of value it's all in automation. So you can reach a level where it's automated. And the integration has been performed so it's still 90 projects, as we, as we know it and with all the security assessment and connect the API and do your architecture design review and planning of time for that. So yeah, that was my, my further, let's say an advice. It's not magic and we witnessed every gritty detail along that way, especially I know you're you and your team as well. So do you want to wrap it up on the lessons learned for us and bring us to a close Yuri. Yeah, sure. I think one of the things I learned was trust Heather, because that was a very good lesson here. But, but yeah, exactly like agents say in the data, we are keen on this traveler's privacy, as we are Dutch island and we are not pressured by the GDPR but we have to follow it. So it was very important for us to acknowledge this. And then in in this project itself. It's not magic like agents said, but it's be very agile in different ways we had to move things around and know this team. Sita and in DC were here on the island, just knocking on doors so so it was very. There was a different type of implementation of a project for sure and I think we've. That is something that we learned on it that that following the standard doesn't say you know you don't have to always follow the standard in order to accomplish it for sure. Absolutely it was, let's just say resourceful was a really good word to describe our last two years together. I want to thank you I want to thank the implementers working group for allowing us to present today. I have a couple minutes to take questions hearing might have to drop because he needs to go on to another meeting. But I think Adrian and I can also stay as well for a few minutes to field any questions so sharp back to you. Thank you so much Heather and thank you Adrian Yuri and Heather for such a great presentation. We can open it up to questions if anybody has anything they'd like to ask. What are you using for machine readable governance technology. Well, we actually developed the machine readable governance that you see in the cardio GitHub specifically from this project because in the very early days of Ruben needed to make decisions based on their regulations their requirements their compliance, and they did not want a third party to necessarily make those decisions on their behalf. And so that was the, the actual start of what you now know is machine readable governance, you can pick up that code and watch. You can have that on the DCO YouTube channel there's a whole hour on it, and cardiac dot app there are links to the governance that we use, but maybe Gary before you go you just want to talk a minute about why that was important and then we'll go to Adrian. Yeah, I think I think that that's important because of the business rules and what was really different from all the other pilots that we were running was this switch that you are able to revoke that credential at any time. And it would be, it sounds different but just that the user normally at DCC or a smart health card the user has a QR code. And in this solution, the, the other side has the QR code. So it's a it was a nice switch but it works for the exact for the governance itself and applying a business rule, ever changing three days 24 hours or whenever it had to be it. It was on on on time and correct all because you can revoke this verified credential at any time and run the rules as they as needed was very important. I want to thank you, Yuri. I know that you have your next call, but I'll have Adrian pick up on machine readable governance here. Thank you guys. Bye. Thank you. So, yeah, I would just add to what has been said that the value we've seen machine readable governance was the ability to provide a registry or directory of trusted issuers who is actually entitled to to issue this, this credential and so verify it that also very, very important. Because it has been in the in the air travel community, a very big problem. How do we maintain this registry, who is able to to host it. And who is going to is going to have access to it so that was very fundamental, let's say part of the solution is be able to distribute this registry of trusted issuers and verifiers. And this guarantee also scalability, which is very important because that that can really reach very high levels in terms of number of issuing parties. So, I think that that was a key learning also from that piece. I was wondering, what does the this recent EIC award mean for the project. So EIC means European identity conference. That's the yearly conference that this consulting firm, Couping Girl called posts every year. So they are very active in digital identity and cloud. So we're very, very happy to be part of this. And when when you, first of all, we didn't know we were winning that award till I called out see his name. So what was it went through your mind, Adrienne, as you were looking at the acceptance of that and what it means to the innovation that you've been working on going forward. So really, yeah, that was a surprise and very good surprise. And then immediately in the hours that after after this, this opens a lot of lots of past three. And the first one is about reusing those travel credentials or those identity credential better said into the travel continuum. That border crossing when we travel, let's say a long haul or we go for vacation or business trip. So that's the first part of the first piece that says inspection piece point that we we go through but but then usually you have to rent a car you have to check in at a hotel. You might need to check in at your, you know, an event or convention center. So what we are really now looking into is reduce the, the trust that trust that the drive gone and created when they inspected that identity credential to derive also credentials such as. Yes, I've entered this country and I'm allowed to check into my room, or I have a valid driver license. And, and I can forward this information to the current company, so that really international travel become absolutely seamless. The fact that credentials are reusable brings a lot of value into into that process which is today extremely extremely complex by nature of all those stakeholders involved. Great thank you. There are there are there any other questions from anybody. All right, well Heather and Adrian thank you so much for this discussion it was very interesting and congratulations again on the award must have been very exciting. Thank you. Thank you. Great. So with that we can return to working group updates. Again this is a switched call so we're doing working group updates seconds, I will return to screen share. We can go back to our announcements. Next week in DC is hosting a meetup call on did indeed we had a presentation on this project. And on this call, two weeks ago, but if you're interested in learning more, you can register at the link provided. Okay, as has been mentioned the European identity conference happened since our last meeting and for from Heather and Adrian, we heard a bit about this conference from the perspective of accepting the award for the career project but would you to like to share any of your overall impressions or experience from the conference. Any common threads that came up. So let's go back and start Adrian. There was a dedicated track session around decentralized identity that was built in by EIC and Cooper or call. So I think that was great all of the sessions we had a variety of people from the space presenting all of them are highly attended with We had more more traditional legacy identity providers, specifically they're attending to learn about decentralized identity and that is why they attended the event. I think yesterday cooking or a call published a blog, talking about these are seeing the convergence of these two types of identity technologies happening, and that they're probably more mature than a lot of individuals in this and the larger identity space understand so Adrian what was your take on it. So what I, what I really got from from the conference is that also a lot of people at an interest, and also quite a fascination for decentralized identity. And I think what was, I think, valuable was the fact that we could also provide some lesson learning and concrete written of experience would say or feedback on the case that were that we developed along with the government of So, we, we had a lot of interesting comments discussion, and also the fact that the other vision, it's starting to be to be shaped, starting to turn into into a reality, tangible reality. So I think that's that's extremely pleasant to see. And, and we hope that now that we are making a step forward, also organizations and group will jump into the train, I would say, to promote really the use of this identity to to solve those complex problems of, well, identity sharing between multiple organizations. Thank you for for sharing your impressions it sounds like a great success in the conference. Are there any other announcements that I'm missing in general for the space that anybody's aware of. All right, if there are no more announcements, we can move on to the working group updates for the main identity working group we reported on their April meeting in our previous meetings. Let's see, Indie contributors. In their last meeting they went over progress on the Indie areas shared components and they showed their load test results and also put out a call for resources on completing the did the Indie open to 20.04 upgrade. If you're interested in getting involved and putting in time on this project I'm sure that would be very much appreciated. As we've said on previous calls the did Indie method meetings have been merged back into the regular Indie contributors meeting which have have gone back to their regular time. All right areas working group meetings. Let's see. Anybody join this call would like to report. In their meeting yesterday, they discussed fully qualified did device binding push notifications and a non kids terminology in the areas by fold user group meeting. They've been working on peer to peer connections and going over their framework documentation. So there's links here if you'd like to learn more areas cloud agent Python meeting. I usually attend this one but I was out of the office so I missed this one. Still, still getting ready to release 074. I believe it's released candidate to that is out currently. It's being tested. And then, so just figuring out those PRs which ones go in the release, and then persistent cues as well. Let's see. Aries framework go they've mainly been going over work updates. More links here if you'd like to investigate further into those PRs. And then framework JavaScripts. In the last meeting they discussed the merging of issue credential the to and out of band did exchange, and then EBS, I support for AFJ. So lots of great work happening there. Hyper ledger Ursa. They, as far as I can tell they haven't met in the past few months. Hyper ledger working group updates that I'm missing that anybody's aware of. All right, we can move on to the trust over IP foundation. Let's see. We had the all members meeting yesterday was anyone involved in that meeting who would like to share about it. Yeah, sure the big component of it is one that you already went over the EIC and you know, you know the, it was a success. Similar to what Heather was saying, that there's a lot of interest in decentralized identity and its intersection with. Yes, especially federated. And trust over IP was very happy with what it did and, you know, initially, there was a request for trust over IP to to speak with the game, the global gosh was a stand for identity network. And there was hesitation there but ultimately, there was trust over IP represented represented in the in the game discussion but yeah that was, I think that was about it. Thank you. That seems like a lot of our groups have been reporting on the European identity conference and discussing what happened there so thank you for that update. All right, let's see moving on to the, the trust of IP working groups in the communications committee. I can tell they haven't met since we last met so I think we've reported on them. The governance stack they met last week and mainly discussed the status of the work of the of the task forces. And Scott Perry also talked about the governance 101 webinar from conception through governance documentations. The recording is there if you are interested to learn more. The technology stack working group they met this week and again reported on task force updates discussed the potential for a task force on AI and trust, and also discussed EIC. Their, their current focus is the to IP technology architecture specification v one. All right, the utility found reworking group. They're again working on the public utility directory and document called a framework for evaluating layer one utilities, and it looks like they're beginning a new collaboration to focus on layer one governance task force that will put a template for layer one governance framework. And then in the ecosystem foundry group, they had a presentation from Steven Kern on a model of ecosystem governance under development concepts and terminology group. They met last week and talked about this terminology toolbox proposal, which I've linked if you'd like to learn more. So any other to IP announcements or working groups that anybody would like to share. All right. Next up is the decentralized identity foundation in the diff did come working group. They are mainly going over PR review issue sorting and planning. Here's a specific pull request that's linked if you'd like to learn more. The did come users group this unsink meeting. That is held over discord. In their meeting yesterday they discussed a GitHub action problem on did come.org analyzing digital web node, and did come as a control channel is a potential metaphor. Let's see the diff interoperability group. They met several weeks ago and reported on IAW. They've listed that their next meeting will not be until June 8. The wallet security working group. I don't believe that that since we last met unless anybody has other information. Let's see, are there other diff working group updates or says updates that anybody would like to share. Let's see, moving on to the sovereign foundation. Is anybody involved in any of these meetings or I don't believe they've met since early February. And then the W3C standard. And based on their, their meeting notes and what they have online I wasn't able to see that they met more recently than us so. Are there any other working group status updates that anybody would like to share. We've kind of breeze through these today so if anybody wants to jump in you're welcome to. I have a question in the chat can I use did come in the areas toolbox. Yes, that is what we use for establishing or sending messages forming connections in the areas toolbox and toolbox plugin more recently. The exchange has been implemented for forming those connections as an alternative to did come but so those are both options. All right, I guess we've were potentially ending a bit early because we've had fewer working group updates this week but does anybody have any other questions or updates or anything they'd like to share for the group. Thank you so much for sharing your behalf char that you're going to be presenting next week at noon Eastern time with Daniel bloom, taking a deep dive on the did indeed methods so that's something that folks are interested in. You'll be doing that. Yeah, thank you for mentioning that. And the link is is here on this wiki page which I will send out again. If you are interested in registering for that. Thank you for mentioning that. And one last question in the chat here. How does the mediator work in the demo of the areas toolbox. That is a great question. There is a protocol for the mediator in the areas toolbox I know I think there's been some work done on it recently to work out bugs. I'm not sure the exact status of that. So I know that it's a possibility. I'm not sure if it is working in this moment. So, but I can look into that and get back back to you on that. Great. Well, thank you, Adrian Heather and Yuri. For your presentation. Thank you all. Thank you to everybody who jumped in with working group updates and reporting on the European identity conference. Thank you so much for joining today and we'll see you all in two weeks. Thank you. Thank you. Thank you.